Handling personal information
These notes describe how the website is managed in terms of handling the personal details of the people who use it.
The information complies with General Regulation on Data Protection - Regulation (EU) 2016/679 regarding protection of personal details, and is intended for those who make use of Emmetec web-based services. The services can be accessed through the website address:
These notes provide information regarding data in the form of words, the ways in which ORPAV handles such data, and how the users involved can exercise their rights under law.
Responsibility for data handling
The data provided by the user are stored on electronic databases owned by Orpav s.r.l., whose Manager in charge, as well as Data Controller, is the Sole Shareholder pro tempore.
Place of data handling
The handling of data relating to website services takes place at the above-mentioned head office of ORPAV. Such operations are carried out by technical personnel specialised in data handling, or by other technicians assigned to perform occasional maintenance tasks.
Information deriving from web services
The personal information provided by users who request material to be sent to them or who put their names forward as candidates (curriculum vitae, etc.) is used only in order to provide the service, or to carry out the request, and is communicated to third parties only in cases where it is necessary to do so for such purposes
DATA COLLECTED FOR THE provision OF THE PURCHASED SERVICES
The data requested when ordering (order summary page) correspond to the data held by ORPAV, with the exception of subsequent modifications or additions communicated by other means (telephone, e-mail, fax, letter by post, etc.). The data include company name and / or name-surname, address, province (if Italy), ZIP code, city, country of residence, landline phone, mobile phone, e-mail address, in addition to identification tax data (tax code or VAT number).
Data handling system
Personal information entering the system is handled by automated tools for the period of time strictly required to carry out the operations requested. Specific security measures are employed to prevent loss of data, illicit or incorrect usage, and access by unauthorized users
Types of data and aims of handling
During normal operations, the computer systems and the software procedures used for the website acquire items of personal data from users who connect to the site; the flow of such data is implicit in the use of Internet communication protocols. These items of information are not collected in order in order to identify the people involved, but by their very nature they might make it possible to identify such users, through processing and association with data held by third parties. This category of data includes IP addresses or the dominion names of the computers used to access the website, the URI addresses (Uniform Resource Identifier) of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code showing the status of the reply given by the server (OK, error, etc) as well as other parameters relating to the operating system and the user's computer. These data are used only to obtain anonymous statistics on the use of the site, and to check that it is working properly. Such data might be used to investigate responsibility in cases of illegal computer operations which damage the site; except for this possibility, the current policy is not to retain web-contact data for more than seven days.
Details provided voluntarily by users
Sending emails to the addresses shown on this website leads to the acquisition of the sender's address, which is required for the reply, as well as any other items of personal information included in the message. Specific warning notices are shown or displayed on the website pages which are made available for requesting particular services.
No personal information about users is deliberately acquired by the website. Cookies are not used to transmit data of a personal type, nor are persistent cookies of any type used - in other words, systems for tracing users. The use of what are known as session cookies (not memorised permanently on the user's computer since they vanish when the browser is closed) is strictly limited to transmitting session identifiers (made up of random numbers generated by the server) required to make site navigation secure and efficient. The session cookies used on the website make it possible to avoid using other computer techniques (which might compromise the user's privacy during website navigation) and do not allow acquisition of personal data identifying the user.
Providing information is optional
Except for navigation data, users are free to provide or not provide personal details in their contacts with ORPAV in order to request material or other communications, or to make use of the services available on the site. However, not providing such information may make it impossible to meet the request.
The people to whom the personal data refer are entitled, at any time, to obtain confirmation of the existence or otherwise of such data with the body responsible for data handling, and to find out the content and the origin, to check the exactness of the data or to request integration or updating or rectification. According to the GDPR, users are entitled to request cancellation, transformation in anonymous form, or to block data which has been obtained illegally, and they can refuse, for legitimate reasons, to allow such data to be processed. Any requests should be sent to the head of Sales department at ORPAV operating headquarters in Ternate (Varese, Italy) via Stazione 8, where the updated list of other people in charge is available for consultation.
Please note that the full text of the General Regulation on Data Protection - Regulation (EU) 2016/679, is available at the following address:
Legnano (Italy), May 2018