Privacy & Cookies

Privacy Policy
SIFI S.p.A. protects users accessing the company’s website, guaranteeing that the processing of their personal data – whether manually or automatically – is fully compliant with the protection afforded by European regulation (EU) 2016/679 and by Italian Legislative Decree 101/2018, which implements said Regulation into domestic law.
This Privacy Policy sets out the terms on which the personal data of Users of this website shall be processed and is not relevant for the purposes of other websites accessed via links.

Data Controller and Data Protection Officer
The Data Controller is SIFI S.p.A. (hereinafter SIFI), having tax code 00122890874, with registered offices in Aci Sant’Antonio (CT), Via Ercole Patti 36, represented by their pro-tempore legal representative.
The Data Controller may be contacted via certified e-mail at sifispa@pec.sifigroup.com or via e-mail address privacy@sifigroup.com.
The Data Protection Officer (hereinafter DPO) is DGN CONSULTING s.r.l., which may be contacted at dpo@sifigroup.com.

Type of data processed and purposes of processing
Browsing the website www.sifigroup.com is anonymous apart from areas of the website that require the authentication of a user. The IT systems and software procedures used to make this website function acquire certain personal data as part of their normal functioning, which is transmitted implicitly as part of internet communication protocols. Information is not collected in order to be associated with identified interests but via its elaboration and in association with data held by third-parties, could allow for the identification of a user.
This category of data includes IP addresses, the domain names of Users’ PCs, the resources requested, the time of each request, the means used to send the request t the server, the size of the file obtained in reply, the code indicating the status for the reply given by the server (completed, error, etc.) and other parameters relating to the operating system and each User’s IT environment. The data might be used to obtain anonymous statistical information regarding the use of the website and to check it is functioning correctly.   

Data provided voluntarily by Users
Voluntarily, expressly and freely e-mailing the e-mail addresses indicated on this website shall mean the sender’s e-mail address shall be acquired, which is required to respond to requests, as well as other personal data included by the User. The provision of such data is mandatory in certain sections of the website so the User can use services and/or interact with SIFI S.p.A.
In this case the data provided shall only be processed if a User grants their express consent.
In any event, the Data Controller may process – even without your express consent – your Personal Data in order to comply with obligations provided for by law, regulations and/or European law and regulations and in all cases provided for by Articles 6 and 9 of European Regulation 679/2016, as implemented into Italian law via Legislative Decree 196/2003, as amended by Legislative Decree 101/2018, to the extent applicable.

Means of processing
Your personal data may be processed using hard and/or soft copies thereof, using the means strictly required to achieve the purposes set out above.

Transfer and exportation of data
We hereby inform you that in general your data shall not be transmitted to third parties.
However, if it is necessary in order to achieve the purposes described above in respect of data provided voluntarily, your personal data may be communicated to third-parties affiliated with SIFI, including outside the European Economic Area (EEA), where the data protection laws may afford a lower level of protection than those in the EEA.
A detailed and updated list of those third-party recipients is available at the offices of the Data Controller in Lavinaio – Aci S. Antonio (CT) 95020, Via Ercole Patti, 36

Data retention period
Data that is registered as part of anonymous browsing sessions shall not be retained on our server however it shall be managed by the service Google Analytics in an aggregate form. Data may be used for ascertaining liability in the event of a hypothetical cyber crime damaging the website.
Personal data that is processed on a consent-basis that you have expressly granted, shall be retained until the revocation of said consent and in any case, for the period of time strictly required for the purposes for which such data was collected, provided that it is not necessary to retain them for longer to defend or to enforce a right or to comply with further law obligations or orders issued by competent authorities.

Data subject rights
All data subjects located in the European Union, on the relevant terms and conditions, are granted the following rights:

(a) Access to data: a data subject may access their data and ask which data is undergoing processing and to receive details of the use of their data and the personal information and to obtain a copy thereof.
(b) Rectification: a data subject may ask for the rectification, correction and/or the updating of their data provided to this company.
(c) Erasure: a data subject may request the erasure of their data in our possession.
(d) Revocation of consent: a data subject may revoke their consent to personal data processing at any time, without impacting the lawfulness of data processing conducted prior to that revocation.
(e) Restrictions on processing: a data subject may restrict the way data is used in all cases provided for by law.
(f) Portability: a data subject may request that their data is transmitted to another data controller, and to receive a structured and easily consultable copy of it.
(g) Lodge a complaint: a data subject may lodge a complaint in relation to the processing of their personal data with the competent Data Protection Authority.
(h) Opposition action: a data subject may file an opposition at any time for reasons relating to a specific situation, concerning the processing of their personal data, save for cases where the lawful interests of the Controller prevail.

 Automated decision making
SIFI does not use software that generates decisions based solely on automated processing, hence no legal effects are produced that concern you or could have a significant effect on you.
In the event of decisions made based only on automated processing, you shall have the right to be informed thereof and not to be subject to said processing if it produces legal effects that concern you or have a significant effect on you.

PRIVACY STATEMENT RELATING TO COOKIES
Cookies are small text files stored locally in a temporary folder in your browser for variable periods of time depending on what they are required for, usually ranging from a few hours up to a number of years except for profiling cookies, which can be stored for up to a maximum of 365 calendar days.
Cookies make it possible to retain semi-permanent information regarding your browser preferences and other technical data that facilitates browsing sessions, making them easier and also more effective for each website.

TYPES OF COOKIES

There are two types of cookies:
First-party cookies: installed by the website owner or administrator. The responsibility and the management of cookies lies directly with the Data Controller.
Third-party cookies: installed by administrators not from the website directly. The responsibility and the management of cookies lies with the respective owners and administrators, which have to offer adequate means of refusal in their privacy statements.

This website uses the following types of cookies:
Technical, session and analytic cookies
These cookies are required for the correct function of the website and make it possible to manage access the site, register configuration preferences and/or activate the necessary plug-ins for viewing certain types of content. Technical cookies include cookies used for statistical and service analytics, insofar as they are configured to collect aggregate and anonymous data.

Traffic and service analysis cookies
These cookies make it possible to know how visitors are using a website, the content they are accessing and the geographical region where they are based, in order to assess and to improve the functioning of the website. These cookies require user consent and user refusal may be communicated directly to the respective administrators.

Profiling cookies for marketing and advertising purposes
These are cookies used to provide advertising content within a website or an application. These cookies are used for example, to track the positioning of adverts and to assess whether users have already viewed the advertising message, but also to track a user’s browsing session in order to create a profile and present them with targeted advertising based on their personal interest and socio-demographic characteristics.

Widgets and other tools for connecting with websites and external functions
These are cookies, often associated with graphics for websites such as action buttons or a logo (for example the “I like” button on Facebook), that are used to integrate functions of other websites with the webpage where a user is browsing. These cookies are the responsibility of the respective administrators and it is possible to object to their use directly on the privacy information web pages of the respective administrators.

Tracking pixels and web beacons
This is a script and/or images that do not interfere with the aesthetics of a website; they just allow a third party to track traffic flows. For example, advertising messages are used to measure autonomously the progress of an advertising campaign and to directly collect information that would otherwise not be available. These cookies also require user content and refusal is possible by following the instructions provided by the respective administrators in their respective privacy statements.

Usage tools
These are functions scripted in application code that allow website administrators to analyse how users are interacting with content and functions in order to assess how easy the use thereof is, the quality of designs, and to plan upgrades properly. These scripts are configured so they do not capture data typed by users, which could impact their privacy, and require express user consent. The refusal to grant consent, when present in this website’s pages, is managed directly by the Data Controller.

Which cookies does this website use?
Technical and aggregate statistics cookies
This website uses cookies to save User browser sessions and to carry out other activities that are strictly necessary for the proper functioning of the website.

Other cookies and third-party tools that might be used
Some of the services listed below collect data in an aggregated format and do not necessarily require User consent, and might be managed directly by the Data Controller, according to the relevant description, without the use of third parties.
If the tools listed hereunder include services managed by third-parties – in addition to the information provided and unbeknownst to the Data Controller – said third-parties could conduct tracking on users. The services contained in this section allow the Data Controller to monitor and analyse traffic flow data and make it possible to track User browser sessions.
For more detailed information, please consult the privacy policy for each of the services listed.

Google Analytics (Google Inc.)
Google Analytics is web analysis service powered by Google Inc. (“Google”). Google use Personal Data collected for the purpose of tracking and examining the usage of our website, creating reports and sharing them with other services developed by Google.
Google could use Personal Data to contextualise and personalise adverts on its advertising network.
Personal data collected: Cookies and usage data.
Place of processing: USA

Interaction with social networks and external platforms
These services make it possible to interact with social networks and other external platforms directly from our website. The interaction data and the information acquired by this Application are in any event subject to each User’s privacy settings for each social network. In the event an interaction service with social media is present, it is possible that even if Users do not use that service, that it will collect traffic data for the web pages where it is installed.

ShareThis (ShareThis Inc.)
ShareThis is a social media tool for sharing online content. In addition to the service of directly sharing user content, the technology makes it possible to collect information on browser sessions and sharing behaviour. The ShareThis service identifies users personally only if they are registered with the ShareThis service, so have a ShareThis account and once users have granted their express consent.
Personal data collected: Cookies and usage data.
Place of processing: USA

I Like button and social media widgets for Facebook (Facebook, Inc.)
The “I Like” button and social media widgets for Facebook are services that interact with Facebook, powered by Facebook, Inc.
Personal data collected: Cookies and usage data.
Place of processing: USA

Socia media widgets for Twitter (Facebook, Inc.)
Social media widgets for Twitter provide interaction services with Twitter, provided by Twitter, Inc.
Personal data collected: Cookies and usage data.
Place of processing: USA

Visualisation of external platform content
These services make it possible to view content hosted on external platforms directly via our website and to integrate with them. If this kind of service is installed, even if Users do not use the service, it is possible that it collects traffic data relating to the webpage where it is installed.

Google Fonts (Google Inc.)
Google Fonts is a service that provides fonts for web pages powered by Google Inc., which allows this Application to integrate with other content within its pages.
Personal data collected: Cookies and usage data.
Place of processing: USA

Google Maps Widget (Google Inc.)
Google Maps is a maps service powered by Google Inc., which allows this Application to integrate with other content within its pages.
Personal data collected: Cookies and usage data.
Place of processing: USA

How can I control the installation of cookies?
In addition to the information provided with this document, Users can manage their preferences for cookies directly within their browsers, preventing the installation by third parties. By using your browser settings, it is possible to erase cookies that were previously installed, including cookies where consent to cookie installation by this website was granted.   Note that blocking cookies will impact the functioning of the website.
In the event of third-party services, Users may exercise their right to object to tracking by following the instructions set out in the third-party’s privacy statement.
Users may use Your Online Choices or choose on the banner [cookies_revoke] to manage the tracking of preferences by the majority of advertising systems. Moreover, the Data Controller recommends Users to rely on this resource in addition to the information provided in this document.

Data Controller
The Data Controller for processing is SIFI S.p.A. (hereinafter “SIFI”), having tax code 00122890874, with registered offices in Aci Sant’Antonio (CT), Via Ercole Patti 36, represented by their pro-tempore legal representative. The Data Controller may be contacted via certified e-mail at sifispa@pec.sifigroup.com or privacy@sifigroup.com.

The Data Protection Officer (hereinafter “DPO”) is DGN CONSULTING s.r.l., which may be contacted at dpo@sifigroup.com.

Given that the installation of cookies and other tracing systems by third parties via the services used through this Application cannot be technically controlled by the Data Controller, all specific references to cookies and tracing systems installed by third parties is understood to be indicative. In order to receive comprehensive information in said respect, please consult the privacy policy for third-party services listed in this document.
In view of the objective complexity in identifying the underlying technology of cookies and their strong integration in the functioning of the website, Users are invited to contact the Data Controller if they wish to receive clarification relating to the use of cookies used, such as by way of example, third-party cookies used on this website.

Legislative framework
Users are informed: this privacy statement has been drafted in full compliance with the obligations provided for by Article 10 of Directive 95/46/EC, as well as the provisions set out under Directive 2002/58/CE, as amended by Directive 2009/136/CE, relating to cookies.

This privacy statement exclusively concerns this Application.