PRIVACY
POLICY FOR VISITORS OF THE WEBSITE
WITH
PRIVACY NOTICE PURSUANT TO ART. 13 OF THE EU REGULATION No.
679/2016
The
company MATECH
OF AMERICAS CORP., S. DE R.L. DE C.V.,
with registered office in San Pedro Cholula, 72760, c/Lago de Chapala
Oriente 9B, Manantiales., tax code and VAT number: MAC1611075B1, in
the person of the legal representative pro tempore, as data
controller (hereafter "Data
Controller")
of the personal data belonging to users/visitors who visit the
website www.matech.mx
,
invites you to read this notice pursuant to art. 13 of the EU Reg.
no. 679/2016 (hereinafter "GDPR")
concerning the processing of your personal data, also containing
important information regarding the management of the aforementioned
website, in compliance with the regulations in force and as better
specified below.
This
notice is solely provided for the website www.matech.mx
and not for other websites that may be consulted by the user through
links.
1.
Data being processed
The
Data Controller will process the personal identification data (by way
of a non-limiting example: name, surname, address, telephone number,
e-mail, etc. hereafter "Data")
that you voluntarily provided in order to be able to take advantage
of specific services offered by the website www.matech.mx,
in addition to those (navigation data) which can be normally accessed
by the Data Controller through computer systems and software
procedures used to operate the website. In this latter case,
reference is made to those personal data whose disclosure is implicit
in the use of Internet communication protocols. This category of data
includes ex-multis
IP addresses or domain names of the computers used by users
connecting to the website, the addresses in Uniform
Resource Identifier
(URI) of the requested resources, the time of request, the method
used while submitting the request to the server, the file size
obtained as response, the numerical code indicating the status of the
response given by the server (success, error, etc.) and other
parameters related to the operating system and the user's computer
environment.
2.
Purpose of processing
Your
data will be legally and properly processed for the purposes
described below.
A.
As
far as navigation data are concerned:
a)
to
allow the Data Controller to obtain anonymous statistical information
on the use of the website www.matech.mx
and
check its correct operation; b)
for
security reasons (antispam filters, firewall and virus detection), in
order to block attempts to damage the website or users, and in any
case in order to avoid harmful or unlawful activities; c)
to perform any other function which is necessary or serves to the
operation of the website, including the installation of technical
cookies to improve the features of the website for which reference is
made to the Cookie Policy d)
to allow the Data Controller to fulfil legal, accounting, tax,
administrative and contractual obligations related to the management
of the website and the provision of the services requested as well as
the proper management of relations with authorities, supervisory
bodies and third-party public bodies for purposes linked to specific
requests, the fulfilment of legal obligations or other procedures.
B.
As
far as data voluntarily provided by the user are concerned,
the above-mentioned category of data includes information (name,
surname, e-mail address, data included in curriculum vitae, content
acquired through forms filled in online, etc.) voluntarily provided
by the user when curriculum vitae is voluntarily sent and online
applications, through the "Contacts" section, which will be
subsequently used by the Data Controller to assess the user's
suitability in view of a potential company recruitment, by starting,
if required, the selection processes.
C.
Solely
upon your specific and explicit consent (pursuant to art. 7 of the
GDPR)
to allow the optional, explicit and voluntary sending of e-mails to
the addresses indicated on this website in the section "Contacts"
to ask for information on products, relevant documentation and
services offered by the Data Controller: this includes the further
acquisition by the latter of the sender’s address which is needed
to answer the questions and to follow up on any requests for offers;
as well as to allow the Data Controller to carry out market research
and analysis aimed at detecting the level of customer satisfaction on
quality and type of products and services supplied and on initiatives
to improve them, send
D.
Solely
upon your specific and explicit consent (pursuant to art. 7 of the
GDPR)
to allow the optional, explicit and voluntary sending of e-mails to
the addresses indicated on this website in the section in the
"newsletter" section to receive advertising material and/or
commercial communications and information and direct marketing
concerning new products offered for sale, the latest innovations and
technologies of products, new services offered by the Data Controller
or by third parties and news and promotional events. The foregoing
can occur through traditional contact systems (paper-based mail or
calls through the Sales Offices) or by e-mail.
3.
Modalities of processing
Processing
of your data is carried out through the operations mentioned in art.
4 no. 2) of the GDPR and more precisely: collection, recording,
organization, structuring, storage, adaptation or modification,
extraction, consultation, use, communication by transmission,
disclosure or any other form of supply, comparison or
interconnection, limitation, cancellation or destruction of Data.
Your
Data are subject to both paper and electronic processing.
Acquired
Data are processed, in full compliance with the laws and principles
of lawfulness, fairness, transparency, limitation and protection of
your privacy and your rights.
Processing
of Data belonging to minors is not envisaged.
4.
Data retention period
The
Data Controller retains Data in compliance with local laws and
internal company policies and procedures for the time necessary, in
any case for at least 10 years, to fulfil the aforementioned purposes
and to meet its legitimate business interests, legal obligations or
to establish, exercise or defend legal rights. Once the data
retention is no longer required for said purposes, Data will be
deleted in a secure manner. For further information on the retention
periods for documents, please refer to the abstract of Data Retention
Policy.
5.
Legal ground for processing
Processing
of the aforementioned Data is necessary to allow you to browse the
website and to follow up on your requests. Where necessary, for
specific purposes, the user's express consent will be requested (see
art. 8 and 12).
Processing
of Data for marketing purposes is permitted in relation to the free
circulation of data as provided for by the GDPR and can be translated
into activities aimed at meeting the legitimate business interests of
the Data Controller, including any commercial development activities
(by way of example marketing, customer satisfaction etc.), performed
by the latter.
6.
Communication, disclosure and access to Data
Your
Data may be made accessible for the purposes described above:
employees
and collaborators of the Data Controller in Italy and abroad, as
internal data processors and/or sub-processors/people responsible
for processing and/or system administrators;
to
other third-party companies or other entities that carry out
outsourcing activities on behalf of the Data Controller, in their
capacity as external data processors, including suppliers or
individuals appointed to perform ancillary or instrumental services
for the purposes specified above, with whom the Data Controller
concludes special agreements.
The
Data Controller also reserves the right to share personal data with
some third parties, including: IT providers for system development
purposes and technical assistance; auditors and consultants to
ascertain compliance with external and internal requirements as well
as compliance with laws; bodies and agencies responsible for the
application of laws and concerned parties pursuant to legal
obligations to reporting; any successors or business partners of the
Data Controller in case of sale, assignment or other extraordinary
transactions; police, armed forces and other public administrations
for the fulfilment of obligations set by laws, regulations or by
European legislation.
Should
said parties be located in extra-EU countries, the Data Controller
ensures that extra-EU data transfer will take place in accordance
with the applicable legal provisions.
7.
Data Transfer
Data
will be stored on servers located within the European Union. In any
case, it is understood that the Data Controller has the right to
transfer Data also to other extra-EU areas, if needed; in this case,
the Data Controller hereby ensures that the extra-EU data transfer
will take place in accordance with the applicable legal provisions.
The
Data Controller shall apply all the necessary protections to the
aforementioned transfers pursuant to the legislation on privacy in
force.
8.
Type of Data provision and consequences of failure to provide Data
Provision
of Data for the purposes referred to in art. 2 "A."
is mandatory for visiting and surfing the website www.matech.mx
Provision
of Data for the purposes referred to in art. 2 "B."
is also mandatory. Should they be missing we cannot ensure the
receipt of applications sent with their subsequent assessment.
Provision
of data for the purposes referred to in article 2 "C."
and 2 “D.” is optional. You may decide not to provide any data or
to subsequently revoke the processing of data already provided: in
this case, you cannot receive the requested information, commercial
communications and advertising material concerning the services
offered by the Data Controller.
9.
Rights of the Data subject
As
Data subject, you have the rights set forth in articles 13, paragraph
2, letters b), c) and d), 15, 16, 17, 18, 19 and 21 of the GDPR and
precisely the rights to:
receive
confirmation of the existence or absence of Data concerning you,
even if not yet registered, and their communication in an
intelligible form;
to
receive information on: a) the origin of Data; b) the purposes and
methods of processing; c) the logic applied in case of processing
performed with the aid of electronic devices; d) the identification
details of the Data Controller, Data Protection Officer, data
processors and the designated representative pursuant to art. 3,
paragraph 1, of the GDPR; e) the subjects or categories of subjects
to whom Data may be disclosed or who may become aware of them as
designated representative in the territory of the State and as
processors;
to
obtain: a) the updating, correction or, when they are interested,
integration of the Data; b) the cancellation, transformation into
anonymous form, or blocking of data processed in violation of law,
including those that need not be retained for the purposes for which
the data were collected or subsequently processed. c) certification
that the parties to which the data have been transferred or
disseminated have been notified of the operations specified in
points a) and b), also regarding their content, except for the case
where notification proves impossible or requires the use of means
clearly disproportionate to the right being protected.
to
object, in whole or in part: a) for legitimate reasons to the
processing of data concerning you, even if linked to the purpose of
collection; b) the processing of data concerning you for sending
advertising material or for direct sales or for market researches or
commercial communication, through the use of automated call systems
without the intervention of an operator through e-mail and/or
traditional marketing methods by phone and/or paper-based mail. It
should be noted that the right to object, which the Data subject is
entitled to, as set out in point b) above, for direct marketing
purposes through automated methods also applies to the traditional
ones and that in any case the Data subject is free to exercise even
partially the right to object. Therefore, the Data subject may
decide to receive communications through traditional methods or
automated communications only or none of the two types of
communication;
where
applicable, the Data subject also has the rights referred to in
articles 16 - 21 of the GDPR (Right to correction, right to be
forgotten, right to processing limitation, right to data
portability, right to object), as well as the right to file a
complaint to the Competent Authority;
to
revoke any consent given at any time.
10.
How to exercise rights
You
may exercise your rights or submit a request at any time by sending:
a registered letter with notification of receipt to MATECH
OF AMERICAS CORP., S. DE R.L. DE C.V.
- with registered office in Manantiales, c/Lago de Chapala Oriente 9B
(ZIP code 72760) - or an e-mail to: info@matech.mx.
11.
Data Controller, Data Protection Officers, Data Processors
The
Data Controller is MATECH
OF AMERICAS CORP., S. DE R.L. DE C.V.
- with registered office in Manantiales, c/Lago de Chapala Oriente 9B
(ZIP code 72760), tax code and VAT number: MAC1611075B1, in the
person of the legal representative pro tempore.