Privacy Policy


PRIVACY POLICY FOR VISITORS OF THE WEBSITE

WITH PRIVACY NOTICE PURSUANT TO ART. 13  OF THE EU REGULATION No. 679/2016

The company Matest S.p.A. Unipersonale, with registered office in 20862 Arcore, Viale Mantegna no.97, tax code and VAT number: 01696470168, in the person of the legal representative pro tempore, as data controller (hereafter "Data Controller") of the personal data belonging to users/visitors who visit the website www.matest.com, www.pavetest.com , www.tecnotest.net , www.steeltest.net, invites you to read this notice pursuant to art. 13 of the EU Reg. no. 679/2016 (hereinafter "GDPR") concerning the processing of your personal data, also containing important information regarding the management of the aforementioned website, in compliance with the regulations in force and as better specified below.

This notice is solely provided for the website www.matest.com, www.pavetest.com , www.tecnotest.net , www.steeltest.net and not for other websites that may be consulted by the user through links.

  1. Data being processed   

The Data Controller will process the personal identification data (by way of a non-limiting example: name, surname, address, telephone number, e-mail, etc. hereafter "Data") that you voluntarily provided in order to be able to take advantage of specific services offered by the website www.matest.com, www.pavetest.com , www.tecnotest.net , www.steeltest.net, in addition to those (navigation data) which can be normally accessed by the Data Controller through computer systems and software procedures used to operate the website. In this latter case, reference is made to those personal data whose disclosure is implicit in the use of Internet communication protocols. This category of data includes ex-multis IP addresses or domain names of the computers used by users connecting to the website, the addresses in Uniform Resource Identifier (URI) of the requested resources, the time of request, the method used while submitting the request to the server, the file size obtained as response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters related to the operating system and the user's computer environment.

  1. Purpose of processing

Your data will be legally and properly processed for the purposes described below.

A. As far as navigation data are concerned: a) to allow the Data Controller to obtain anonymous statistical information on the use of the website www.matest.com, www.pavetest.com , www.tecnotest.net , www.steeltest.net and check its correct operation; b) for security reasons (antispam filters, firewall and virus detection), in order to block attempts to damage the website or users, and in any case in order to avoid harmful or unlawful activities; c) to perform any other function which is necessary or serves to the operation of the website, including the installation of technical cookies to improve the features of the website for which reference is made to the Cookie Policy d) to allow the Data Controller to fulfil legal, accounting, tax, administrative and contractual obligations related to the management of the website and the provision of the services requested as well as the proper management of relations with authorities, supervisory bodies and third-party public bodies for purposes linked to specific requests, the fulfilment of legal obligations or other procedures.

B. As far as data voluntarily provided by the user are concerned, the above-mentioned category of data includes information (name, surname, e-mail address, data included in curriculum vitae, content acquired through forms filled in online, etc.) voluntarily provided by the user when curriculum vitae is voluntarily sent and online applications, through the "Contacts" section, which will be subsequently used by the Data Controller to assess the user's suitability in view of a potential company recruitment, by starting, if required, the selection processes.

C. Solely upon your specific and explicit consent (pursuant to art. 7 of the GDPR) to allow the optional, explicit and voluntary sending of e-mails to the addresses indicated on this website in the section "Contacts" to ask for information on products, relevant documentation and services offered by the Data Controller: this includes the further acquisition by the latter of the sender’s address which is needed to answer the questions and to follow up on any requests for offers; as well as to allow the Data Controller to carry out market research and analysis aimed at detecting the level of customer satisfaction on quality and type of products and services supplied and on initiatives to improve them, send

D. Solely upon your specific and explicit consent (pursuant to art. 7 of the GDPR) to allow the optional, explicit and voluntary sending of e-mails to the addresses indicated on this website in the section in the "newsletter" section to receive advertising material and/or commercial communications and information and direct marketing concerning new products offered for sale, the latest innovations and technologies of products, new services offered by the Data Controller or by third parties and news and promotional events. The foregoing can occur through traditional contact systems (paper-based mail or calls through the Sales Offices) or by e-mail.

3. Modalities of processing

Processing of your data is carried out through the operations mentioned in art. 4 no. 2) of the GDPR and more precisely: collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, disclosure or any other form of supply, comparison or interconnection, limitation, cancellation or destruction of Data.

Your Data are subject to both paper and electronic processing.

Acquired Data are processed, in full compliance with the laws and principles of lawfulness, fairness, transparency, limitation and protection of your privacy and your rights.

Processing of Data belonging to minors is not envisaged.

  1. Data retention period

The Data Controller retains Data in compliance with local laws and internal company policies and procedures for the time necessary to fulfil the aforementioned purposes and to meet its legitimate business interests, legal obligations or to establish, exercise or defend legal rights. Once the data retention is no longer required for said purposes, Data will be deleted in a secure manner. For further information on the retention periods for documents, please refer to the abstract of Data Retention Policy.

  1. Legal ground for processing

Processing of the aforementioned Data is necessary to allow you to browse the website and to follow up on your requests. Where necessary, for specific purposes, the user's express consent will be requested (see art. 8 and 12).

Processing of Data for marketing purposes is permitted in relation to the free circulation of data as provided for by the GDPR and can be translated into activities aimed at meeting the legitimate business interests of the Data Controller, including any commercial development activities (by way of example marketing, customer satisfaction etc.), performed by the latter.

  1. Communication, disclosure and access to Data

Your Data may be made accessible for the purposes described above:

  • employees and collaborators of the Data Controller in Italy and abroad, as internal data processors and/or sub-processors/people responsible for processing and/or system administrators;
  • to other third-party companies or other entities that carry out outsourcing activities on behalf of the Data Controller, in their capacity as external data processors, including suppliers or individuals appointed to perform ancillary or instrumental services for the purposes specified above, with whom the Data Controller concludes special agreements.

The Data Controller also reserves the right to share personal data with some third parties, including: IT providers for system development purposes and technical assistance; auditors and consultants to ascertain compliance with external and internal requirements as well as compliance with laws; bodies and agencies responsible for the application of laws and concerned parties pursuant to legal obligations to reporting; any successors or business partners of the Data Controller in case of sale, assignment or other extraordinary transactions; police, armed forces and other public administrations for the fulfilment of obligations set by laws, regulations or by European legislation.

Should said parties be located in extra-EU countries, the Data Controller ensures that extra-EU data transfer will take place in accordance with the applicable legal provisions.

  1. Data Transfer

Data will be stored on servers located within the European Union. In any case, it is understood that the Data Controller has the right to transfer Data also to other extra-EU areas, if needed; in this case, the Data Controller hereby ensures that the extra-EU data transfer will take place in accordance with the applicable legal provisions.

The Data Controller shall apply all the necessary protections to the aforementioned transfers pursuant to the legislation on privacy in force.

  1. Type of Data provision and consequences of failure to provide Data

Provision of Data for the purposes referred to in art. 2 "A." is mandatory for visiting and surfing the website "www.matest.com, www.pavetest.com , www.tecnotest.net , www.steeltest.net.

Provision of Data for the purposes referred to in art. 2 "B." is also mandatory. Should they be missing we cannot ensure the receipt of applications sent with their subsequent assessment.

Provision of data for the purposes referred to in article 2 "C." and 2 “D.” is optional. You may decide not to provide any data or to subsequently revoke the processing of data already provided: in this case, you cannot receive the requested information, commercial communications and advertising material concerning the services offered by the Data Controller.

  1. Rights of the Data subject

As Data subject, you have the rights set forth in articles 13, paragraph 2, letters b), c) and d), 15, 16, 17, 18, 19 and 21 of the GDPR and precisely the rights to:

  • receive confirmation of the existence or absence of Data concerning you, even if not yet registered, and their communication in an intelligible form;
  • to receive information on: a) the origin of Data; b) the purposes and methods of processing; c) the logic applied in case of processing performed with the aid of electronic devices; d) the identification details of the Data Controller, Data Protection Officer, data processors and the designated representative pursuant to art. 3, paragraph 1, of the GDPR; e) the subjects or categories of subjects to whom Data may be disclosed or who may become aware of them as designated representative in the territory of the State and as processors;
  • to obtain: a) the updating, correction or, when they are interested, integration of the Data; b) the cancellation, transformation into anonymous form, or blocking of data processed in violation of law, including those that need not be retained for the purposes for which the data were collected or subsequently processed. c) certification that the parties to which the data have been transferred or disseminated have been notified of the operations specified in points a) and b), also regarding their content, except for the case where notification proves impossible or requires the use of means clearly disproportionate to the right being protected.
  • to object, in whole or in part: a) for legitimate reasons to the processing of data concerning you, even if linked to the purpose of collection; b) the processing of data concerning you for sending advertising material or for direct sales or for market researches or commercial communication, through the use of automated call systems without the intervention of an operator through e-mail and/or traditional marketing methods by phone and/or paper-based mail. It should be noted that the right to object, which the Data subject is entitled to, as set out in point b) above, for direct marketing purposes through automated methods also applies to the traditional ones and that in any case the Data subject is free to exercise even partially the right to object. Therefore, the Data subject may decide to receive communications through traditional methods or automated communications only or none of the two types of communication;
  • where applicable, the Data subject also has the rights referred to in articles 16 - 21 of the GDPR (Right to correction, right to be forgotten, right to processing limitation, right to data portability, right to object), as well as the right to file a complaint to the Competent Authority;
  • to revoke any consent given at any time.
  1. How to exercise rights

You may exercise your rights or submit a request at any time by sending: a registered letter with notification of receipt to Matest S.p.A Unipersonale. - with registered office in Arcore, Viale Mantegna no. 97 (ZIP code 20862) - or an e-mail to: info@matest.com.

  1. Data Controller, Data Protection Officers, Data Processors

The Data Controller is Matest S.p.A Unipersonale. - with registered office in Arcore, Viale Mantegna no. 97 (ZIP code 20862), tax code and VAT number: 01696470168, in the person of the legal representative pro tempore.