Privacy Policy

INFORMATION REGARDING THE PROCESSING OF PERSONAL DATA PURSUANT TO ART.
13 OF REGULATION (EU) 2016/679 (GDPR) AND NATIONAL LEGISLATION IN FORCE

Please be informed that the personal data you provide visiting this website https://www.coppermoulds.com/ (“Site”) will be processed by EM MOULDS S.P.A., which, as Data Controller, has implemented appropriate technical and organizational measures to ensure their protection.
Personal data is information regarding an identified or identifiable natural person (“data subject”).
“Processing” means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, storage.

In view of the importance accorded to the protection and security of the data subjects to whom such data refers, the Data Controller has appointed a Data Protection Officer (“DPO”), according to art. 37-39 of the GDPR. The DPO may be contacted for matters relating to the data processing, including the exercise of data subject’s rights, at dpo.emmoulds@coppermoulds.com.

Which personal data we process, why we do it (legal bases and purposes) and how long we store them
We process personal data that does not belong to special categories (internet protocol (IP) address, type of browser, parameters of the device used to connect to the Site, name of the internet service provider (ISP), date and time of visit, web page of origin of the visitor (referral) and exit) to allow you to use the services offered by the Site.
The provision of this user information (so-called browsing data) is mandatory and data are stored in the server log files (hosting) of the Site and are used for statistical and analytical purposes, only in aggregate form. The IP address is used only for safety reasons and is not cross-referenced with any other data.
The data collected by the Site during operations are stored for the time strictly necessary to carry out the specified activities: the data (IP address) used for Site security purposes (e.g.: blocking attempts to damage the Site) are stored for 30 days. Data for analytics (statistical) purposes is stored in aggregate format for 24 months.

Who will have information regarding your data?
Personal data will be processed by authorized personnel, duly trained and operating under the authority and responsibility of the Data Controller. We also use qualified service providers to operate, optimise and secure our Site. Within the scope of data processing, we transfer your data to service providers who support us in the operation of our website and the associated processes. These include, for instance, hosting service providers, web designers, IT service providers and consent management platforms.

Our Site also features special “buttons” (called “social buttons/widgets”), showing the icons of social networks (e.g. LinkedIn and Youtube). These buttons allow users browsing websites to interact by clicking directly with those social networks. In this case, the social networks acquire the data relating to the user’s visit, whilst the Data Controller will not share any browsing information or data of the user acquired through its website with
the social networks that can be accessed thanks to the social buttons/widgets.

Where are your data processed?
We make a point of processing your data within the EU/EEA. However, we may also use third-party services that process data outside of the EU/EEA. In such cases, we ensure that the recipient establishes an appropriate level of data protection comparable to the standards within the EU before your personal data is transferred, according to Art. 44, et seq. GDPR.

What are your rights and who do you need to contact to exercise them?
Your rights pursuant to articles 15-22 GDPR encompass the following:
– Right to access
– Right to rectification
– Right to withdraw consent
– Right to erasure
– Right to restriction of processing
– Right to object to processing
– Right to data portability
– Rights in relation to automated decision-making and profiling

At any time and free of charge, with no particular formalities for your request, you can:
– obtain confirmation of the data processing performed by the Data Controller;
– access your personal data and know their origin (when the data is not obtained from you directly), the purposes and aims of the processing, the data of the subjects to which it will be disclosed, the time for which your data will be kept or the criteria useful to determining this;
– update or rectify your personal data so as to ensure that it is always exact and accurate;
– erase your personal data from back-up and other databases and/or archives of the Data Controller if, amongst other situations, it is no longer necessary for the purpose of the processing or if this is assumed to be unlawful and as long as the legal conditions are met; and in any case if processing is not justified by another equally legitimate reason;
– limit the processing of your personal data in some circumstances, for example where you have challenged its exactness, for the period necessary to the Data Controller to verify its accuracy. You must be informed, in time, also of when the suspension period has expired or the cause for the limitation to processing ceased applying and, therefore, said limitation has been revoked;
– obtain your personal data, if received or processed by the Data Controller with your consent and/or if its processing takes place in accordance with a contract and using automated tools, in electronic format, also so as to send it to another data controller.

The Data Controller must proceed in this sense without delay and in any case at the latest within a month of receiving your request. The terms may be extended by two months, if necessary, considering the complexity and number of requests received by the Data Controller. In these cases, the Data Controller shall, within a month of your request, inform you and make you aware of the reasons for the extension.

You can exercise the rights under articles 15-22 of the GDPR in the following ways:
– sending an e-mail to emmoulds@legalmail.it;
– contacting the DPO at dpo.emmoulds@coppermoulds.com;
– sending a written request to the Data Controller’s registered office.
In addition, it is always possible to submit a complaint to the competent Supervisory Authority (art. 77 GDPR).