Skip links
S.L.M. S.r.l.

Privacy Policy

S.L.M. S.r.l.; head office in Trento CAP 38122, Via Grazioli 71/73, Tax Code 02511150225, from now on referred to as “S.L.M.”, as Data Controller (from now on also referred to as the “Owner”) informs Users, by EU Regulation 2016/679 (“GDPR”) and national legislation on data protection currently in force, their data will be processed in the manner and for the purposes indicated below:

1) Owner and object of the treatment

1.1. The Data Controller is S.L.M. S.r.l.; head office in Trento CAP 38122, Via Grazioli 71/73,

Tax Code 02511150225.

1.2. The Data Controller processes the Users’ data (in particular name, surname, e-mail address, telephone number, IP address, etc. from now on “Personal Data”) provided while browsing the website https: // slm -srl.it/ (from now on “Website”), to use the services provided within the S.L.M.

2) Purpose and legal basis of the processing

The data will be processed for the following purposes:

2.1. Without prior consent, for the following service purposes:

  1. the fulfilment of contractual and/or pre-contractual obligations and commitments: management of registration requests; control of navigation on the Website;
  2. the fulfilment by the Owner of the obligations provided for by laws, regulations or imposed by the Authorities;
  3. the pursuit of a legitimate interest by the Data Controller, or for the management and maintenance of the Website; the prevention and identification of fraudulent activities or damaging events for the Website; the exercise of the rights of the Data Controller.

2.2. Allowed only before the consent of the User for the following marketing purposes:

  1. sending by the Data Controller to the e-mail address provided by the User during registration, of communications and materials, with advertising content, e-mail, SMS or other messages, newsletters and/or multimedia services relating to the services offered by the Data Controller.

3) Processing methods

3.1. The Owner takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data.

3.2. The processing is carried out using IT and/or telematic tools, with organisational methods and logic strictly related to the indicated purposes. In addition to the Data Controller or, in some cases, other subjects involved in the organisation of this Website (administrative, commercial, marketing, legal, system administrators) or external parties (such as third-party technical service providers, hosting providers, IT companies, communication agencies) may have access to the data or be appointed, if necessary, as Data Processors by the Data Controller. The Data Controller can always request the updated list of the Managers above.

3.3. The treatments connected to the web services offered by this site, physically placed “in hosting” at the company ………, are carried out at the headquarters of the data controller.

4) Data retention

4.1. The Data Controller processes the User’s data for the time required by the purposes for which they were collected.

4.2. Personal Data collected for purposes related to the execution of a contract between the Owner and the User will be retained until this contract is executed.

4.3. Personal Data collected for purposes related to the Data Controller’s legitimate interest will be retained until this interest is satisfied. The User can obtain further information regarding the legitimate interest pursued by the Owner in the relevant sections of this document or by contacting the Owner.

4.4. When the processing is based on the User’s consent, the Data Controller can keep the Personal Data longer until such consent is revoked. Furthermore, the Data Controller may be obliged to retain Personal Data for a more extended period in compliance with a legal obligation or by order of an authority.

4.5. At the end of the retention period, the Personal Data will be deleted. Therefore, at the end of this term, the right of access, cancellation, rectification, and data portability can no longer be exercised.

5) Access to data

5.1. Users’ data may be accessible, for the purposes indicated above, to:

  1. employees and collaborators of the Data Controller, in their capacity as persons in charge of processing and/or internal contact persons and/or system administrators;
  2. third-party companies or other subjects (e.g. IT assistance, consultants, suppliers, banking institutions, external consultants, etc.) who carry out outsourced activities for the Data Controller as Data Processors as required by Article 27 of the GDPR.

6) Data communication

6.1. Personal data may also be disclosed, even without prior consent and for the purposes indicated above, to supervisory bodies, police or judicial authorities, upon their explicit request, which will treat them as independent data controllers for institutional and/or law during investigations and checks. The data may also be disclosed to third parties (e.g. partners, professionals, agents, etc.) as independent data controllers for performing activities instrumental to the purposes above.

7) Data provision

7.1. The provision of personal data is essential for service purposes. If the User decides not to provide his data, the Data Controller will not be able to carry out his requests relating to providing the services offered by the latter.

7.2. Data provision for other marketing purposes is discretionary, and the lack of consent does not prevent the User from using the Owner’s services. If the User decides not to provide their data, they will not be able to receive news about the Data Controller’s initiatives.

8) Users’ rights

8.1. The Data Controller informs Users that in the absence of limitations provided for by law, they have the right to:

  1. obtain confirmation of the existence or not of personal data concerning them, even if not yet registered, and their communication in an understandable way;
  2. obtain information and, if necessary, a copy of: a) source and category of personal data; b) logic applied in case of treatment carried out with electronic instruments; c) purposes and methods of treatment; d) the identification references of the Data Controller and Data Processors; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them, in particular, if the recipients are non-EU countries or international organisations; e) the period for which the personal data will be stored or, if this is not possible, the criteria used to determine this period; f) existence of an automated decision-making process and, in this case, information on the logic involved, the meaning and consequences for Users; g) existence of adequate guarantees in the event of the transfer of personal data to a non-EU country or an international organisation;
  3. obtain, without undue delay, the updating, correction or integration of incomplete data; exercise the right to withdraw consent at any time, quickly and without impediments, using, if possible, the same means used to provide support;
  4. obtain the cancellation or oblivion of data: processed in violation of the law; no longer necessary about the purposes for which they were collected or subsequently processed; for which the consent on which the processing is based has been revoked, and there is no other legal basis for the processing; for which there has been opposition to the processing, and there are no legitimate imperative reasons for the processing; in compliance with a legal obligation.
  5. the Data Controller may refuse to delete the data when the processing is necessary: ​​to exercise the right to freedom of expression and information; in fulfilment of a legal obligation, for the execution of a task of public interest or in the exercise of public authority; for reasons of public interest; for the achievement of purposes of public interest, scientific or historical research or statistics; e) to make legal claims;
  6. obtain the limitation of processing when: the accuracy of personal data is disputed; the processing is unlawful, and the Users oppose the cancellation of their data; Users request the data for the exercise of legal actions; pending the verification of whether the legitimate interests of the Data Controller prevail over those of the Users;
  7. to receive, if the processing is carried out by automatic means, without hindrance and in a structured, commonly used and legible format, personal data concerning him to transmit them to another holder or, if technically possible, to obtain direct transmission by from the owner to another owner;
  8. object, in whole or in part: for legitimate reasons to the processing of personal data concerning them, even if pertinent to the purpose of data collection; to the processing of personal data concerning them to send advertising material or for market research or commercial communication, through automated call systems without the intervention of an operator, e-mail and/or traditional marketing methods by telephone and/or paper mail; file a data protection complaint with the competent supervisory authority.

8.2. In the cases mentioned above, where necessary, the Data Controller communicates any exercise of the Users’ rights to each third party to whom the personal data have been disclosed, except in specific cases such as, for example, if this is impossible or involves a disproportionate effort.

8.3. Users also have the right to complain to the supervisory authority if they believe processing their data violates the law. As known in Italy, the guarantor for the protection of personal data is the Guarantor for the protection of personal data (https://www.garanteprivacy.it/ ).

9) How to exercise the rights

Users can exercise their rights at any time by sending a registered letter with a return receipt to the registered office of the Data Controller; by sending an e-mail to info@slm-srl.it

10) Consent to the processing of data for marketing purposes

The Data Controller, only with the specific consent of the Users, may send newsletters, commercial communications and advertising material on products or services offered by the Data Controller by e-mail, paper mail, SMS and/or telephone contacts for marketing and in the manner provided for in the privacy policy. You can decide not to receive further communications by clicking on “unsubscribe” or the opt-out function in the e-mail.

11) Social network plug-ins

The owner’s website is integrated with some social network plug-ins, particularly Facebook, LinkedIn, Google+, and Twitter, to allow users to share the portal contents that they find interesting publicly. When the user visits a site page, the plug-ins directly connect the user’s browser and social networks. Through this connection, social networks acquire information about the user, such as IP address, date and time of the visit, browser used, etc. Furthermore, if the user is connected (and therefore authenticated) on one of these social networks, the information collected can be linked to their profile.

12) Changes to this Privacy Policy

12.1. The Data Controller may occasionally make changes to this Privacy Policy, for example, to make the necessary updates concerning new regulatory provisions, technical requirements or good commercial practices on the subject. The owner will be responsible for giving due information if substantial changes are made.

12.2. If the changes affect treatments whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.

Explore
Drag