Privacy Policy

In accordance with Article 13 of the European Regulation 679/2016 on the protection of personal data, so called “General Data Protection Regulation” (“GDPR”), we wish to inform you that this website (hereinafter, “Site“) collects personal data of the users who visit this Site (hereinafter, “Users“).

Data Controller

The data controller (hereinafter, “Data Controller“) of your Personal Data is DS Group S.p.A., with registered office in Corso Venezia 36, 20121 – Milan (MI), in the person of its pro-tempore legal representative.

For any information and/or request relating to the processing of personal data on the Site, the Data Controller can be reached both at the postal address given in the previous lines, and at the following e-mail address: privacy@dsgroup.it.

The Data Controller acknowledges that it has appointed its Data Protection Officer (‘DPO’), who can be contacted at dpo@dsgroup.it.

Types of Data Collected

Personal Data may be freely provided by the User (e.g. when sending requests via forms or contacting e-mail addresses on the Site) or, in the case of usage data, automatically collected during the use of this Site.

The computer systems and software procedures used to operate this site also acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.

These data, necessary for the use of web services, are also processed for the purpose of:

– obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or per day, geographical areas of origin, etc.);
– monitor the proper functioning of the services offered.

Browsing data are not retained for more than seven days (except in the case of criminal investigations by judicial authorities).
This Site uses cookies, i.e., small text files that the sites visited by users send to their terminals, where they are stored and then retransmitted to the same sites on subsequent visits. For more information on the use of cookies, please see the Cookie Policy.

Sending messages via the appropriate forms on the Site (e.g., ’Book a Demo”) entails the subsequent acquisition of the data provided by the User.

Method and location of data processing

The Data Controller takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of personal data. The processing is carried out using computer and/or telematic instruments, with organisational methods and logics strictly related to the purposes indicated. The data are processed by persons authorised to process the data involved in the organisation of this Site (e.g. administrative, sales, marketing, legal, system administrators) or by external parties (e.g. third party technical service providers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as data processors (hereinafter, “Data Processors“) by the Data Controller (pursuant to Article 28 of the GDPR). The updated list of Data Processors can always be requested to the Data Controller. Personal Data may also be disclosed, in accordance with the law, to police forces, judicial authorities, information and security bodies or other public entities for purposes of defence or state security or the prevention, detection or repression of crimes.

Place

The Data are processed at the Data Controller’s offices and in any other place where the parties involved in the processing are located. Users’ Personal Data may be transferred to third countries that guarantee an adequate level of security in respect to European standards and for which an adequacy decision has been issued by the European Commission pursuant to Article 45 GDPR or only where, except where exceptions apply under Article 49 GDPR, the Data Controller has signed with third parties intending to receive data and having locations in non-EU countries that do not provide the same level of security as European standards, standard contractual clauses or another appropriate instrument pursuant to Article 46 GDPR, supplemented with any additional security measures.

Legal basis and purpose of Data Processing

The processing of the User’s Personal Data by the Data Controller on the Site has the following purposes and legal basis:

a) pursue, in accordance with Article 6.1(f) of the GDPR, a legitimate interest of its own, consisting in the management and operation of the Site, as well as in order to ensure the security of the Site and the information exchanged on it, i.e. the ability of that Site to withstand, at a given level of security, unforeseen events or unlawful or malicious acts that compromise the availability, authenticity, integrity and confidentiality of the personal data stored or transmitted and the security of the related services offered or made accessible;

b) to process requests for information transmitted via the appropriate forms published on the Site pursuant to Article 6.1(b) of the GDPR.

Consequences of refusal to provide data

The provision of data for the purposes set out in the paragraph above is mandatory and is functional to the pursuit of the purposes described in the previous paragraph. Any refusal by the User to such processing would therefore make it impossible to operate the Site or to respond to the User’s request for information.

Data retention period

The User’s personal data shall be processed by the Controller for the time needed to carry out checks for any unlawful acts committed on the Site, in the case of the purposes set out under a), as well as for the time needed to reply to the User’s request for information, for the purposes set out under b).

User Rights

The User is guaranteed the rights set out in Articles 15 et seq. of the GDPR, consisting essentially of the right to receive information from the Data Controller regarding the existence of the processing of one’s personal data, as well as to access one’s own data, to have them corrected, supplemented, updated or deleted; each data subject shall also have the right to obtain a copy of his/her data, to obtain a restriction of the processing and/or to object to their processing, as well as the right to data portability and to lodge a complaint with the Italian Data Protection Authority, according to the procedures and directions published on the Authority’s website, available at https://www.garanteprivacy.it/.

To exercise these rights, the User may send a communication to the Data Controller at the address indicated in the header of the page by registered letter with acknowledgement of receipt or by e-mail to the address: privacy@dsgroup.it or by contacting the Data Protection Officer at dpo@dsgroup.it.

Further information on

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this Site and, where technically and legally feasible, by sending a notification to Users via one of the contact details held by the Data Controller.

Last updated date: 23.10.2024