Information statement on personal data processing.

In force as of 6-10-2023

PREMISE

This information statement refers to provisions set forth in (EU) Regulation 2016/679 of the European Parliament and Council of 27 April 2016 (GDPR) and the Privacy Code (Italian legislative Decree no. 196, 30 June 2003). The document has also been prepared on the basis of Personal Data Protection Authority Guidelines (in particular, guidelines for counteracting spam issued by the Personal Data Protection Authority on 4 July 2013).

Data controller: Mauro Franzoni

Website to which this privacy policy refers: www.keminova.com (Website).

The Data Controller has also appointed a DPO (Data Protection Officer), tasked with ensuring Data Controller GDPR compliance.

GENERAL INFORMATION

This document described how the Data Controller processes personal data you submit on the Website.

The main ways in which your personal data are processed are described here below. In particular, the following aspects are explained: the legal basis of processing, whether conveyance is mandatory, and the consequences of not submitting personal data. In order to describe your rights in the best possible way, whenever necessary we have specified whether and when a certain type of personal data processing is not executed.

Registering on the website

The website does not provide the option of registering. Therefore, the Data Controller does not process your personal data for this purpose.

Purchases on the Website

It is not possible to make purchases on the website. Therefore, your personal data will not be processed for this purpose. The Data Controller will not process user data for the purpose of sending “reminder” emails for the purchase of products and/or services.

Responding to your requests

Your data will be processed in order to respond to your requests for information. Provision is optional, however the Data Controller will not be able to respond to your queries if you refuse to do so. The legal basis of processing is the Data Controller’s legitimate interest in following up the user’s requests. This legitimate interest is equivalent to the user’s interest in receiving a response to correspondence sent to the Data Controller.

General Marketing

The Data Controller will not send you advertising material and/or newsletters regarding own or third party products.

Profiling

The Data Controller does not use your personal data for profiling purposes. Therefore, they will not send you advertising material and/or newsletters regarding own or third party products of specific interest to you.

Data transfer

The Data Controller does not transfer your personal data to third parties.

Geolocalisation

The website does not implement tools for user IP address geolocalisation purposes.

Curriculum Vitae

You can send your Curriculum Vitae through the website. Your Curriculum Vitae will be examined by the Data Controller or professionals duly appointed by them for this purpose. The purpose of processing is the Data Controller’s legitimate interest in examining the document for employment or contracting purposes. This interest is equivalent to your interest in being contacted by the Data Controller for this purpose. Data will be stored until the expiry of the selection period and in any case never longer than for a 6-month period, from the sending of your curriculum vitae. Provision is optional, however failure to do so will mean the Data Controller will not be able to contact you.

The booking of appointments

No third party systems for the booking of appointments with the Data Controller are implemented on the website. Therefore, your data will not be processed for this purpose. In any case, you can always contact the Data Controller using the contact details provided in the epigraph.

Personal data disclosure

Within the scope of their ordinary duties, the Data Controller may disclose your personal data to certain categories of persons or entities. The list of persons or entities to whom the Data Controller may disclose your personal data is provided in article 2. In order to facilitate the protection of your rights, article 2 may in certain cases specify when your data are not disclosed to third parties.

“Disclosure” to third parties of personal data is different from “transfer” (regulated by the point above). In the case of disclosure, the third party to whom data is disclosed may only use data for the specific purposes described in their relationship with the Data Controller. In the case of transfer, the third party becomes the autonomous Data Controller of personal data. Moreover, your consent will always be requested for the transfer of your personal data.

Without prejudice to the aforementioned, it is understood that the Data Controller may in any case use your personal data to ensure correct compliance with obligations set force in legislation in force.

SPECIFIC PRIVACY INFORMATION STATEMENT

Art. 1 Processing method

1.1 Your personal data will mostly be processed with the use of electronic or in any case automated means, using suitable procedures and equipment to ensure personal data security and confidentiality.

1.2 Acquired information and processing methods will pertain to and never diverge from the type of services provided. Your data will also be managed and protected in safe computerised environments, adequate for the circumstances.

1.3 “Special data” will not be processed through the Website. Special data are those which may reveal the racial and ethnic origin, religious, philosophical or any other convictions, political opinions, membership in a party, trade union, associations or organisations of a religious, philosophical, political or trade union nature, health state and sex life.

1.4 Judicial data will not be processed through the Website.

Art. 2 Personal data disclosure

The Data Controller may disclose your personal data to certain categories of persons or entities. The persons and entities to whom the Data Controller reserves the right to disclose your data to are listed here below:

  • The Data Controller may disclose your personal data to all persons or entities (including Public Authorities) that have access to personal data due to regulatory or administrative provisions.
  • Your personal data may also be disclosed to public and/or private legal persons or entities (legal, administrative and fiscal consultancy firms, Court Services, Chambers of Commerce, trade union headquarters and offices, etc.), should disclosure be necessary or functional to the correct fulfilment of statutory obligations.
  • The Data Controller will avail themselves of staff and/or contracted professionals for all purposes. For the purposes of correct Website operation, the Data Controller may disclose your personal data to said staff and/or contracted professionals.
  • The Data Controller does not avail themselves of companies, consultants or appointed professionals for the installation, maintenance, updating and in general, the management of the Data Controller’s hardware and software. Therefore you data will not be disclosed to these categories of persons or entities. The Data Controller does not avail themselves of CRM platforms (companies for the sending of automatic notifications to users). Therefore you data will not be disclosed to such companies.
  • The Data Controller does not avail themselves of external companies for the provision of customer care services. The personal data of buyers are not disclosed to couriers or dispatchers.
  • The Data Controller reserves the right to modify the list above based on own ordinary operations.
  • Therefore, you are invited to regularly read this information

statement to check which subjects the Data Controller discloses your personal data to.

Art. 3 Personal data conservation

3.1 This article describes for how long the Data Controller may reserve the right to conserve your personal data.

  • Your personal data will only be conserved for a period of time necessary for the correct provision of services available through the Website.

3.2 Without prejudice to article 3.1, the Data Controller may conserve your personal data for the period of time requested by specific legislation, as amended on a time to time basis.

Art. 4 Personal data transfer

4.1 The Data Controller is based in a Country with an adequate level of legislative safety. Should your personal data be transferred to a non-EU Country and for which the European Commission has expressed an adequacy decision, transfer is in any case considered to be safe in regulatory terms. This article, 4.1, indicates the Countries to which your personal data may be transferred and for which the European Commission has issued an adequacy decision.

  • Therefore, the user is invited to regularly read this article to ensure their personal data is transferred to a Country with these characteristics.

4.2 without prejudice to article 4.1, your data may also be transferred to non-EU Countries for which the European Commission has not issued an adequacy decision. Therefore, you are invited to regularly read this article, 4.2, to check which of these countries your data may have been transferred to.

4.3 In this article the Data Controller indicates the countries to which its business is specifically directed. This circumstance may imply application of reference country legislation, together with legislation governing the relationship with the user, based on what is specified in the Premise.

  • Upon the user’s request, the Data Controller will apply the most favourable regulations provided for in the user’s national legislation.

Art. 5. Rights of the data subject

The Data Controller informs you of your right to:

  • request the following from the Data Controller: access to personal data, amendment or erasure of said data, or limitation of processing regarding them, or object to their processing, in addition to the right to data portability
  • withdraw your consent at any time, without compromising the propriety of processing based on consent granted prior to withdrawal
  • submit complaints to a personal data protection authority.

the aforementioned rights can be exercised without formalities simply by getting in touch using contact details provided in the Premise.

Art. 6. Modifications and miscellaneous

The Data Controller reserves the right to modify this information statement at any time and provide suitable notification thereof to users of the Website, in any case ensuring adequate and equal levels of personal data protection. Please read this information statement regularly to view any modifications. If any significant modifications are made to this privacy information statement, the Data Controller may also send notification by email.