This page contains all the information pursuant to Art. 13 of Reg. (EU) 679/2016 (General Data Protection Regulation, hereinafter GDPR) provided to people who interact with the services of Pentax Industries Spa, as data subjects under Art. 4(1)(a) GDPR. Such services are accessible online at: https://pumpselector.pentax-pumps.it.
The policy is provided solely for the website of Pentax Industries Spa, and not for any other websites that may be visited by users via the links found on https://pumpselector.pentax-pumps.it.
The Controller is Pentax Industries Spa, which can be contacted via the contact details given below.
CONTROLLER’S CONTACT DETAILS:
For any request regarding the processing of personal data or the exercise of one’s rights under Articles 15-21 GDPR, data subjects may refer to our Privacy Dept.:
Pentax Industries Spa. – Viale dell'Industria, 1 – 37040 Veronella (VR) Italy
Telephone: +39 0442 489 500
certified email: firstname.lastname@example.org
If a request cannot be correctly identified, the Privacy Department may ask for additional information solely with a view to correctly understanding the identity of the data subject.
PURPOSES AND LEGAL BASIS FOR PROCESSING:
The Controller processes Personal Data, collected through this website, relating to the User for one of the following purposes:
• Registration for the reserved area. Your data will be processed in order to create a personal account so that you can access the reserved area of the website and configure and choose Pentax brand products. The legal basis for Processing your data is the performance of a contract or taking the steps prior to entering into a contract (Art. 6(1)(b) GDPR).
• Sending commercial communications. Your data will be processed in order to send you commercial communications regarding offers and Pentax brand products. The legal basis for Processing your data is the freely-given consent during the registration phase (Art. 6(1)(a) GDPR).
Your data may also be processed so that a legal obligation to which the Controller is subject may be fulfilled, and also for the Legitimate interest of the Controller in collecting statistical data and ensuring the security of the web platform.
No acquired data may be used for purposes other than those mentioned above and it will be stored for the period required to achieve these purposes. Once this period has elapsed, the data will be erased or transformed into anonymous form.
If the data subject gives their consent, the Controller may process this data until the consent is withdrawn by the data subject, on the understanding that the processing during the period of validity of such consent is lawful
SCOPE OF COMMUNICATING PERSONAL DATA:
The Data is processed at the operational venues of the Controller and in any other place where the parties involved in the processing are located. For further details, contact the Controller.
The User’s Personal Data may be transferred to a country other than the one where the User is located.
If one of the aforesaid transfers takes place, the User may ask for information by contacting the Controller at the contact details shown above. The Controller takes appropriate security measures aimed at preventing the unauthorised disclosure, alteration, destruction or access to the Personal Data.
The processing is performed using IT systems and/or computer telecommunications, adopting organisational procedures and logic strictly associated with the specified purposes. In addition to the Controller, other persons involved in the organisation of this Website could have access to the data (administrative, sales, marketing and legal personnel and systems administrators) or also third parties (such as technical service providers, transporters, hosting providers, IT companies, communication agencies), which are appointed, where necessary, as Processors by the Controller. A request for an updated list of Processors may be sent to the Controller at any time.
RIGHTS OF DATA SUBJECTS:
Data Subjects have the right to ask the Controller for access to their data or its rectification or erasure or the restriction of processing the data concerning them, or the right to object to the processing, in addition to the right to data portability or to withdraw their consent, as specified in Articles 15-21 GDPR. The request may be made via email or registered post indicating the subject: “request from a data subject”, specifying in the request the right which the data subject wishes to exercise (erasure, rectification, portability, right to be forgotten) together with a valid email/PEC certified email address to which the Controller may reply. The Controller, or anyone appointed by the Controller, will meet the request within 30 days from receiving it. If the reply is complex, the time required could be extended by another 30 days, subject to prompt notification of this to the data subject. If you feel you need to have your rights upheld, you can lodge a complaint with the relevant supervisory authority, i.e. the Italian Data Protection Authority, whose offices are in Piazza Venezia 11, Rome.