Privacy notice for clients, suppliers, partners and other parties – pursuant to art. 13 of European Regulation n. 16/679 and art. 13 of Italian legislative decree D.lgs 196/2003

We would like to inform you, the GDPR protects persons’ and other parties’ personal data processing. In relation to the indicated notice, the processing will be based on some specific principles, such as correctness, legality, transparency and protection of your privacy and your rights.

  1. Identity and contact information of data processing controller:

The processing data controller is STC S.r.l., more specifically its current legal representative.

The address of our registered office is: Via A. Murri 22 –  72023 Mesagne (BR) where it is possible to request the complete and updated list of our Data Processing Operators.

  1. The data being processed

Processed personal data consists of biographical and contact details provided or received from the interested party on the following occasions:

  • visits or phone calls or email;
  • direct contacts obtained after participation in events, fairs, etc.;
  • commercial information requests, submission of proposals;
  • job applications or CV submissions by email, using the email address on the website;
  • satisfaction surveys;
  • personal account on the website (to create one, it is compulsory to provide email address and password). Hereinafter, totally optionally, the Visitor may fill in a form with his/her personal data: name, surname, city, phone number, company name and type, and its website URL. Through the account, it is possible to manage the Visitor’s Personal Data, preferences regarding newsletter subscription, general preferences and to access requests which have been sent through the website.
  1. Processing purposes

Personal data of natural persons who operate in the name and on behalf of clients, of suppliers, of partners and of other parties is processed for the following purposes:

  • forward communications by various means of communication (phone, mobile phone, sms, email, fax, mail, ecc.);
  • formulate requests or process received requests;
  • exchange necessary information for the performance of a contractual relationship, including pre- and post-contractual activities, which also include assistance;
  • evaluate and analyze Research and Development projects.
  • Job-applications selection;
  • Improve websites, services and products, along with better services supply.
  1. The interested party can refuse to provide his/her personal data to the data controller.

However, the provision of personal data is necessary for a correct and efficient management of contractual relationship with clients, suppliers, partners and other parties involved in data controller’s activities. Therefore, refusing to provide the data could completely or partially compromise the contractual relationship itself or pre- and post-contractual activities.

  1. Legal basis

The processing is necessary for the performance of a contract or for the performance of pre- or post- contractual arrangements adopted upon request of the supplier, client, partner, other parties or STC S.r.l..

  1. Processing methods

The data of the interested parties shall be processed using manual or automated equipment, by including them into databases, registers and lists suitable for recording, managing and transmitting data, in specific ways and within the limits required to reach the indicated purposes.

STC S.r.l. provided appropriate safety measures in order to protect the data of natural persons who operate in the name and on behalf of clients, suppliers, partners and other parties, for example: firewall, antivirus, encrypted backups, secure connections such as VPN, HTTPS and SSL.

The data shall be processed only by authorized persons inside STC S.r.l., in relation to the final processing purposes.

  1. Data recipients

Personal data processed by the Data controller shall not be disclosed, i.e. shall not be communicated to unspecified parties, in any possible form, including that of their availability or simple consultation. On the other hand, the data can be communicated to the Data controller’s employees and to some external parties that collaborate with them, always in compliance with the indicated purposes. In particular, these are employees/collaborators who, in relation to their positions and work tasks, have been authorized to process personal data within the limits of their competency and in accordance with the instructions given by the Data controller. Also the data can be communicated, only if strictly necessary, to the parties that, for the purposes of issuing our orders or information and quotation requests or formulation of proposals, on site or off site assistance activities, have to supply goods and/or perform professional services on our behalf. Also the following parties can access the data (with the purpose of providing assistance for SW applications, for information networks and for connectivity, within the imposed limits): our technicians in charge or external consultants or technicians of some enterprises that provide such services. In the end, the data can be communicated to the parties authorized to access it, respecting statements of laws, regulations and European norms.

  1. Transfer of personal data

The Data controller can’t transfer personal data to third countries or international organizations.

  1. Personal data storage

The Data controller processes personal data for the period of time necessary to comply with the indicated purposes. Afterwards, personal data will be stored, and not further processed, for 10 years in conformity with the relevant legislation; in case the data is processed in the frame of a financed project, the storage period may be subject to what is specified in the financing organization’s notice.

Data contained in CVs will be stored for a maximum of 5 years from their collection. After this period, data will be destroyed or anonymized, unless a working and/or cooperative relationship is established.

  1. Interested party’s rights

In particular, the interested party has the following rights:

  • Revoke the consent anytime. The party may revoke the previously-expressed consent to the processing of his/her own Personal Data.
  • Object to the processing of his/her own data. The party can object to the processing of his/her own data, when it occurs on a different legal basis than the consent itself.
  • Access his/her own data. The party has the right to obtain information about processed data, about different processing aspects and to receive a copy of the processed data.
  • Verify and ask for rectification. The party may verify data accuracy and ask for some updates or corrections.
  • Obtain the processing restriction. When specific conditions occur, the party may ask for a restriction of his/her data processing. In this case, the controller will not process any data for any reason other than their storage.
  • Receive his/her own data and send them to a different data controller. The party has the right to receive his/her own data in a structured and ordinary format, easy to read on an automatic device, and, if technically feasible, to obtain their transfer without obstacles to a different controller. This clause is applicable when data are processed with automated equipment and when the processing is based on the party’s consent, on a contact which involves the party, or on related contractual arrangements.
  • Lodge a complaint. The party may lodge a complaint with the competent supervisory authority of personal data protection or proceed with a legal action.

The interested party may exercise his/her own rights against the controller by contacting the legal representative, by mail to STC S.r.l., via A. Murri 22, 72023 Mesagne (BR), or by e-mail to the following address:

  1. Lodging a complaint

The interested party has the right to lodge a complaint with the supervisory authority of his/her home State. To get more information on the right to lodge a complaint, you can visit this web page:

  1. Social media

Social media are part of several Internet users’ daily routine. Therefore, we created a certain number of STC profiles on them.

All users can join STC’s pages or groups on different social media.

Nevertheless, we would like to remind you that personal data will belong to the social media itself, unless users’ data is directly requested (i.g. through marketing campaigns, contests, promotions or through any other valid method).

  1. Cookie notice

A cookie is a stored information, gathered from a visited website and saved in a computer. Cookies management is invisible to users, by default. By modifying browser settings, it is possible to decide if you want to accept cookies storage requests, if you want to automatically delete stored cookies after browser closure, and much more.

STC stores its technical cookies as well as the following third parties’ cookies:

  • Joomla

Necessary technical cookie for the website operation.

  • Google Analytics

Technical and anonymous cookie used for access and website visits monitoring.

  • Widgets of Facebook, Twitter and Google Plus are also installed on the website.

Firefox, Chrome, Internet Explorer, Safari and Opera will give you instructions on how to disable cookies from the browser.

You may also find the notice about personal data protection on the Italian Data Protection Authority Website (Garante per la protezione dei dati personali).