PRIVACY POLICY

PRIVACY POLICY notice

Information in accordance with Article 13 European regulation  N.679/2016 (GDPR)

Introduction
This page is used to inform website visitors regarding our policy with the processing of personal data collected from users.

The information is in line with Article 13 of the European regulation  N.679/2016 (GDPR) and is addressed to those who interact with Uni-Soleil web services accessible at the following web address http://www.uni-soleil.com.tw,  home page of the site.

This information page is only related to Uni-Soleil WEBSITE, not to other sites that the users might access via link.Moreover, the information is in line with Recommendation N. 2/2001, adopted by the Data Protection Authorities of the  European Union, on 17 May 2001, in a meeting of the group established under Article N.29 of Directive N. 95/46/CE, and regarding a specification of the minimum requirements on data collection. In detail, the Recommendation describes how, when and what kind of information the Data Controller should give to the users whenever they interact with the web page, whatever the purpose of the  link  to the website.

Uni-Soleil guarantees the confidentiality of personal data and ensures protection from any risk of  personal data breach.
We give users (Subject) all the information requested by EC legislation on the processing of personal data, in accordance with Regulation 679/2016 of the European Union (GDPR), referring in detail to Article 13.

The websites under the domain www.uni-soleil.com.tw want to preserve privacy and ensure data protection as a primary objective (www.uni-soleil.com.tw from now on). You can access most of the site without giving personal information.  We may require you to provide us with certain personal information only  for providing our service, when requested. 

Data Controller and Data Processor
The Company Uni-Soleil No.392, Siaosinying, Shanhua Dist, Tainan City 74170, Taiwan, tel +886 6 5106611 e-mail sales@uni-soleil.com.tw is responsible for processing the data.

Updating
The website might add services to those presently operating. In case it would make partial changes to the Privacy Policy, this Information will be updated, as well as in case of  legislative changes on data protection. The users will be informed in due course.

Nature and purposes of data transmission (based on Article 13, paragraph 1 of the GDPR)
Navigation data are essential to carry out computer and data protocols.
Personal data transmission is left to the Subject’s personal choice.
Personal data collected from the data subject will be used for his/her registration, for managing the services requested, giving customer support and to fulfil requirements that the  regulation impose to the Controller, in relation to his/her business.

Uni-Soleil will not disclose to or share the Subject’s data with any third party, and will not use them for any undeclared purposes.

Unavailability of the data (Article 13, paragraph 2, GDPR)
Collecting and processing personal data is necessary for providing services and goods.
When the Subject makes his/her data unavailable, the  Controller is unable to manage services and goods provision, and any requirements related to them.

Processing method (Article 32 of GDPR)
All data collected by the above mentioned website will be processed using computerised and telematic procedures. Technical data will be stored by the server of the  company , that ensures an appropriate level of security.
The Controller will use adequate security measures to ensure the ongoing confidentiality, integrity, availability of the Subject’s personal data and orders third-party suppliers and processors to do the same.
Personal data of the Subject will be locked in paper, computerised and telematic files, in countries where the GDPR is applied (EU nations).

Duration of  the retention  of personal data (Article 13, paragraph 2, letter “a” of the GDPR)
Unless we receive a request from the Subject to destroy or erase his/her personal information, all personal information will be kept as long as necessary for the legitimate purpose for which it was collected.

Types of information we collect and use (Article 13, paragraph 1, letter “a” and Article 15, paragraph 1, letter “b”  of the GDPR)
we underline that, accordingly to the above mentioned law, sensible data are all the data revealing racial or ethnic origins, political opinions or religious or philosophical beliefs, trade union membership, health or sexual life .

Information sharing and disclosure
We may share information with relevant Third Parties for the purpose of better managing and improving our business relationship. Furthermore, we may share information as required or allowed by law or to comply with any applicable law or valid legal process.
Those are:
categories
credit institutions, electronic money institutions, post office giro institutions and payment institutions.
Professionals/external consultants and  Consultancy Companies.
 
Purposes:
managing the website
managing cash-receiving, payment and refund related to our business
fulfilment of law requirements, exercise and protection of rights, claims.

Subject’s rights (art 15-20 GDPR)
The data Subject shall have the right to obtain from the Controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:

  1. the purposes of the processing;
  2. the categories of personal data concerned;
  3. the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
  4. where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  5. the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
  6. the right to lodge a complaint with a supervisory authority;
  7. where the personal data are not collected from the data subject, any available information as to their source;
  8. the existence of automated decision-making, including profiling and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

 

  1. the appropriate safeguards, where personal data are transferred to a third country (extra EU) or international organization.

——-

  1. The provision of a copy of the personal data undergoing processing, unless it goes against rights and freedom of others.
  2. the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.
  3. the right to obtain from the controller the erasure of personal data concerning him or her without undue delay when one of the grounds in Article 17 of GDPR applies, for example: when the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;when the personal data have been unlawfully processed; when the processing is not necessary for compliance with another equally legitimate reason.
  4. The data subject shall have the right to obtain from the controller restriction of processing where one of the grounds in Article 18 of the GDPR applies, for example when the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data. A data subject who has obtained restriction of processing pursuant to paragraph 1 shall be informed by the controller before the restriction of processing is lifted.
  5. The data subject shall have the right to obtain from the controller communication of any rectification or erasure of personal data or restriction of processing carried out by each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.
  6. The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, as described in Article 20 of GDPR.

Questions and requests should be sent to the Controller at the e-mail address sales@uni-soleil.com.tw
The Controller may ask more information to the Subject in order to avoid that unauthorized third parties exercise the above mentioned rights.
 
Right to object  (Article 21 GDPR)
The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her, when personal data are processed for direct marketing purposes. The request should be sent to the Controller, at the e-mail address: sales@uni-soleil.com.tw

Where the subject objects to processing his or her data, the personal data shall no longer be processed unless the processing is necessary for a legitimate reason of the Controller, overriding that of the Subject. In any case, Where the data subject objects to processing for direct marketing purposes.

Claims (Article 15 GDPR)
The subject shall have the right to lodge a complaint with a supervisory authority in Italy (Data Protection Supervisor), or to the equivalent authority of the member State where the infraction to GDPR took place.

We may make changes to this Privacy Notice for updating it. We will notify you of any material changes. in case of a processing of the data for purposes in addition to what has been said, we will notify and ask you permission to proceed.

Technical data
www.uni-soleil.com.tw may automatically collect personal information for business-related purposes, which may include managing the services we provide, complying with legal requirements and dealing with any cyber crime would occur,  as well as for statistical purposes.
When you visit our websites, we automatically receive information from your device, such as IP address and other online identifiers (i.e. online data collected from user’s devices and protocols leaving traces which may be used to identify users) your web request, the date of request and files dimension. This information will be stored anonymously, and we will use it to optimise your experience and help us to improve our website and the ways we communicate with you, in line with technical progress.

 

————————————————————————

last edit: 29 Maggio 2018