Information on the processing of personal data
This page describes how this site is managed with regard to the processing of personal data of users who consult them. This information is provided in accordance with the current legislation on personal data for users who interact with the services of this site within the framework of the EU Regulation 2016/679. The information is provided only for this site and not also for other websites that may be consulted by the user through our links.
The “Controller” of the processing of personal data and Data Protection Officer
Following consultation of the site, data relating to identified or identifiable persons may be processed. The “Controller” of their processing is TRIUMPH GROUP INTERNATIONAL S.P.A. BENEFIT COMPANY: Registered office in Via Lucilio n.60 – 00136 Rome (Italy), Tax code and VAT number 04135821009, Telephone +39 06355301 firstname.lastname@example.org. The Data Protection Officer designated by the Data Controller can be contacted at the same addresses.
It is understood that the site also refers to the activities of all companies operating in the same Group and in particular the companies listed in the “Contact” section of the site. Consequently, in the event of sending requests to one of these companies, the data will be processed by that company as the data controller in order to execute the data subject’s request.
Data processing location
Processing related to web services and are handled only by technical personnel of the Office in charge of processing, or by any persons in charge of occasional maintenance operations. No data resulting from the web service is communicated or disseminated.
Purpose of processing and legal basis for processing
The personal data provided by users who perform the actions required by specific functions of the site, submit requests or intend to use services offered through the site as well as receive further specific content, are used for the sole purpose of managing the actions performed by users, responding to their requests or performing the service or provision requested and are communicated to third parties only if this is necessary for that purpose. The legal basis for these processing operations is the need to respond to the requests of the interested parties or perform activities provided for in the agreements defined with the interested parties in relation to any pre-contractual or legal contractual obligations. In case of data collection through specific forms and for further purposes, specific information is provided inherent to the processing of the data thus collected.
Types of data processed
The computer systems and software procedures used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on the site or using forms made available by the Data Controller entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information may be displayed from time to time in the pages of the site set up for particular services on request.
Optional supply of data
Apart from that specified for navigation data, the user is free to provide personal data to request the services offered by the Controller. Failure to provide them may result in the impossibility of obtaining what has been requested.
Methods of data processing and retention times
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
The data are kept for the time strictly necessary for the pursuit of the purposes indicated in this statement and will be deleted at the end of this period, unless the data must be kept for legal obligations or to enforce a right in court.
Rights of data subjects
Within the limits and under the conditions provided by law, the data controller is obliged to respond to requests from the data subject regarding personal data concerning him or her. In particular, according to current legislation:
1. The data subject has the right to obtain from the data controller confirmation as to whether or not personal data concerning him or her are being processed and, if so, to obtain access to the personal data and the following information:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, particularly if recipients in third countries or international organizations;
- when possible, the intended retention period of the personal data or, if not possible, the criteria used to determine this period;
- the existence of the data subject’s right to request from the data controller the rectification or erasure of personal data or the restriction of processing of personal data concerning him or her or to object to the processing of personal data concerning him or her
- the right to lodge a complaint with a supervisory authority;
- where the data are not collected from the data subject, all available information about their origin;
- the existence of an automated decision-making process, including profiling.
2. The data subject has the right to obtain from the data controller the rectification of inaccurate personal data concerning him/her without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, including by providing a supplementary declaration.
3. The data subject shall have the right to obtain from the data controller the erasure of personal data concerning him/her without undue delay, and the data controller shall be obliged to erase without undue delay the personal data within the limits and in the cases provided for by current legislation. The data controller shall notify each of the recipients to whom the personal data have been transmitted of any rectification or erasure or limitation of processing within the limits and in the forms provided for by current legislation.
4. The data subject has the right to obtain from the data controller the restriction of processing.
5. The data subject has the right to receive in a structured, commonly used and machine-readable format the personal data concerning him or her provided to a data controller and has the right to transmit such data to another data controller without hindrance from the data controller to whom he or she provided them.
In order to exercise the rights listed above, the data subject should make a request using the following contact points at the address listed below: requests should be addressed to the Data Controller at the following contact details or by writing to the address Via Lucilio n.60 – 00136 Rome (Italy) or by e-mail to email@example.com where the Data Protection Officer can also be contacted.