Updates from the Eliwell world
Information on Data processing (art. 13 and 14 EU Regulation 2016/679) digital opt-in
Schneider Electric is a multinational group committed to ensuring an adequate level of protection of personal information in accordance with applicable laws.
Data Controller and reference details
The Data Controller is Eliwell Controls S.r.l. tax ID code 00987060256 (hereinafter “Controller”).
You can exercise the rights included in the Regulation by making a simple written request to the Data Protection Officer c/o Schneider Electric SpA by sending an email to GDPR.Italy@schneider-electric.com or to DPO@schneider-electric.com
General Scope of Data Processing
Categories of processed data
The Controller may process personal identification data of the Data Subjects (e.g. name, address, land line and mobile, e-mail, occupation, economic and financial data, IP addresses and logs, preferences/opinions in the use and management of products/services) made available by the same and identification data collected from public registers or databases (hereinafter “Data”).
In most cases data are provided directly by the Data Subject, but may also be collected via third parties; in this case, it is the responsibility of the Controller to provide the information on the source of such Data.
Purpose and legal basis of the processing
The Controller will process Data for the following purposes (hereinafter “Purposes”) and in the context described here:
- a) Establishing and fulfilling pre-contractual and/or contractual relationships regarding the commercialization of products, components and services (including digital services) of the Controller (for example: sales, contracts, loan, licenses, leases, etc.).
- b) Answer requests for information from the Data Subjects relating to products marketed by the Controller.
- c) Provide technical assistance if requested by the Data Subjects, manage quality control, ensure operational continuity and/or emergency recovery of products marketed by the Controller.
- d) Notify the Data Subject about technical/commercial updates concerning the purchased products, services and contents (including digital ones).
- e) Activate and maintain the account of the Data Subject (that may have been created when activating purchased products), by creating a profile to allow access to the Controller's portals.
- f) Ensure the safety of products and services, and protection against fraud.
- g) Notify about any extraordinary corporate operations or reorganization operations relating to the contractual relationship with the Controller.
- h) Fulfil legal obligations to which the Controller is subject, such as but not limited to, the fulfilment of obligations laid down by laws and regulations (i.e. tax and accounting obligations, obligations arising from the legislation on health and safety at work), contract management, including the management of payments and invoices and litigation management; for purposes regarding group reports, internal controls (safety, quality of services, asset integrity), management control, certification.
- i) Carry out measures issued by the Authorities, including requests in the field of investigations, inspections and assessments.
Furthermore, the Data will be processed for the following specific purposes (hereinafter “Specific Purposes”):
- j) Send the Data Subject advertising information, invitations to meetings, fairs and events promoted by the Controller in relation to its products and services.
Processing Operations and Procedures
The Data will be processed through the following processing operations: collection, recording, organization, storage, consultation, selection, deletion and destruction, and can be performed according to:
- a) automated procedures, such as computer programmes, emails and text messages,
- b) non-automated procedures, such as ordinary post and via telephone operators and paper-based means,
- c) with the aid of information technology and electronic means, such as computers, mobile phones and smartphones.
- d) by accessing web platforms, applications and cloud systems.
The Controller or any Data Processors in charge of the Data processing designated by the Controller will keep the Data for the time period required to fulfil the Purposes. After such period, the Data may be rendered anonymous or erased.
The Data used to fulfil civil and tax obligations will be stored for the whole duration of the contractual relationship and also after the termination of the contract, in compliance with such requirements (e.g. statutory obligation to keep all invoices and corporate documentation for at least 10 years according to Art. 2220 of the Italian Civil Code).
Data sharing with Third Parties
Without prejudice to the communications made under legal and contractual obligations, the Data may be disclosed, only for the Purposes, to third parties such as consultants (such as tax or legal consultants), public bodies and administrations in the event of any public procurement tenders where this may be necessary, banks, IT service providers for company systems and platforms, acting as Data Processors on the basis of special contractual arrangements. Data may also be disclosed to parties that are entitled by law to receive such information, such as Italian and foreign judicial authorities and other public authorities, for purposes related to the fulfilment of legal obligations, or for the execution of obligations arising from the contractual relationship (for example but not limited thereto: certification bodies, regulatory bodies, and similar), as well as for any needs of defense before the courts.
Data may be also disclosed to other companies in the Schneider Electric Group, if necessary, for the Purposes, and marketing initiatives, internal administrative activities, as well as for the coordination and control of the group.
The Data will be processed by persons authorized to process it acting under the authority of the Controller and have been adequately trained by the Controller, mostly through electronic and manual systems that are in compliance with the applicable principles on the processing of Data pursuant to Art. 5 of the Regulation.
Data storage location and Data transfer abroad
Data will not be disseminated. Data is not transferred outside the European Union; nevertheless, if, for specific needs relating to the location of the servers of the Controllers and for needs regarding the coordination of Group activities, it were necessary to transfer the Data to countries outside the European Union, also to countries which do not offer adequate levels of protection, the Controller undertakes to ensure adequate levels of protection and preservation also of a contractual nature in accordance with the applicable regulations, including the stipulation of standard contractual covenants (a copy of these commitments with third parties under such covenants may be required by sending a request to the address of the Data Protection Officer shown below). The list of Countries located outside the European Economic Area where the Data is transferred, is available upon request to the Data Protection Officer.
Rights of the Data Subject
The Data Subject can exercise the rights provided for by the Regulation (Articles 15-21), in relation to the Data processing described herein, including the rights to:
- a) receive confirmation of the existence of their Data and access to their contents (right of access);
- b) update, modify and/or correct their Data (right of rectification);
- c) request the cancellation or limitation of the Data processing, if processed unlawfully, including the Data whose storing is unnecessary for the purposes for which the Data was collected or otherwise processed (right to be forgotten and right to limitation);
- d) object to the processing (right of objection);
- e) lodge a complaint to the Supervisory Authority in the event of violation of the regulations on Data protection;
- f) receive a copy (in electronic format) of their Data which were collected in the context of the contract and ask for that Data to be sent to another data controller (right of data portability).
Consent to Data Processing
In order for the Data to be processed for the Purposes, the specific consent of the Data Subject is not necessary because the processing is based on the legal basis of Art. 6 (1) (b) of the Regulation.
Consent expressed in signed format
The Data Subject, in relation to the Specific Purposes, has read and evaluated this privacy information whose contents he/she declares to have understood, and has given or denied his/her consent to the Data processing by digital means such as web sites, web applications, applications on smartphones, software and similar means.
The Data Controller or the Data Processor designated by the Data Controller will store the logs of acceptance/refusal of consent in a traceable way.
Right to object
The Data Subject, as regards the Specific Purposes, may at any time object to Data processing by sending an email to the following address: GDPR.Italy@schneider-electric.com.
A cookie is a piece of information in the form of a very small text file that is placed on an internet user's hard drive. It is generated by a webpage server, which is essentially the computer that operates a website. The information the cookie contains is set by the server and it can be used by that server whenever the user visits the site. A cookie can be thought of as an internet user's identification card, which tells a website when the user has returned. (Source). We may also use other similar technologies (e.g. pixel tags, web beacons...) when you visit our websites and use our mobile applications, which seek information stored on your device. For purposes of this notice, all such technologies are referred to as “Cookies”.
If you want to delete any cookies that are already on your computer or to stop cookies being accepted in future you should refer to your browser manufacturer's instructions by clicking "Help" in your browser menu.
Third-party cookies for analytics purpose
In order to provide our visitors with a better service, we measure the number of page views, the number of visits, the different actions performed by visitors on our site, the geo-location of our visitors and the number of times visitors return to our site. For this purpose, we use two web analytics software tools: Analyser and Google Analytics as well as the Marketo Munchkin Cookie.
Analyzer information (AT Internet)
All of the results which are obtained are then compiled and are completely anonymous. The results provide information on the navigation and behaviour of internet users on the websites of AT Internet customers, information such as: the number of visitors, the number of visits, the number of pages viewed and other information that is necessary for the effective measurement of internet user interests. With these results it is then possible to improve the ergonomics and content of such websites.
Please visit AT Internet Data-protection chapter in order to check your access rights, right to reply and right to remove data.
Google Analytics information
This website also uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.
In case IP-anonymisation is activated on this website, your IP address will be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the whole IP address first be transferred to a Google server in the USA and truncated there. The IP-anonymisation is active on this website.
Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them with other services relating to website activity and internet usage.