Visitor Information Notice - IPM Filtration Systems

Dear Visitors
IPM S.r.l. imprints the personal data treatment it comes into contact with in the course of its business activities with the utmost diligence, as well as the principles of lawfulness, fairness, and transparency.
In compliance with EU General Regulation 2016/679 related to the protection of natural people with regard to the treatment of personal data (hereinafter also referred to as the GDPR) and respecting the principles listed above, IPM hereby informs you that, to access company spaces, all interested parties must be registered. For this reason, IPM wishes to clearly and transparently show which visitor information it collects and treats.

1. Categories of personal data collected
IPM S.r.l. may collect the following data (as follows also defined as personal data) provided by visitors for registration at the plant:
• Personal data (name, surname);
• Company information (company/organization; name and surname of the IPM reference contact).
• Contact information (telephone number; email address)
• Entry and exit times from the company headquarters.
2. Purposes and legal bases of treatment
Data processing is carried out in accordance with:
2.1 The need to fulfill IPM’s legal obligations, including protecting the safety of company assets and the people who access to them, in accordance with the principles set forth in Legislative Decree No. 81/2008 “Protection of health and safety in the workplace” and the Ministerial Decree of March 10, 1998 “General criteria for fire safety and emergency management in the workplace”;
2.2. For insurance purposes;
2.3 To protect information and industrial privative rights related to the business conducted within IPM spaces;
2.4 To respond to requests for information regarding the company, as well as the characteristics, nature, and price of the products or services in which you have expressed interest.
2.5 If you have given your consent, to contact you by email or mobile phone for commercial purposes, for example, following a meeting visit.
The legal basis for the purposes referred to in points 2.1 and 2.2 is our need to fulfill specific legal obligations. The legal basis for the purpose referred to in point 2.3 is the legitimate interest of the data controller. The legal basis for the purpose referred to in point 2.4 is the need to perform a contract to which the interested visitor is a party or to implement pre-contractual measures adopted on requests of the interested party
The legal basis for the purpose referred to in point 2.5 is consent, which constitutes the condition for the lawfulness of the processing; In this regard, we inform you that you have the right to revoke any consent previously given, free of charge, at any time.
3. Methods of data collection and nature of data contribution.
Personal data is provided directly by the visitor at the entrance to the company headquarters. Providing the above personal data is optional, but necessary, and the refusal to provide them will prevent the interested party from accessing our spaces. This applies with the exception of contact information, which is optional.
4. Data retention period
The personal data provided during registration will be retained by the data controller for 30 days from their collection, after which they will be deleted, except as provided below.
The mentioned data may be retained for a further period of time if necessary to comply with legal obligations, requests from authorities, or to exercise and/or assert a right and/or to exercise the right of defense.
The above mentioned data, where necessary for the execution of pre-contractual measures or for the performance of a contract, will be retained until the termination of the relationship or for any further retention period that may be required by law.
Any contact details provided in relation to Article 2.5 may be processed until revoked consent.
5. Processing Methods
Data treatment for the purposes above set out will take place in written form on paper and/or electronic support, using procedures strictly related to the purposes above indicated and, in any case, in a manner that guarantees the security and confidentiality of the data.
6. Recipients
The provided personal data will be processed by IPM S.r.l. In any case, the mentioned data will not be transferred to a country outside the European Union.
7. Disclosure of Personal Data
Without prejudice to made disclosures in compliance with legal obligations, or at the request of law enforcement and public or judicial authorities, to comply with legal obligations and/or orders of the authorities, the personal data provided will not be disclosed and will be collected by reception staff as data processors.
The personal data provided may be disclosed to external parties to the company organization as data controllers pursuant to Article 28 of the GDPR.
Without prejudice to the foregoing, the personal data collected pursuant to this privacy policy won’t be circumstances to be disclosed to third parties.
8. Data Controller
The Data Controller is IPM S.R.L., with registered office at Via Madre Teresa, 22, Lissone (MB), Tax Code: 08739150152; VAT No.: 00923400964, hereinafter also simply referred as “IPM”.
9. Rights of the Data Subject and How to Exercise
The Data Subject, in relation to the processing in question, may exercise the following rights against IPM S.R.L. (“Rights of the Data Subject”):
· Art. 15 GDPR – Right of access by the data subject;
· Art. 16 GDPR – Right to rectification;
· Art. 17 GDPR – Right to erasure of data where the Data Controller no longer has any legal basis for the processing (“Right to be forgotten”);
· Art. 18 GDPR – Right to restriction of processing, within the limits provided by data protection legislation;
· Art. 20 GDPR – Right to data portability.

The above rights may be exercised by sending a request to the following email address: [email protected]. Their exercise is free of charge and not subject to any formal requirements.

In any case, the data subject always has the right to forward a complaint to the Italian Data Protection Authority, pursuant to Article 77 of the GDPR, if he or she believes that the processing of his or her data violates applicable law, using the contact details available on the mentioned Authority’s website, or to take appropriate legal action.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional		The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary		This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance		This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy		The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.