Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA

EX ART. 13– REG. EU 2016/679

Dear User,
We wish to inform you about the methods and purposes of processing the personal data of those who interact with the site. https://www.hevolus.com

in accordance with the provisions of Article 13 of Regulation (EU) 2016/679.
This information does not apply to other websites that may be accessed via links on the owner's domain. The owner is in no way responsible for third-party websites.

HOLDER OF THE TREATMENT
The Data Controller is Hevolus srl, with registered office in Via G. Agnelli, 31 – Zona ASI – 70056 Molfetta (Bari), VAT number: 05612750728, tel.: +39 080 9648300, E-mail: info@hevolus.it; PEC: pec@pec.hevolus.it, in the person of the legal representative pro tempore

PURPOSE OF THE PROCESSING – LEGAL BASIS OF THE PROCESSING – NATURE OF THE PROVISION
We will process your personal data only if we have a legal basis to do so. The legal basis will depend on the reasons for which we collected and need to use your personal data.
For the purposes expressed in this policy, the following common personal data will generally be processed, in compliance with the lawfulness of art. 6 of EU Regulation 2016/679:

  • personal data (e.g. name, surname, address, tax code, company name);

  • contact information (e.g. telephone numbers, email address);

  • navigation data (e.g. IP addresses, domain names of computers used by users connecting to the site).

This data will be processed for the purpose of:

  • Allow navigation on this website and the technical management of connections to it.

The computer systems used to operate the websites acquire, during their normal operation and solely for the duration of the connection, certain personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes, for example: IP addresses or the names of the computers used by users who connect to the websites, the URI (Uniform Resource Identifier) ​​addresses of requested resources, the characteristics of the browser used for navigation, the screen resolution on which the browser is running on the device used, and other parameters relating to the user's operating system and IT environment. This data is used solely to obtain anonymous statistical information on the use of the websites and to verify their correct functioning, and is deleted immediately after processing. The data may be used to ascertain liability in the event of hypothetical cybercrimes against the sites. The data requested for the purposes indicated is necessary to enable navigation on the site.
Legal basis for processing:
Processing is necessary for the pursuit of the legitimate interests pursued by the data controller pursuant to art. 6, paragraph 1, letter f) of EU Regulation 2016/679.

  • Follow up on requests for information or contact and other types of requests made by customers/users regarding the services offered by the Data Controller.

Voluntarily sending emails to the email addresses listed on the above-mentioned websites or completing the specific contact form published to respond to requests submitted by users regarding the services offered by the data controller entails the subsequent acquisition of the sender's email address, first name, and last name, as necessary to process the requests, as well as any other personal data entered. This also applies to managing complaints submitted by users and responding to them.
The data requested for the purposes indicated is necessary to process the data subject's requests. Failure to provide this data will only make it impossible to send and/or receive and/or respond to the data subject's requests.
Legal basis for processing:
Processing is necessary for the performance of a contract to which the data subject is party, pursuant to Art. 6, paragraph 1, letter b) of EU Regulation 2016/679, and is in the legitimate interest of the Data Controller pursuant to Art. 6, paragraph 1, letter f) of the same Regulation.

DATA PROCESSING METHODS
The processing will be carried out using IT and electronic means in compliance with applicable laws and the principles of fairness, lawfulness, transparency, relevance, completeness and non-excessiveness, and accuracy. The processing and organizational methods will be strictly related to the purposes pursued and, in any case, will ensure the security, integrity, and confidentiality of the processed data, in compliance with the organizational, physical, and logical measures required by applicable law.

DATA RECIPIENTS OR CATEGORIES OF RECIPIENTS
To achieve the purposes described, or if this is essential or required by law or by authorities with the power to enforce it, the Data Controller reserves the right to communicate the data to recipients belonging to the following categories:

  • entities that provide services for the management of the information system used by the Data Controller and the telecommunications networks, including email and website management;

  • the data may also be disclosed, in relation to the performance of assigned tasks, to the Data Controller's personnel, including workers and consultants, all specifically authorised to process them;

  • Public bodies or public safety authorities in compliance with legal obligations.

 
STORAGE TIMES
The data collected is used exclusively for some of the purposes listed above and retained for the time strictly necessary to carry out our activities. We will not retain the data for longer than is necessary to fulfill the purpose for which it was processed. To determine the appropriate retention period, we consider the quantity, nature, and sensitivity of the personal data, the purposes for which we process it, and whether we can achieve those purposes through other means.
In compliance with the provisions of Article 5, paragraph 1, letter e) of EU Regulation 2016/679, the personal data collected will be retained in a form that permits identification of data subjects for a period of time no longer than is necessary for the purposes for which the personal data are processed. The retention of the personal data provided depends on the purpose of the processing:

  • for contact and information requests, maximum 1 year;

  • tax obligations, up to 10 years.

After this period, the data will be deleted or transformed into anonymous form, unless their further retention is necessary to fulfill subsequent contractual obligations, legal obligations, or to comply with orders issued by Public Authorities.

USE OF SOCIAL NETWORKS
From the website it is possible to connect to the company pages on social networks, through the respective icons (Facebook).
As is well known, social networks independently manage their own privacy for those who browse, post, and communicate through them, being in this case the primary data controllers.
Users are therefore invited to visit the following link for further information:

However, when the user is on social media pages managed by Hevolus srl and communicates, in various ways, their personal data (e.g., through a private message, commenting on a post, or leaving a review), or when the social networks provide some statistics on the use of the pages in a non-anonymous manner (and therefore linked to the activity carried out on the page by the specific person), Hevolus srl becomes the Data Controller.
The data processing is performed exclusively for the ordinary management of the pages and to verify the content posted by users (e.g., if a comment insulting other users is posted). Hevolus srl may decide to remove it from the page if it is unlawful, and to respond to user inquiries (both public and private) regarding the features of the company's services.
In this case, the legal basis for the processing is Hevolus srl's legitimate interest in offering and illustrating its services and features to the user, as well as the need to respond to any possible questions the user may have.
The processing of the user's personal data will take place using the tools made available by the Social Networks themselves.
During this simple contact phase, Hevolus srl will not sell or share your personal data with other parties. You are always free to decide when to unlike, delete a comment, review, etc., simply by returning to the relevant social network page and deleting it directly.
Private messages are retained for up to 6 months after the last contact, after which they are deleted.
The user is always free to provide their personal data. Failure to provide such data may make it impossible to obtain what has been requested or to use the Data Controller's services.

TRANSFER OF DATA ABROAD
Your data will not be transferred to countries outside the EU.

DATA DISSEMINATION
Your data will not be disclosed.

RIGHTS
Articles 15, 16, 17, 18, 20, and 21 of the GDPR grant the data subject specific rights that may be exercised against the Data Controller.
In particular, the user, under the conditions set forth by the GDPR, may exercise the following rights:

  • right of access: the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to your personal data, including a copy of it;

  • right to rectification: the right to obtain the rectification of inaccurate personal data concerning you and/or the integration of incomplete personal data;

  • Right to erasure (right to be forgotten): the right to obtain the erasure of personal data concerning you if it is no longer necessary for the purposes pursued by the Data Controller, if you withdraw your consent (and there is no other legal basis for the processing) or object to the processing, if the processing is unlawful, or if there is a legal obligation to erase it. The right to erasure does not apply to the extent that processing is necessary for compliance with a legal obligation or for the performance of a task carried out in the public interest, or for the establishment, exercise, or defense of legal claims.

  • Right to restriction of processing: the right to obtain restriction of processing when: a) the data subject contests the accuracy of the personal data; b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead; c) the personal data are required by the data subject for the establishment, exercise or defense of legal claims;

  • Right to data portability: the right to receive the personal data concerning him or her, which he or she has provided to the Data Controller, in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance, if the processing is based on consent and is carried out by automated means;

  • Right to object: the right to object, at any time, to processing if personal data is processed for purposes other than those for which the data subject has consented to the processing.

Pursuant to Article 77 of the Regulation, the data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State in which he or she habitually resides, works or in the place where the alleged infringement occurred, which in Italy corresponds to the Italian Data Protection Authority, whose contact details can be found at www.garanteprivacy.it.
Furthermore, the GDPR grants the data subject the right to withdraw consent at any time and as easily as it was granted.
The exercise of your rights as an interested party is free in accordance with article 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Data Controller could charge you a reasonable fee, in light of the administrative costs incurred to manage your request, or deny the satisfaction of your request.
 
You can exercise your rights by using the attached form which must be sent in paper form to the Data Controller's address, or by email or fax to the contact details provided in this policy.
 
This Policy was updated on December 19, 2024. Any updates will always be posted on this page.
 
The Data Controller

Intervention co-financed under the Puglia Regional Operational Programme (ROP) ERDF-ESF 2014-2020

Stay up to date on AI

If you're passionate about artificial intelligence, sign up for our newsletter and receive regular updates on the latest news and trends.

white logo

Asi Area | Via G. Agnelli, 31-31/A
70056 Molfetta (BA) – Italy

Corso Giacomo Matteotti, 10
20121 | Milan MI

Facebook Instagram LinkedIn X-twitter Youtube
Useful links
Certifications
Partners
Lenovo Global Corporate Logo
© 2025 Copyright Hevolus srl | VAT NUMBER/CF 05612750728 | Fully paid share capital €133.883,41