Privacy Policy

Please read carefully the following notice, prepared in accordance with Article 13 of the General Data Protection Regulation No. 2016/679 (hereinafter, also the “GDPR”), in which we provide you with all details regarding the processing of your personal data collected through the website https://www.innate.it/ (hereinafter, also the “Site”).

1. WHO PROCESSES YOUR DATA?

Data Controller

The Data Controller is INNATE S.R.L., P.IVA IT02062130063, whose contact details are as follows:

• Registered office: Viale Industria 11/13, Novi Ligure (AL), 15067;
• Operational headquarters: Viale Industria 11/13, Novi Ligure (AL), 15067;
• Telephone: 01432645; § E-mail address: info@innate.it; § PEC address: amministrazione@pec.innate.it.

Other parties to whom your data may be disclosed

Your data may be shared with:

• the Company’s appointed personnel and possibly its professionals who have committed to confidentiality or are subject to an appropriate legal obligation of confidentiality;
• individuals delegated and/or appointed by the Data Controller to carry out activities strictly related to the pursuit of the purposes indicated below (including technical maintenance work on the systems), where necessary, rightly appointed as data processors.

2. WHAT TYPES OF DATA DO WELL COLLECT?

Data provided voluntarily by the user:

• E-mail contacts: The Site offers users the opportunity to voluntarily provide personal information, to request information and/or establish relationships with the Company, through:
  • sending e-mails, providing the Holder with their e-mail address as well as any other data voluntarily provided by the user through their e-mail;
  • through filling in the fields in the “Contact Us” area, providing the Holder with your e-mail address, first and last name;
• “Whistleblowing” Section: the “Whistleblowing” Section of the Site allows those who have an interest in it to report any unlawful conduct, violations of the Code of Ethics, the Organization, Management and Control Model pursuant to Legislative Decree 231/2001 and the internal procedures adopted by the Company, as well as the external regulations in any case applicable to the latter. The data collected through the section in question are processed by the Company in accordance with the provisions contained in the “Reporting Privacy Policy”.

Data from third parties

Should you decide to provide us with data from third parties, please ensure that these parties have been previously and adequately informed about the methods and purposes of the processing indicated here. In any case, in relation to these circumstances, you stand as an autonomous data controller, assuming all legal obligations and responsibilities.

Browsing Data

We collect the following data through the services you use:

• Technical data: this category of data includes the IP addresses or domain names of the computers used by users connecting to the Site, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s Operating system and computer environment. These data are used only for statistical information (so they are anonymous), to check the proper functioning of the site and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this eventuality, data on web contacts do not persist for more than 7 days;
• Data collected using cookies or similar technologies: for more information on the point, please visit the “Cookie Policy”.

3. FOR WHAT PURPOSES DO WE PROCESS YOUR DATA

a) The personal data you provide through the Site will be processed for the pursuit of the following purposes:
for purposes strictly related to and/or necessary for the satisfaction of the requests formulated from time to time by you through the Site by e-mail or other means of communication;

b) to receive by e-mail updates on the main news and initiatives promoted by the Company;

c) to ensure compliance with legal obligations, regulations and community standards;

d) to carry out statistical surveys.

With reference to the purposes under letter a), the legal basis for the processing of your personal data is represented by Article 6, paragraph 1, letter b) of the RGPD – performance of a contract to which the data subject is a party or of pre-contractual measures taken at the request of the same.

With reference to the purpose under letter b), the legal basis for the processing of your personal data is represented by Article 6, paragraph 1, letter a) of the RGPD – consent of the data subject.

With reference to the purpose under lett. c), the legal basis for the processing of your personal data is represented by Article 6, paragraph 1, lett. c) of the RGPD – fulfillment of a legal obligation to which the Data Controller is subject.

With reference to the purpose under letter d), this activity does not involve the processing of personal data.

4. HOW LONG WE KEEP YOUR DATA?

As expressly provided for in Article 5, co. 1, letter e) of , the Data are kept for the time necessary for the Processing of the same in relation to the performance of the service requested by the User, or required by the Purposes described in this document.

In particular:

• Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until completion of such contract;
• Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained both upon fulfillment of that interest. You may obtain further information regarding the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller;
• Data collected pursuant to User Consent may be retained until such Consent is revoked;
• Data collected for fiscal/administrative obligations will be kept for the time necessary to fulfill the aforementioned purposes and as required by law, and in any case for a period not exceeding that dictated by civil law;
• navigation data (e.g. IP addresses or the domain names of the computers used by the users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.. ) and other parameters relating to the user’s operating system and computer environment) are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operation and are deleted immediately after processing;
• the optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message;
• the use of so-called session cookies (which are not stored persistently on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the site. The so-called session cookies used in this site avoid the use of other computer techniques potentially prejudicial to the privacy of users’ browsing and do not allow the acquisition of personal identification data of the user. For all other cookies, please refer to the Cookies Policy.
• Data may be retained by the Data Controller for a longer period in compliance with legal obligations or by order of an authority.

The User can always request the interruption of the Processing or the deletion of Data not related to the execution of the contract.

At the end of the retention period, the Personal Data will be deleted. Therefore, at the expiration of this period, the right of access, deletion, rectification and the right to Data portability can no longer be exercised.

5. HOW YOU CAN EXERCISE YOUR RIGHTS?

Revocation of Consent

To revoke the consent given, you may contact the Controller at any time by writing to the e-mail address info@innate.it. Your consent is entirely optional and may be revoked at any time without affecting the lawfulness of the processing carried out prior to revocation on the basis of the consent given.

Exercise of your rights

Consistent with the provisions of the RGPD, you have the right to ask the Data Controller, at any time, for access to your personal data, to rectify or erase them or to object to their processing.

The law also allows you to request the restriction of processing in the cases provided for by Article 18 of the RGDP, as well as to obtain the data concerning you in a structured, commonly used and machine-readable format, in the cases provided for by Article 20 of the RGPD.

Requests may:

• be sent to the e-mail address: info@innate.it;
• be sent to the address: Innate, Viale Industria 11/13, Novi Ligure (AL), 15067.

Lastly, we would like to remind you that you always have the right to lodge a complaint with the competent Supervisory Authority (Personal Data Protection Authority), pursuant to Article 77 of the RGPD, if you believe that the processing of your personal data is contrary to the regulations in force.

6. HOW WE ENSURE THE PROTECTION OF YOUR DATA?

Your personal data are processed by the entities mentioned in 1, in accordance with the provisions of the current legislation. In particular, in order to ensure the security of your data taking into account the state of the art and implementation costs, as well as the nature, object, context and purpose of the processing, as well as the risk of varying likelihood and severity to the rights and freedoms of our users, we have taken appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

7. AMENDMENTS TO THIS POLICY

This policy was published in February 2024 and is subject to change over time, including changes related to the possible enactment of new industry regulations, the updating or delivery of new services, or to intervening technological innovations.

Novi Ligure, 15/05/2024