Informativa Privacy

This document (“Information Notice”) is intended to provide you with information regarding the processing of information, as specified below, that will be provided by you or otherwise available at our facility and that will be processed by the same and/or by other entities identified for the purposes indicated below. The Information Notice, in particular, is provided pursuant to EU Regulation no. 679/2016 (“GDPR”) and subsequent national adaptation provisions (jointly with the GDPR hereinafter “Applicable Regulations”).

1. Identity and contact details of the Data Controller

The Data Controller, pursuant to Articles 4 and 24 of EU Regulation 2016/679, is LINERGY srl, with registered office in Via California, 21 – 63066 GROTTAMMARE (AP), VAT number 01459960447, telephone number 0735-5974, email info@linergy.it, in the person of the legal representative pro-tempore (hereinafter “Data Controller”).

2. Contact details of the Data Protection Officer (so-called “RPD-DPO”)

The Data Controller does not carry out activities that require the designation of the figure of the Data Protection Officer.

3. Purpose and legal basis of the processing

The Personal Data collected will be processed for the purposes and pursuant to the legal bases set out below:

4. Categories of personal data processed

Within the limits of the purposes and methods described in this Policy, information may be processed that can be considered as "Personal Data", which includes your personal details, your contact details (such as, for example, name, reference company, location of the system to be monitored, telephone/mobile numbers, e-mail address, etc.), and all other data necessary to monitor the parameters of the controlled system, receive notifications when certain events occur, interact directly with the interface of the control unit remotely (such as, for example, login user and password, IP address, operating system in use, etc.). Users who download the App dedicated to the service from the Google Play Store, in order to unlock certain features (e.g., checking the data of the system being monitored), are asked to activate the Bluetooth system of the terminal. The Android operating system, sometimes, when requesting Bluetooth activation also requests the activation of the geolocation system (GPS), however, no tracking or recording of the user's positioning is carried out by the Data Controller. Some control systems of the installed systems (e.g., control units) could, if connected to the company IT network, periodically send information, exclusively technical (e.g., operating anomalies, fault warnings, etc.), to the maintenance and assistance system of the Data Controller. Such information is to be considered exclusively technical data and not personal data except to the extent that they can be associated with the system that generated them and therefore with the owner of that system.

5. Recipients and categories of recipients

Personal data will not be disclosed or made known to unspecified subjects. They may instead be communicated to well-defined subjects, in full compliance with legal requirements, for purposes strictly related to those previously indicated. Any access to your personal data is limited to subjects authorized by the Data Controller. Communication to the identified recipients, only if involved and functional, is linked to the achievement of the purposes referred to in the previous point 3. Therefore, the personal data collected and processed may be:

1. used anonymously for statistical purposes;
2. made available to the Data Controller's collaborators, as Managers or persons authorized to process personal data;
3. communicated to third parties, natural or legal persons, Public administrations, professionals, law enforcement agencies, government bodies, regulatory bodies, courts, or other public authorities authorized by law;
4. where necessary, transferred to another Data Controller as provided by the GDPR, including with regard to the right to data portability.

Information may also be communicated whenever communication is necessary to comply with requests from judicial or public security authorities. The collected data will not be disseminated under any circumstances.

The list of data processing managers is available at the Data Controller's registered office.

6. Transfer of data abroad

Data will not be transferred outside the European Union.

7. Data retention period

The retention period is outlined below:

8. Methods of data processing

The processing of Personal Data will take place using manual, IT, or telematic tools, suitable for ensuring their security and confidentiality and will be carried out by personnel duly instructed in compliance with the Applicable Regulations. There is no automated decision-making process.

If it becomes necessary to contact you for reasons related to the management of your position, you may be contacted by email, SMS, instant messaging systems, or any equivalent electronic means or by paper mail or operator calls to all the contacts provided. If you prefer to be contacted only through one or some of these means, you can make an explicit written request to the Data Controller.

9. Rights recognized to you

You are informed that you can exercise your rights recognized by the Applicable Regulations, including, for example, the right:

1. to access your Personal Data and know its origin, purposes, and purposes of the processing, data of the subjects to whom they are communicated, the data retention period, or the criteria useful for determining it (art.15);
2. to request their correction (art.16);
3. to request their deletion (“oblivion”), if no longer necessary, incomplete, erroneous, or collected in violation of the law (art.17);
4. to request that processing be limited to a part of the information concerning you (art.18);
5. to know the recipients to whom personal data is transmitted (art.19);
6. to receive in a structured format or transmit to you or third parties the information concerning you (so-called “portability”) or those that you have voluntarily provided (art.20);
7. to object to their processing based on legitimate interest (art.21);
8. and to revoke your consent at any time, in the event that this constitutes the basis of the processing (revocation of consent, however, does not prejudice the lawfulness of the processing based on consent carried out before the revocation).

The above rights can be exercised by written request addressed to the Data Controller at the contacts indicated in point 1.

The Data Controller must proceed accordingly without delay and, in any case, no later than one month from receipt of the request. The term may be extended by two months if necessary, considering the complexity and number of requests received by the Data Controller. In such cases, the Data Controller will inform you within one month of receiving your request and make you aware of the reasons for the extension.

If you believe the response to your requests is unsatisfactory, you can contact and file a complaint with the Data Protection Authority (http://www.garanteprivacy.it/) as provided by the Applicable Regulations.

This Information Notice may be modified or simply updated, in whole or in part, also considering changes in the law or regulations governing the protection of personal data. Changes and updates will be communicated to the interested parties as soon as they are adopted, in the manner (and to the contacts) indicated in point 8.

Updated on 08/06/21.