Galileo

Privacy Policy

PRIVACY POLICY

REGULATORY REFERENCES

– Directive 2002/58/EC – on the “processing of personal data and the protection of privacy in the electronic communications sector” (“e-Privacy Directive”).

– Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”).

Hereinafter, together with the e-Privacy Directive and the GDPR, the “Applicable Legislation”.

This document has been prepared pursuant to Article 13 GDPR to enable you to learn about the privacy policy, to understand how your personal information is handled when you use www.galileogreenenergy.com (the “Site”).

THE DATA CONTROLLER

Galileo Green Energy GmbH Usteristrasse 12, CH 8001 Zürich

Email address of the Controller: [email protected]

Registered in the Company Register of Zurich

VAT number CH-020.4.069.175-2

 

PERSONAL DATA PROCESSED, PURPOSES AND LEGAL BASIS OF THE PROCESSING

During your browsing within the Site, personal data are processed. Personal data may consist of an identifier such as your name, an identification number, an online identifier or one or more characteristic elements of your identity capable of making you identified or identifiable (hereinafter only “Personal Data”). The Personal Data processed through the Site are the following:

Navigation data

The computer systems and software procedures used to operate this Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes IP addresses or domain names of the computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment.

These data, necessary for the use of web services, are also processed for the purpose of:

– obtaining statistical information on the use of the services (most visited pages, number of visitors per time slot or day, geographical areas of origin, etc.);

– checking the correct functioning of the services offered.

Browsing data are not stored for more than seven days (except for any need to ascertain crimes by the Judicial Authority). The possible and limited processing of Personal Data collected for the pursuit of such purposes is necessary for the pursuit of the legitimate interest of the Data Controller (Art. 6 par. 1 letter f) of GDPR).

Data provided voluntarily by the user

The optional, explicit and voluntary sending of messages to the addresses of the Data Controller, as well as the forwarding of the forms and the filling in of the contact forms on the Site, involve the acquisition of all Personal Data included in the communications.

The processing of such Personal Data is necessary in order to be able to respond to requests and messages via the data subject’s form, therefore the legal basis is to execute any contract to which the data subject is a party or to carry out pre-contractual measures adopted at the request of the data subject (Art. 6 par.1 letter b) of GDPR).

Specific information will be published on the pages of the Site prepared for the provision of certain services.

Anonymous or aggregated data

Anonymisation is a processing operation whose purpose is to prevent the identification of the data subject. Data rendered anonymous do not fall within the scope of data protection legislation. Aggregated data may derive from Personal Data provided by the user but are not considered Personal Data since, as specified, they do not allow either directly or indirectly the identification of the data subject.

COOKIES

For information on the Cookies used by the Site, please refer to the dedicated Cookie Policy

OPTIONALITY OF DATA CONFERMENT

Apart from what has been specified for navigation data, the user is free to provide his Personal Data. However, failure to provide them may make it impossible to obtain what has been requested.

METHODS OF TREATMENT AND DATA RETENTION

Personal Data are processed, also with the aid of automated tools. Specific security measures are observed to prevent the loss of data, unlawful or incorrect use and unauthorized access. The Data Controller has adopted all the minimum-security measures required by law and, taking inspiration from the main international standards, has also adopted additional security measures to minimise the risks relating to the confidentiality, availability and integrity of the personal data collected and processed.

Data processing connected to web services is carried out only by personnel expressly authorized by the Data Controller.

The Personal Data collected will be kept exclusively for the time necessary to fulfil the individual purposes indicated in this privacy policy or in the specific summary information displayed on the pages of the site and prepared for particular services.

DATA SHARING, COMMUNICATION AND DISSEMINATION

The Personal Data collected may be transferred or communicated:

  1. a) to companies in the Data Controller’s group in order to be able to respond to and follow up information and requests from data subjects;
  2. b) to personnel expressly authorised by the Data Controller to process the Personal Data necessary to carry out activities strictly related to the service requested, who have committed themselves to confidentiality or have an adequate legal obligation of confidentiality;
  3. c) to any third party suppliers and other companies that perform support activities for the provision, management of the computer system and operation of the Site, which have been designated as Data Processors pursuant to Article 28 of the GDPR and receive adequate operating instructions in this regard;
  4. d) to comply with requests by the Judicial or Public Security Authorities.

TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

Some of the user’s Personal Data may be transferred to Recipients who are  established outside the European Economic Area. Should this be the case, the Data Controller declares and guarantees to comply with the provisions of Articles 44 et seq. of the GDPR.

FURTHER INFORMATION ON DATA PROCESSING AND EXERCISE OF RIGHTS

For further information on the processing of Personal Data as well as to obtain, in the cases provided for by GDPR, access to their personal data and the rectification or cancellation of the same or the limitation of the processing that concerns them or to oppose the processing (Articles 15 et seq. of GDPR), any data subject may contact the Data Controller by sending an e-mail to [email protected].energy

RIGHT OF COMPLAINT

Data subjects who believe that the processing of their Personal Data carried out through this Site is in violation of the provisions of the GDPR have the right to lodge a complaint with the Data Protection Authority, as provided for in art. 77 of the GDPR itself, or to take appropriate legal action (art. 79 of the GDPR).

CHANGES TO THESE PRIVACY POLICIES

The Data Controller periodically checks its privacy and security policy and, if necessary, reserves the right to modify or update its content, also due to changes in Applicable Legislation, organizational changes or changes dictated by technological evolution. In case of policy changes, the new version will be published on this page of the Site. Therefore, the Data Controller invites the data subjects to view this page regularly in order to familiarize with the most recent and up-to-date version of the privacy policy, this way the data subjects will always be adequately informed about the data gathered and how they are used.