A. General information

The protection of your personal data is important to us. In the following, we would like to inform you about the processing of personal data in the context of using our website.

1. Party responsible

The party responsible for this website is

REMONDIS Italia S.r.l.
Via Cassanese 224
20054 Segrate (Milan)
Italy

Further information about our company can be found in our imprint.

Contact details of our data protection officer:

REMONDIS Industrie Service GmbH & Co. KG
- Data Protection Officer -
Brunnenstr. 138
datenschutz-ris@remondis.de

2. Declaration of Joint Responsibility

We process your personal data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (Legislative Decree 196/2003, as amended by Legislative Decree 101/2018) as well as all other applicable legal provisions. The type and scope of data processing are generally determined by the service or information you have selected and the contractual relationship that exists with you. For details on the data categories, purposes and legal bases, please refer to Part B.

3. Data recipients

We transfer your personal data to the following data recipients:

• The transfer takes place in fulfilment of a legal requirement according to which we are obliged to report or pass on the data (e.g. to authorities).
• The data is transferred to external companies that act as processors on our behalf or that act on our behalf (this applies, for example, to courier and logistics companies, call centres, external data centres, computer and IT applications, website management, auditing services, credit institutions, data disposal, etc.).
• The transfer of data to third parties takes place with your consent. The data is transferred to process a contractual relationship with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR (e.g. to an affiliated company in the Group (see section 2) or a subcontractor or to a logistics company).
• The transfer of data to subsidiaries or affiliated companies also takes place to fulfil legal obligations or on the basis of our legitimate interests. This may be for economic, administrative or other internal business purposes; this only applies insofar as your interests or fundamental rights and freedoms, which require the protection of personal data, do not prevail.
• The data is transferred to credit agencies for the purpose of obtaining a credit report.
• The data is transferred for the purpose of checking and asserting claims (e.g. debt collection agencies, legal advisors).
• The transfer takes place in order to handle the planning, preparation and/or implementation of a (partial) sale of a company or a merger (or similar processes such as a takeover in the context of liquidation, insolvency, dissolution, etc.) with another company.

4. Deletion of data and duration of storage

In principle, we only process and store your data for the duration of our business relationship, including the initiation and fulfilment of the contract and the statutory retention periods (e.g. under commercial or tax law). 

If the data are no longer required for fulfilling contractual or legal obligations and rights, they are regularly deleted unless their - temporary - further processing is necessary for fulfilling the purposes listed above for the sake of an overriding legitimate interest. 

Insofar as individual processing of personal data requires different deletion periods, these are mentioned in the description of the individual processing operations in Part B.

5. Processing of your data in a third country

Data will only be transferred to bodies in third countries (countries outside the European Union (EU) or the European Economic Area (EEA)) if it is necessary for fulfilling an order/contract from or with you, if it is required by law (e.g. reporting obligations under tax law), if there is an appropriate level of data protection or if you have given us your consent.

Your data may also be processed in a third country in connection with the involvement of service providers, e.g. as part of order processing. If there is no decision by the EU Commission on an adequate level of data protection in the country concerned, we will ensure that your rights and freedoms are adequately protected and guaranteed by means of appropriate safeguards (e.g. EU standard contractual clauses).

Information on the appropriate or reasonable safeguards and the possibility of obtaining a copy from you can be obtained on request from the Data Protection Officer.

6. Automated decisions in individual cases / profiling

We do not use procedures for automated decision-making / profiling that have a legal effect on you or significantly affect you in a similar way.

7. Obligation to provide data

You only need to provide the data that is necessary for the use of the website and its functions or for establishing and conducting a business relationship or for a pre-contractual relationship with us or that we are legally obliged to collect. Without this data, however, we will not be able to provide you with our website properly and securely, answer your enquiries to us properly or conclude or execute a contract with you. This may also relate to data required at a later date.

8. Your rights as a data subject

Under the legal requirements, you are entitled to the following rights as a data subject, which you can assert against us:

• Right to information: You are entitled at any time to request confirmation from us within the scope of Art. 15 GDPR as to whether we are processing personal data concerning you; if this is the case, you are also entitled within the scope of Art. 15 GDPR to request information about this personal data and certain other information (including processing purposes, categories of personal data, categories of recipients, planned storage period, the origin of the data, the use of automated decision-making and, in the case of third country transfers, the appropriate safeguards) and a copy of your data.
• Right to rectification: In accordance with Art. 16 GDPR, you are entitled to request that we rectify the personal data stored about you if it is inaccurate or incorrect.
• Right to deletion: You are entitled, under the conditions of Art. 17 GDPR, to request that we delete personal data concerning you immediately. The right to deletion does not exist, inter alia, if the processing of personal data is necessary for (i) exercising the right to freedom of expression and information, (ii) complying with a legal obligation to which we are subject (e.g. statutory retention obligations) or (iii) asserting, exercising or defending legal claims.
• Right to restriction of processing: You are entitled, under the conditions of Art. 18 GDPR, to request that we restrict the processing of your personal data.
• Right to data portability: You are entitled, under the conditions of Art. 20 GDPR, to request that we provide you with the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format.
• Right to withdrawal: You have the right to withdraw your consent to the processing of personal data at any time with effect for the future.
• Right to objection: You are entitled to object to the processing of your personal data under the conditions of Art. 21 GDPR, which means that we must stop processing your personal data. The right to objection exists only within the limits provided for in Art. 21 GDPR. In addition, our interests may conflict with the termination of processing, so that we are authorised to process your personal data despite your objection.
• Right to lodge a complaint with a supervisory authority: Under the conditions of Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data concerning you infringes the GDPR. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedy.

The data protection supervisory authority and the relevant contact details can be found at the following link: https://www.garanteprivacy.it/home/autorita

The responsible data protection supervisory authority for the entire national territory is:

Piazza Venezia n. 11 - 00187 Roma
www.garanteprivacy.it
Telephone switchboard: (+39) 06.696771
Fax: (+39) 06.69677.3785
E-mail: protocollo@gpdp.it
Certified e-mail: protocollo@pec.gpdp.it

However, we recommend that you always address a complaint to our data protection officer first.

Your requests to exercise your rights should, if possible, be sent in writing or electronically to the address given in point 1 above or directly to our Data Protection Officer.

9. Information on the right to objection (Art. 21 GDPR)

If your personal data is processed on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR (data processing based on a balancing of interests) or on the basis of Art. 6 para. 1 sentence 1 lit. e GDPR (data processing in the public interest), you have the right to object to the processing at any time without incurring any costs other than the transmission costs according to the basic tariffs.

We will then in any case no longer process the personal data for the purposes of direct marketing or related profiling, nor for any other purposes, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. In this case, you must provide reasons for the objection that arise from your particular situation.

If possible, you should send your objection to the following contact address:
datenschutz-ris@remondis.de

10. Changes

We may amend this data protection information at any time (e.g. in the event of changes in data processing or the legal framework). Any changes will be publicised by publishing the amended data protection information on the website. Unless otherwise specified, such changes shall take effect immediately. Please therefore check this data protection information regularly to see the latest version.

B. Individual processing operations, purposes and legal bases

1. Logging

When you use the website, certain connection data and data provided by your Internet browser are temporarily stored. The following data is recorded and stored in log files for the operation of the website:

• (Anonymised) IP address of the accessing computer
• Operating system of the accessing computer
• Browser version of the accessing computer
• Name of the accessed file
• Date and time of access
• Referring URL
• Type of end device (e.g. desktop/smartphone)
• Connection logging

The storage and processing of data in log files is technically necessary for the proper and secure operation of the website. The legal basis for the (initial) storage and/or reading of the data on the user's terminal device is therefore Art. 122 para. 1 sentence 1 of Legislative Decree No. 196/2003 and Art. 6 para. 1 lit. f GDPR. If automatically transferred data (e.g. the public IP address of your terminal device) is processed, the processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR, provided you visit our website for the purpose of executing a contract with you or for pre-contractual measures (e.g. information about our products, enquiries), as well as within the scope of our legitimate interest according to Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the proper and secure provision of the website and our online offering.

The log file information is stored anonymised after the session has ended.

2. Contact form/info order

In the interest of communication with customers and interested parties, we offer a contact form on our website that you can use to request information about our products or to contact us in general. In addition to the voluntary information and your message content, we require the following information from you:

Title
Surname
First name
E-mail address

We need this information in order to process your enquiry, address you correctly and send you an answer. Enquiries received via the contact form are stored as emails and regularly checked to see whether data can be deleted. If data is no longer required in the context of a customer or prospective customer relationship or if a conflicting interest of the customer prevails, we will delete the relevant data after 180 days at the latest, provided that this does not conflict with any statutory retention obligations. The legal basis for this data processing is Art. 6 para. 1 lit. f GDPR. Insofar as contact is made to initiate contractual relationships, the legal basis is Art. 6 para. 1 lit. b GDPR.

3. Matomo

On our websites we use a version of Matomo implemented on our own servers. This is an open source analysis software for the purpose of statistical evaluation of visitor access. On the basis of this evaluation, we would like to understand in particular which of our pages are accessed, how often and for how long and are therefore of interest, but not by whom they are accessed. The version of Matomo implemented on our server does not use cookies. We only store anonymised user data to collect general statistical values without comprehensively analysing user behaviour. A comprehensive analysis of user behaviour is also not possible due to the anonymised data collected. The IP address transmitted in the server log-in is anonymised on our server before it is transmitted to the Matomo installation and replaced by a random IP address. In addition, a UserID is created using a random HASH value. It is not possible for us to track the data automatically transmitted by your end device, such as the IP address and the user ID, using the anonymised and randomly generated data, as time entries are randomised during the Matomo installation and the real IP address is immediately anonymised in our log files. At the end of the session (i.e. usually when the browser is closed), the random IP address and user ID are deleted by Matomo.

The purpose of the processing is the statistical analysis of user behaviour to optimise the functionality of our websites. Our legitimate interest lies in improving our websites and our online offering.

The legal basis for the use of Matomo is Art. 6 para. 1 sentence 1 lit. f GDPR.

4. Fulfilment of legal requirements

We also process your data to fulfil legal requirements. We are subject to a large number of legal obligations. These are primarily legal requirements (e.g. from commercial and tax laws), but may also include other official requirements. This includes, in particular, the fulfilment of tax control and reporting obligations as well as archiving and documentation obligations.

The legal basis for the processing is Art. 17 para. 3 lit. b GDPR and Art. 6 para. 1 sentence 1 lit. c) GDPR.

5. Law enforcement and legal defence

Wir verarbeiten Ihre personenbezogenen Daten unter Umständen auch, um unsere Rechte geltend zu machen und unsere rechtlichen Ansprüche durchsetzen zu können und/oder uns gegen rechtliche Ansprüche verteidigen zu können und/oder soweit dies zur Abwehr oder Verfolgung von Straftaten erforderlich ist.

Rechtsgrundlage für die Verarbeitung ist Art. 17 Abs. 3 lit. e DSGVO sowie Art. 6 Abs. 1 Satz 1 lit. f) DSGVO. Unser berechtigtes Interesse besteht in der Rechtsdurchsetzung und Rechtsverteidigung.

6. Company sales, mergers, etc.

We may also process your personal data processed via the websites in order to complete a (partial) sale of the company or a merger (or similar transactions such as takeover in the context of liquidation, insolvency, dissolution, etc.) with another company. In the event that another company acquires or intends to acquire the assets/capital, which may include your personal data, from us or we enter into or seek to enter into a merger with another company, we may need to grant that company access to or transfer your personal data stored by us for the purpose of reviewing and implementing the sale of the company/merger (e.g. to determine the value of the company, business risks, etc.).

We process your personal data for this purpose to safeguard our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR in order to plan and implement a planned company sale or a planned merger.

7. Captcha-Tool (Friendly Captcha)

Friendly Captcha is a data protection-friendly user verification tool from Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany, which is used to ensure that requests are made by human users and not automated bots. It uses innovative approaches to validate interactions without users having to enter personal data.

The following data may be processed when using Friendly Captcha:

• IP address: This is used to identify the user.
• Browser information: This includes information about the browser and operating system used.
• Interaction data: Data on the user's interaction with the website, e.g. mouse movements or clicks, can also be recorded.

The legal basis for the use of Friendly Captcha is Art. 6 para. 1 lit. f GDPR (legitimate interest). The legitimate interest lies in protecting our systems from misuse and unauthorised access by bots.

Friendly Captcha does not store any personal data that is used after an input has been secured. Friendly Captcha processes the data exclusively within the European Union.

Further information on data processing by Friendly Captcha can be found at Data protection provisions for end users - Friendly Captcha

C. Overview of cookies

Cookies are data records that are stored on your hard drive by your browser. If you do not wish to allow cookies on your computer (or other device), you can deactivate them in your Internet browser. However, this may impair the user-friendliness and functionality of the website. The cookies we use are technically absolutely necessary in order to be able to offer the website and its functions or the functions you have requested (e.g. language settings).

The basic obligation to obtain consent pursuant to Art. 122 para. 1 sentence 1 of Legislative Decree 196/2003 is excluded for the (initial) storage and/or reading of data on the user's terminal device pursuant to Art. 122 para. 1 sentence 2 of Legislative Decree 196/2003.

Our website uses the following cookies:

FormID

The cookie provider is Friendly Captcha, Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany. The cookie is used to recognise and distinguish between users and bots on the website in order to prevent spam or automated attacks. The cookie is automatically deleted when the browser is closed.

Status as of 20 November 2024