Complete policy for website users - cookies

Valmet Tissue Converting S.p.A. with head office in 55100 Lucca (LU), Via Giovanni Diodati 50, hereinafter the Data Controller, protects the confidentiality of your personal data and ensures that it is properly protected from any event that may compromise its confidentiality.
The Data Controller implements policies and practices that concern the collection, the use of personal data and the exercise of your rights under applicable regulations. The Data Controller is responsible to updating the policies and practices used to protect personal data whenever necessary and in any case in the event of regulatory and organizational changes that may affect the processing of your personal data.

The Data Controller has appointed a Data Protection Officer (DPO) you can contact in case of questions about policies and practices. Below the contact detail of the data protection officer: dpo.ti.luc@valmet.com

Your personal information will be processed for:

1) Browsing the koerber-tissue.com website

The treatment of your personal data, such as navigation data, e.g. the IP address and cookies issued by browsing the koerber-tissue.com site, is processed by the Data Controller to allow the management of the site and to collect information of an aggregate nature.

Your personal data will in no way be disseminated or disclosed to indeterminate entities.

2) Communication to third parties and recipients

The communication of your personal data takes place mainly to third parties and / or recipients whose activity is necessary for the performance of the activities related to the aforementioned purposes, and also to respond to certain legal obligations. Any communication that does not respond to these purposes will be subject to your consent.
In particular, your data will be disclosed to third parties / recipients for:

1. executing the service (e.g. IT service provider); 
2. communications to the financial administration, and to public supervisory and regulating bodies in respect of which the Owner must fulfill specific obligations deriving from the specific nature of the activity carried out;

The personal data that the Data Controller processes for this purpose is:

• browsing data (IP address).

3) Cyber Security Reasons 

The Data Controller processes, also through its suppliers (third parties and / or recipients), your personal data (e.g. IP address) or traffic data collected, or obtained, in the case of services displayed on the website to a strictly necessary and proportionate extent to guarantee the security and ability of a network or servers connected to it to withstand, at a given level of security, unforeseen events or illegal or malicious acts that compromise the availability, authenticity, integrity and confidentiality of personal data stored or transmitted.

For these purposes, the Data Controller provides procedures for managing the breach of personal data. 
 

A “cookie” is a small text file that a website stores on your computer or mobile device when you visit the site, in order to collect and transfer information. Cookies are sent from a web server (usually the user's computer) to the user's terminal equipment (browsers such as Internet explorer, Mozilla Firefox, Google Chrome, etc.); they are stored in the user's terminal equipment to be then re-transmitted to the websites on the user's subsequent visits to those websites. 

Some operations could not be carried out without cookies, which in some cases have merely technical nature and are strictly necessary. In other cases, the web server sets cookies to allow users to better navigate and use a website or services specifically requested.

Cookies are present as a rule in the user's browser and at times they remain stored for long. They may contain an IT authentication to the monitoring of user’s browsing sessions, with statistics or advertising purposes, aimed to create a customize user’s profile in line with the preferences shown by the user during navigation. They are used to show and/or send targeted ads messages (so called Behavioral Advertising).

The Data Controller reports below the specific categories of cookies used, the purpose and the consequence of their de-selection:

We use third party cookies on our site, namely cookies that are set by websites that belong to a domain that is distinct from the domain of the website visited by the user.

In particular, users are informed that the website uses the following services that release cookies: 

• The web analytics service "Google Analytics" provided by Google, Inc. is a web analysis service that uses "cookies" stored on the user's computer to allow the visited website to analyze how users use it. The information generated by the cookie about the use of the website visited by the user (including the IP address) will be transmitted to Google and stored on Google's servers in the United States. Google will use this information for the purpose of tracking and reviewing the use of the website by the user, compiling reports on website activity for website operators and providing other services relating to website activity and Internet usage. To consult Google’s privacy policy relating to the Google Analytics service, and to express their consent to the use of the aforementioned cookies, please refer to the website http://www.google.com/intl/en/analytics/privacyoverview.html. 
• "Youtube" cookies allow to monitor the geographical location of the mobile device, estimate the speed of the user's connection on pages with integrated YouTube videos, perform statistics related to which YouTube videos are viewed by the user and memorize the user’s video player preferences using the integrated YouTube video. The information generated by the cookie on the use of the website visited by the user (including the IP address) will be transmitted to Youtube. To consult the privacy policy of the YouTube company concerning the service, and to express their consent to the use of the aforementioned cookies, please refer to the website https://support.google.com/youtube/answer/2801895?hl=en. 
• “DoubleClick” cookies are used to make advertisements more engaging for users and more useful for publishers and advertisers. Some common uses of cookies include the selection of advertising based on what is relevant to a user according to the information taken from their visits on this and other sites and the possibility of avoiding the display of ads that the user has already seen. For more information and consent management form available at the following link https://policies.google.com/technologies/ads?hl=en
• Through the “LinkedIn, LinkedIn Analytics and LinkedIn Marketing Solutions” cookies, LinkedIn Ireland Unlimited Company collects and stores usage data in pseudonym profiles to allow statistical analysis of the use of the website, evaluate the success of advertisements and provide related advertising to the interests on our website, on LinkedIn and on the websites of the connected partners. If you are a LinkedIn user, LinkedIn can also combine data with your account. For more information on data protection, visit https://www.linkedin.com/legal/privacy-policy 

On the koerber-tissue.com site there are specific "buttons" (called "social buttons / widgets") that depict the icons of social networks (eg Facebook, Linkedin, etc.) and other web services (eg Youtube, etc.). They allow users who are browsing the Owner's web page to access the relevant social networks with a "click".

In this case, the social network and web services acquire data relating to the user, while the Data Controller will not share any navigation information or user data acquired through its site with social networks and web services accessible thanks to the social buttons/widgets. These services release "third party cookies". Below are the links to the privacy policies of the most used social networks and the websites to which the buttons refer:

• for Facebook: https://www.facebook.com/help/cookies
• for Linkedin: https://www.linkedin.com/legal/cookie_policy 
• for  Youtube: https://policies.google.com/technologies/cookies 
• for Instagram: https://help.instagram.com/1896641480634370

By passing the initial banner containing the privacy policy, the User has given their express consent to the use of the site's cookies, as detailed above.

This section allows the User to change the site's cookie settings. After changing the settings, you need to click on the SAVE button.

• Technical Cookies
  Necessary for the use of the website, blocking them does not allow it to function. Your consent is not required for their installation.
• Analytics Cookies
  They allow the collecting of information in aggregate form on navigation by users to optimize the browsing experience and the services themselves. Blocking them would not allow the Owner to optimize the user's browsing experience, but the website would still be navigable.

Once enabled, the deselection of individual cookies can also be done freely through your browser (by selecting the settings menu, clicking on the Internet options, opening the privacy tab and choosing the desired cookie blocking level). For more information, see the following links: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Windows Explorer. 

In addition, you can activate the "Do Not Track" option present in most of the latest generation browsers.
Disabling "third party" cookies does not affect the navigability of this site in any way.

We invite you to read the consequences deriving from the opting-out of individual cookies, as shown in the table above.

How we process your data

The processing of personal data is performed through IT procedures by specifically authorized and trained internal individuals. They are allowed access to your personal data to the extent and to the extent that it is necessary for the performance of the processing activities that concern you.

The Data Controller periodically checks the tools by which your data is processed and the security measures foreseen for them, which are constantly updated; verifies, also through the entities authorized to process, that personal data which does not need to be processed is not collected, processed, archived or stored; verifies that the data is kept with the guarantee of integrity and authenticity and of their use for the purposes of the treatments actually carried out.

Your personal information will be processed:

The data is stored in computerized and telematic archives located within the European economic area.

How long we process your data for 

• Cookies:
  We invite you to read the retention terms of personal data as indicated in the previous table.
• Website Navigation:
  Personal data is kept for the time necessary to allow navigation of the site and in any case no later than 12 months, except in cases where events occur that involve the intervention of the competent Authorities, also in collaboration with third parties / recipients to whom IT security activities of the Data Controller are delegated, to carry out any investigations on the causes that led to the event, as well as to protect the interests of the Controller relating to any liability related to the use of the site and related services.

In essence, you can, at any time and free of charge and without any special charges or formalities in lodging your request:

• obtain confirmation of whether your data is being processed by the Data Controller;
• access your personal data and obtain information as to their source (if you have not provided the data directly), the aims and purposes of the processing, the data of the recipients to whom the data has been disclosed, the period for which your data will be retained or the criteria used to determine that period;
• update or correct your personal data so that it is always correct and accurate;
• delete your personal data from the databases and/or archives, including backup archives, in the event that, among others, they are no longer necessary for the purposes of the processing or if the processing is assumed to be unlawful, and provided that the conditions laid down by law are met; and in any case if the processing is not justified by another equally legitimate reason;
• limit the processing of your personal data in certain circumstances, for example if you have challenged its accuracy, for the period necessary for the Data Controller to verify its accuracy. You must also be informed, within a reasonable period of time, of when the suspension period has ended or the cause of the restriction of processing has ceased, and therefore the restriction of processing has been lifted;
• obtain your personal data, if the processing thereof is carried out on the basis of a contract and by automated means, in electronic format also in order to transmit your data to another data controller.

The Data Controller must do so without delay, and in any case no later than one month from the date of receipt of your request. This time limit may be extended by two months, if necessary, taking into account the complexity and the number of requests received. In such cases, the Data Controller shall, within one month of receipt of your request, notify you and inform you of the reasons for the extension. To exercise your rights, write to privacy.ti.luc@valmet.com.

For reasons relating to your particular situation, you may at any time object to the processing of your personal data if it is based on your legitimate interest, by sending your request to the Data Controller at privacy.ti.luc@valmet.com

You have the right to have your personal data deleted if there is no overriding legitimate reason for doing so other than the one that your request is based on. 

Without prejudice to any other action taken in an administrative or judicial context, you may lodge a complaint with the Italian Data Protection Authority, unless you are a resident of, or you work in another Member State. In the latter case, or if the breach of personal data protection legislation takes place in another EU country, the regulators of that country shall have jurisdiction to receive and hear the complaint.