REVOSTEEL

Privacy Policy

RevoSteel Building S.p.A., as Data Controller, wishes to provide the following specific information regarding the management methods of its website (https://www.revosteelbuilding.com) with reference to the processing of personal data of users who consult it. This notice is also provided pursuant to Article 13 of EU Regulation 2016/679 ("GDPR" or "Regulation").

LEGAL REFERENCES

  • Directive 2002/58/EC concerning the "processing of personal data and the protection of privacy in the electronic communications sector";
  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation);
  • Legislative Decree no. 196 of 30 June 2003 "Personal Data Protection Code", as amended by Legislative Decree no. 101 of 10 August 2018.

DATA CONTROLLER

The Data Controller is RevoSteel Building S.p.A., with registered office in Milan, via Fratelli Gabba no. 3, email address: privacy@revosteelbuilding.com.

PLACE OF DATA PROCESSING

The processing connected to the web services of this website takes place at the aforementioned company headquarters and at the offices of other third parties, specifically appointed as Data Processors pursuant to Article 28 GDPR, who provide outsourced services.

TYPES OF DATA PROCESSED

Browsing data

The computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified individuals, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server response (successful, error, etc.), and other parameters related to the user's operating system and computing environment. These data are used solely for the purpose of obtaining anonymous statistical information on the use of the site and checking its proper functioning, and are deleted immediately after processing. The data could be used to establish liability in the event of hypothetical computer crimes against the site.

Data provided voluntarily by the user

The optional, explicit, and voluntary provision of personal data by the user through the registration forms on this site or by calling any phone numbers listed on the site results in the subsequent acquisition of the data provided by the sender, necessary to provide the requested service or information.

Anonymous or aggregated data

Anonymization is a processing method designed to prevent the identification of the data subject. Data rendered anonymous do not fall within the scope of data protection legislation. Aggregated data may derive from personal data provided by the user but are not considered personal data because they do not allow—neither directly nor indirectly—the identification of the data subject.

COOKIES

Please refer to the Cookie Policy available at www.revosteelbuilding.com/en/cookie.html for more information about the cookies we use and to modify previously expressed preferences.

PURPOSE AND LEGAL BASIS OF PROCESSING

Personal data will be processed for the following purposes:

  1. To allow navigation and consultation within the site.
    The legal basis is consent, deemed manifestly given through the consultation of the site (Art. 6, para. 1, letter a) GDPR).
  2. Purposes related to the provision of requested services (including sending the Manual).
    The legal basis is consent, deemed manifestly expressed through the completion of the form and submission of the request (Art. 6, para. 1, letter a) GDPR).
  3. Purposes related to sending commercial communications.
    The legal basis is consent (Art. 6, para. 1, letter a) GDPR).
  4. Defensive purposes in case of misuse of the site or attempted fraud.
    The legal basis is legitimate interest (Art. 6, para. 1, letter f) GDPR).

LINKS TO OTHER WEBSITES

This site may contain links or references to other websites. Please note that the Data Controller does not control the cookies or other tracking technologies of such websites, to which this Policy does not apply. We therefore suggest consulting the respective privacy policies of those websites.

PROVIDING DATA

Except for browsing data (necessary for the proper functioning of the site), users are free to provide their personal data. However, failure to provide such data may make it impossible to obtain the requested services.

CONTROL OVER YOUR PERSONAL DATA

You may choose to restrict the collection or use of your personal data at any time. For example, if you previously consented to the processing of your personal data for marketing purposes, you may change your mind at any time by writing or emailing us at privacy@revosteelbuilding.com. The company will not sell or distribute personal data to third parties unless explicit and freely given consent has been obtained from the data subjects or unless required by law. With prior consent, personal data may be used to send commercial communications.

PROCESSING METHODS AND RETENTION PERIOD

Personal data are processed using automated tools for the time strictly necessary to achieve the purposes for which they were collected. In particular, with reference to personal data processed in the execution of a sales contract, the Data Controller will retain the data for ten years from the conclusion of the contract, i.e., until the limitation periods for contractual actions have expired. Data may be retained for longer if required by law or necessary for the Data Controller to defend its rights in legal proceedings. Personal data processed for marketing purposes based on consent will be retained until the consent is revoked; profiling data will be retained for 12 (twelve) months. Purchase-related data processed for loyalty program participation will be retained for 3 (three) months if the loyalty card is disabled and for 12 (twelve) months if the card is unused. Specific security measures are applied to prevent data loss, unlawful or incorrect use, and unauthorized access. The Data Controller, inspired by international standards, has also adopted further security measures to minimize risks relating to the confidentiality, availability, and integrity of collected and processed personal data.

DISCLOSURE, COMMUNICATION, AND DISSEMINATION OF DATA

Collected data may be transferred or communicated to other companies, specifically appointed as Data Processors, for activities strictly connected to the purposes indicated above and instrumental to the service operation, such as IT system management, debt recovery, marketing activities, electronic communication services. Outside these cases, personal data will not be communicated or disclosed unless contractually required or authorized by data subjects. Personal data may be transmitted to third parties only if:

  • explicit consent has been given;
  • sharing is necessary to provide the requested service;
  • required by judicial or law enforcement authorities.

No data deriving from the web service is disseminated.

TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

Personal data will not be transferred to third countries, meaning countries outside the European Union or the European Economic Area. If such a transfer occurs, the Data Controller declares and guarantees compliance with Articles 44 et seq. GDPR.

DATA SUBJECT RIGHTS

Data protection laws grant certain rights to individuals whose data are processed. Pursuant to Articles 15 et seq. of Regulation (EU) 2016/679, each data subject has the right to obtain confirmation of whether personal data concerning them exist and, if so, access such data, request rectification, erasure, restriction of processing, data portability, and object to processing.
To exercise these rights, the user may contact the Data Controller by sending a registered letter to the address indicated or an email to privacy@revosteelbuilding.com or to the Data Protection Officer at privacy@revosteelbuilding.com.

RIGHT TO LODGE A COMPLAINT

Data subjects who believe that their personal data are being processed in violation of GDPR have the right to lodge a complaint with the Supervisory Authority, pursuant to Article 77 GDPR.

CHANGES TO THIS PRIVACY POLICY

The Data Controller periodically reviews its privacy and security policies and may revise them in relation to legislative, organizational, or technological developments. In case of changes, the new version will be published on this page.

LAW AND JURISDICTION

The interpretation and enforcement of these terms are governed by Italian law. The Court of Milan (MI), Italy, will have exclusive jurisdiction for any dispute related to these terms. The Data Controller reserves the right to seek urgent relief from any court, including abroad, to protect its interests and enforce its rights.