INFORMATION NOTICE FOR DATA PROCESSING THROUGH VIDEO SURVEILLANCE

Pursuant to Article 13 of EU Regulation 2016/679

F.C.R. – Filtrazione Condizionamento Riscaldamento S.p.A hereby wishes to provide all those who access the organization’s premises with the necessary information regarding the methods and purposes by which their personal data will be processed. This notice complements what has already been communicated through specific visible signs in the video-surveilled areas, in accordance with current legislation.
  1. DATA CONTROLLER AND CONTACT DETAILS
    The Data Controller for Personal Data is F.C.R. – Filtrazione Condizionamento Riscaldamento S.p.A.
    Registered Office: Corso Vittorio Emanuele II, 15 – Milano (MI)
    Administrative Office: Via E. Fermi 3 – Cinisello Balsamo (MI)
    Company Contacts: e-mail fcr@fcr.it – phone 02.617981; Privacy e-mail: privacy@fcr.it

  2. DATA PROCESSED AND PURPOSES
    The installed video surveillance system acquires the following categories of personal data:
    • Images and video footage of identified or identifiable natural persons
    • Metadata related to the recordings (e.g., date, time, camera position, sound events, etc.)

      The images and data acquired through video surveillance are processed only for specific legitimate purposes, such as the protection of company assets (organizational property) and consequently for the prevention of thefts, vandalism, or unauthorized access, for possible support in case of internal investigations and critical event management, and for the protection of people’s safety in case of unlawful events during working hours

  3. LEGAL BASIS
    The legal basis for the processing is the legitimate interest of the Data Controller in protecting its assets and ensuring company security, pursuant to art. 6, par. 1, letter f) of Regulation (EU) 2016/679

  4. PROCESSING METHODS AND DATA RETENTION
    Processing is carried out using systems consisting of fixed-orientation cameras, monitors for real-time viewing, and recording devices equipped with adequate security measures. Access to the images is allowed exclusively to subjects formally authorized and designated by the Controller. Recordings are kept for a maximum period of 72 hours, after which they are automatically overwritten. The possibility of further retention remains, should this be necessary to comply with requests from the Judicial Authority or to protect the rights of the Controller or third parties in court. The processing is carried out in compliance with the provisions of the Italian Data Protection Authority’s General Provision on video surveillance of April 9, 2010, where compatible with the GDPR

  5. GENERAL INFORMATION ON THE VIDEO SURVEILLANCE SYSTEM

    LocationExternal CamerasInternal CamerasMonitor
    Warehouse: Via Tonale 1/3 – Vittuone (MI)YesYesYes
    Depot: Via Vittorio Carlo Gnoli 2 – Arluno (MI)YesYesYes
    The video surveillance system is active in the external and internal areas of the company premises according to principles of proportionality and in compliance with the declared purposes. Recordings are made continuously in external spaces, while inside the premises, detection only takes place outside working hours

  6. DISSEMINATION AND CATEGORIES OF DATA RECIPIENTS
    The data collected through the video surveillance system will not be disseminated. The data may be communicated to third parties, contractually linked to the controller and exclusively for the achievement of the expressed purposes or in order to comply with contractual or legal obligations, belonging to the following categories:
    • Persons in charge/authorized to process the data:
      • Internal personnel in charge of customer acceptance and access surveillance
    • Data Processors:
      • Any professionals who support the organization with consultancy or legal activities
      • External subjects in charge of the management/maintenance of the video surveillance system
      • Security companies
    • Data Controller:
      • Images may be provided to Police forces and/or the Judicial Authority, in case of their request or unlawful act

  7. TRANFER OF PERSONAL DATA TO THIRD COUNTRIES
    The management and storage of personal data take place on a server located in Italy. The data will not be transferred outside the European Union

  8. RIGHTS OF DATA SUBJECT
    If the conditions provided for by the GDPR are met, you may exercise the rights provided for in Articles 15 et seq. of the GDPR against the Data Controller, where applicable, and, specifically, the right to access personal data, to rectification, to erasure (“right to be forgotten”), to restriction of processing, to data portability, and to object at any time to the processing of personal data concerning you. To exercise the aforementioned rights, you may send a specific request to the addresses indicated in section two of this notice. Furthermore, pursuant to art. 77 of the GDPR, if you believe that the processing of your personal data is not compliant with EU Reg. 2016/679, you are granted the right to lodge a complaint with the Garante per la Protezione dei Dati Personali (Italian Data Protection Authority) as the supervisory authority by following the procedures and indications available on the website www.garanteprivacy.it

  9. NOTICE UPDATE
    This notice is updated as of 26/06/2025; it is also made available to the data subject in hard copy at the company’s Administrative Office