1. Data Controller
The Data Controller is IMS TECHNOLOGIES, based in Calcinate (BG),
2. Modalities of data processing
Personal data are processed mainly with electronic, computerized and automated means, for the period of time which is strictly necessary to seek the purposes for which it was collected.
IMS TECHNOLOGIES processes personal data in compliance with the law, adopting adequate security measures able to prevent non-authorized accesses, dissemination, non-authorized alteration or destruction of the data.
3. Purposes of data processing
Users’ personal data will be processed by IMS TECHNOLOGIES exclusively for the following purposes:
a. Response to communications or requests received from the User. By completing the relevant form in the section “Contact” of the Site with personal data concerning him/her, such as, first name, country and phone, message and any attachments (optional), salutation, last name email address and company (mandatory), the User may send to IMS TECHNOLOGIES any communications or requests (e.g. in relation to services and products of the Company). In this regard, the User’s personal data will be processed by the Company to take charge, manage correctly and respond to the User’s request or communication. The legal basis of processing is the performance of services expressly requested by the User and the refusal to provide the same data will cause the impossibility to obtain the service requested.
b. Subscription to IMS TECHNOLOGIES’s newsletter. With the previous consent of the User, IMS TECHNOLOGIES will periodically send newsletters about its services. To receive newsletters, the Company requires a valid email address. For this reason, the latter will review the email address provided by the User. When subscribing to newsletter, the Company will store the IP address as well as the date and time the User subscribed. This serves to protect IMS TECHNOLOGIES in the event a third party improperly makes use of User’s email address to subscribe to Company’s newsletter. The data thereby collected is used solely for the purpose of receiving our newsletter and no data is transferred to third parties.
User may cancel the subscription to the newsletter at any time. In this regard, the latter will find additional details in the email confirming the subscription as well as in each newsletter.
The purposes above will be carried out with automated and non-automated means (e.g. email, sms, ordinary mail, etc.). In order to carry out such activities it is necessary to acquire the consent from the User, that will be required upon registration and may be always revoked, also partially; for example, the communications sent by email will give the User the possibility to refuse further sending.
Thus, the legal basis of the processing is the voluntary consent of the User, and the refusal to provide the same will only prevent the latter from receiving newsletter, of course not affecting the possibility of using other services and functionalities of the Site.
c. Legitimate interests pursued by the Company and/or by third parties. User’s personal data may also be used for the exercise of the rights and legitimate interests of IMS TECHNOLOGIES and/or third parties, for example the right to take legal proceedings for enforcing its rights, the handling of complaints and litigation, the recovery of debts, the prevention of fraud and/or illegal activities. In these cases, even if the provision of User’s personal data is not mandatory, it is however necessary as such data are strictly connected and instrumental to the pursuit of such legitimate interests, deserving of protection and not prevailing over the User’s rights and freedoms, and any refusal to provide them will cause the impossibility to provide the requested services (e.g. contacting the Company or sending online job application).
d. Fulfilment of legal obligations and/or applicable provisions. IMS TECHNOLOGIES may also process personal data provided by the User or otherwise collected during the interaction of the latter with the Site, for the fulfilment of legal obligations, regulations, national and European regulations as well as any order given by competent authorities, which represent the legal basis of processing, therefore the prior consent of the User is not necessary.
4. Personal data undergoing processing
IMS TECHNOLOGIES receives and collects, through the Site, information related to the User visiting its pages and using the services offered by the Site. In particular, IMS TECHNOLOGIES will collect and process the following information.
4.1 Web-browsing data
When the User browses through the Site, the latter collects certain information such as the pages visited, the links and/or buttons clicked by the User, the date and hour of the access, the User’s IP address, the browser used the operative system used (so called “web-browsing data”). Said data, for their nature, in certain cases could allow to identify the User, also by means of elaborations and connections with third party data. However, IMS TECHNOLOGIES uses said data exclusively to obtain statistical and anonymous information about the use of the Site, for purposes strictly related to the control of its correct running. The data may also be used for the ascertainment of liabilities in case of IT crimes in damage of the Site.
4.2 Data voluntarily provided by the User
IMS TECHNOLOGIES will only collect information voluntarily provided by the User in relation to the purposes as for paragraph 4 above as well as for the services expressly required by the latter. Furthermore, the Company may collect and process additional personal data, where such data are provided voluntarily by the User within the scope of the services offered by the Site, for example in the case where the User contact the Company for notifying any bad services or malfunctions, for exercising data subject’s rights in relation to the processing of personal data, etc. These personal data will be processed by IMS TECHNOLOGIES only for purposes strictly related to the User’s request. The refusal to provide the same data will cause the impossibility to obtain the service requested.
A cookie is a little file which a website sends to the browser and saves on the User’s computer when visiting a website. Cookies are used in order to allow or enhance the running of the website, but also to gain information on the Site or on the User’s web-browsing activities.
a. Technical cookies
These cookies are essential to allow the User to browse on the Site and use its functionalities and are necessary to the correct working of the Site and to record the choices expressed by the User (e.g. username, language, etc.), to distribute requests on different servers, to record when the User gives his/her authorization or expresses the consent to specific options (e.g. newsletters), to allow the User to visualize contents and video through Adobe Flash Player. These cookies will expire after the session and do not require the User’s consent.
b. First Party performance and Analytics Cookies
These cookies may be session or persistent cookies, and their use is limited to the performance and enhancement of the Site. They collect information concerning how a User uses the Site, such as the pages visited. In addition, analytics cookies may recognize, measure and track the visitors of the Site, allowing us to improve and enhance the Site, by way of an example by ascertaining if the User easily finds the searched information, or by identifying the aspects of the Site are more interesting. Said cookies are used by IMS TECHNOLOGIES to elaborate statistical analysis on the ways User browse through the Site, on the number of pages visited or of clicks made on a page during the browsing.
c. First party targeting and profiling cookies
These cookies are used in relation to the contents visualized and the use of the Site by the User. This allows the Site to record and register the preferences showed by each User for the following visits, analysing the User’s behaviour on the Site and personalizing specific contents of the Site depending on the single User, in order to develop the contents and send advertising messages in line with the preferences showed by the User during the browsing of the Site. This category of cookies may be also used in order to limit the number of visualization of specific advertising, and to measure the effects of a specific advertising campaign.
The Company may also insert web beacons (GIFT or web bugs) in web pages and emails in order to verify the clicks on the links or images contained there and the opening of the emails of newsletters. Such information are collected in order to calculate the number of Users which have visited the pages of the Site or clicked the content of the newsletters, allowing the Company not only to obtain statistical information, but also to identify the features and contents preferred by each User, in order to send personalized information.
How to disable cookies on the browser
- Microsoft Internet Explorer: Click “Tools” in the top right corner and select “Internet settings”. In the pop-up select “Privacy”: here the User may change the cookies settings.
- Google Chrome: Click the “wrench” in the top right corner and select “Settings”. Then select “Show advanced settings” and change the “Privacy” settings.
- Mozilla Firefox: In the top left menu select “Settings”. In the pop-up window select “Privacy”: here the User may change the cookies settings.
- Safari: In the top right menu select “Preferences”. Then select “Security” and change the cookies settings.
Please be aware that by disabling all the cookies on the Site, certain functionalities of the latter may not be available.
Further information on cookies
The website www.allaboutcookies.org contains the instructions for the management of cookies of the most used browsers; alternatively, it is possible to consult the documentation related to the software used on the device.
6. Communication of data to third parties
Personal data provided by the User and those collected by the Site in the providing of the services (e.g. IP address) will not be disseminated and may be communicated, also abroad in Countries outside the EU exclusively for the purposes and with the modalities above, to the following categories of entities:
- collaborators, consultants, professionals, companies of the Group providing to IMS TECHNOLOGIES technical or organizational services (e.g. IT service providers), or collaborating with IMS TECHNOLOGIES, for the correct providing and execution of its services;
- persons, companies, professionals providing assistance and advice to IMS TECHNOLOGIES, with particular but not exclusive reference to accounting, administrative, legal, tax and financial matters;
- companies of the Group, for the purposes illustrated in previous par. 4, when required by law with the consent from the User;
- subjects and entities legitimated to access the data by law provisions or authorities’ order.
The subjects and entities indicated above will process the data in their quality as autonomous data controllers pursuant to applicable law or as data processors, in this case regularly appointed by the Company. To know the list of Countries outside the EU to which the Personal Data may be communicated, please click here.
In particular, in case of communication of data to subjects established in non-EU countries, IMS TECHNOLOGIES adopts the measures provided for by the GDPR to legitimize the transfer of data to third countries. For further details about the data transfer to non-EU countries please please write to email@example.com.
7. Data retention
Personal data are processed for the time necessary to provide the services requested by the User and for the performance of related and instrumental activities and will be retained according to the limitation periods provided for by applicable provisions or for enforcing Company’s rights, both in judicial proceeding and in the pre-litigation stage.
At the end of this period, data will be stored anonymously for analysis and statistical purposes.
8. Contacts and Users’ rights
The User, as data subject (i.e. the natural person whose data is processed), can exercise the specific rights as for Articles 15 to 21 of the GDPR.
In particular, the User has the right to:
Obtain the confirmation as to whether or not personal data concerning him/her are being processed and, where that is the case, access to the information concerning the personal data processing (e.g. purposes, categories of personal data processed, recipients or categories of recipient, the data retention period, etc.);
Obtain the rectification of inaccurate or incomplete personal data concerning him/her;
Obtain the restriction of processing (e.g. in case of the accuracy of personal data is contested; the processing is unlawful and the User opposes the erasure of the personal data; personal data are required by the User for the establishment, exercise or defence of legal claims, even if the Company no longer needs the same data; the User has objected to processing, pending the verification by the Company on the legitimate grounds).
Receive personal data concerning him/her in a structured, commonly used and machine-readable (e.g. pdf) format and to transmit those data to another data controller or to have personal data transmitted directly from one controller to another where technically feasible (i.e. data portability).
Furthermore, the User has the right to object, in whole or in part and on legitimate grounds, to the processing of personal data concerning him/her.
Lastly, the User has the right to lodge a complaint to the Data Protection Authority in relation to processing of data referred to in this Policy.
For the exercise of the abovementioned rights, the User may contact the Data Protection Officer indicated in previous paragraph 2.
The rights listed above may be exercised by writing to firstname.lastname@example.org.
In case the amendments are particularly meaningful, the Company may communicate them to the User by means of a different channel (e.g. by sending an email).
Extra EU Countries
The agencies based in the following countries below are legitimate to receive the data because the transfer is necesary for the implementation of pre-contractual measures taken at the data subject’s request (art. 49 of the GDPR).
- Bahrain, Kuwait, Oman, Qatar, UAE
- Belarus, Kazakhstan, Russia, Uzbekistan
- Canada, United States (For Goebel also Mexico)
- Saudi Arabia
- South Korea