Privacy Policy

Data Controller

FORSEC S.r.l.

Operational office: Via P. Bucci Building 44Z - 1st floor, University of Calabria, 87036 Rende (CS), Italy.

Registered office: Via Gaudio Maiori 1, 84013 Cava de' Tirreni (SA), Italy.

Contact email: info@forsec.it

Scope

This policy applies to personal data collected through the FORSEC S.r.l. website and to communications made via email to company addresses.

Types of data processed

• Browsing data: IP address, device information, browser, operating system, access time, and security logs generated by systems.
• Data provided voluntarily by email: name, surname, role/company, email address, message content and any attachments.
• Essential technical data for the site to function (technical cookies, if any).

We do not request or process special categories of data unless voluntarily provided by the user.

Purposes and legal bases

• Respond to requests sent by email and provide information about services: performance of pre-contractual/contractual measures (Art. 6(1)(b) GDPR) and, where applicable, consent (Art. 6(1)(a) GDPR).
• Ensure the technical operation of the site and system security: legitimate interest of the Controller (Art. 6(1)(f) GDPR).
• Compliance with legal, tax, and administrative obligations: legal obligation (Art. 6(1)(c) GDPR).

Providing data is optional, but necessary to receive a response to requests sent by email.

Processing methods and security

Processing is carried out with suitable IT and organizational measures to ensure confidentiality, integrity, and availability of data. Access is limited to authorized personnel or expressly appointed subjects.

We apply data minimization and privacy by design/by default principles to reduce the data processed.

Data retention

We retain data for the time strictly necessary for the purposes for which it was collected. Email communications are retained for the time needed to handle the request and, where necessary, to comply with legal obligations or defend legal claims.

Recipients, processors, and transfers

Data will not be disclosed. It may be shared with technical service providers (e.g., hosting, maintenance, email) appointed, where necessary, as processors under Art. 28 GDPR, as well as with consultants or competent authorities within legal limits.

Any transfers of data outside the EEA occur only when strictly necessary and in compliance with GDPR safeguards (e.g., adequacy decisions or standard contractual clauses).

Data subject rights

Users may exercise the rights provided by Articles 15-22 GDPR, including:

• access, rectification, and erasure of data;
• restriction of processing and objection;
• data portability, where applicable;
• withdrawal of consent at any time, without affecting the lawfulness of processing before withdrawal;
• lodging a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali).

We respond to data subject requests within 30 days, subject to extensions provided by law.

Automated decision-making and profiling

We do not carry out profiling or automated decision-making that produces legal effects for data subjects.

Cookies

This website uses only technical cookies, if any, necessary for correct operation. We do not use profiling or marketing cookies.

GDPR compliance processes

To ensure an appropriate level of protection, we maintain a record of processing activities, conduct impact assessments when required, manage data subject requests, and adopt incident management procedures with notification to the competent authority within 72 hours where legally required.

Privacy contacts

To exercise your rights or request information about data processing, please write to info@forsec.it.

Changes to this policy

We may periodically update this policy. The update date is shown above and changes take effect when published on the website.