Dear User, with the definitive entry into force of the new General Data Protection Regulation (GDPR) 2016/679, from 25 May 2018 in Europe – for the protection of individuals – rIt is important that you are aware of the rights that are recognized to you in relation to your data when you decide to access our online services.
Here’s how and why we use your data and how you can control its use. The new information that we report below is divided into:
- Data Controller: Who processes your data
- Legal basis: Because you have provided us with your data
- Category of data processed: What data we process
- Purpose of the processing: What we process your data for
- Processing methods: How we process your data
- Duration of processing: How long we keep your data
- What are cookies
- Summary table of the cookies used
- Security of your data: How we protect your data
- Exercise of the rights of the interested party: What are his rights
We invite you to read it
INFORMATION PURSUANT TO ART. 13-22 OF REG. EU 2016/679
Pursuant to Article 13 of Regulation (EU) 2016/679 we inform you that the personal data acquired will be processed, also automatically, for:
- access our online services;
- sending requested information;
Holder of the treatment
Company name: Celmacch Group Srl
Headquarters address: Via Serio 9 – 25015 Desenzano del Garda (BS)
Telephone contact details:+39030 9990470
Contact details email: firstname.lastname@example.org
Recipients and Authorized Subjects for processing
In addition to the employees and collaborators of Celmacch Group Srlthe processing of personal data may also be carried out by third parties, to whom the company entrusts certain activities (or part of them) connected or instrumental to the processing or provision of the requested services. In this case, the same subjects will operate as independent owners or will be appointed as Managers who carry out technical and organizational tasks of the site on behalf of the Data Controller.
Legal basis and possible consequences of failure to provide data
The personal data collected through the Site are processed on the basis of your consent pursuant to EU Reg. 2016/679, art, 6, paragraph 1, letter a). Any refusal will make it impossible to contact you and / or provide you with information.
Categories of data processed
- a) DATA COMMUNICATED BY THE USER
The data collected is personal and is provided by the interested party spontaneously by filling in the specific contact forms or by sending emails.
Purpose of the processing
The treatment has the purpose of access our online services, to be able to contact you again, following your request for information, by completing the relative online form “Contact us”. Specific information is published on the pages of the Site for the provision of these services.
Personal data will be processed in paper, computerized and telematic form and inserted in the relevant databases (customers, suppliers, etc.) to which the employees expressly designated by the Data Controller as managers and persons in charge of the processing of personal data will be able to access, and therefore learn about them who will be able to carry out consultation, use, processing, comparison and any other appropriate operation, including automated, in compliance with the provisions of the law necessary to guarantee, among other things, the confidentiality and security of the data as well as the accuracy, updating and the relevance of the data to the stated purposes.
Retention period of personal data
- For data provided through the Contact Form “Contact us”: max 5 years
Localization of data, communication of data and transfer of the same to non-EU third countries
The personal data collected are stored on the servers of Celmacch Group Srl located in ITALY.
The communication of data to third parties will take place only if this is necessary in order to comply with the request received
Celmacch Group Srl does not carry out transfers of personal data to non-EU territory.
How we protect your data
We design our systems and devices with due regard to your security and privacy. Personal data are processed with automated tools in compliance with the principle of necessity and proportionality, avoiding the processing of personal data if the operations can be carried out through the use of anonymous data.
In compliance with the GDPR, we adopt physical, electronic and organizational security measures in relation to the collection, storage and communication of our customers’ personal data, also in order to prevent the loss of personal data, illicit use and unauthorized access. . We remind you that it is good practice for the security of your data to carry out the appropriate checks on your device, so that it is equipped with periodically updated antivirus tools and that the Internet Service Provider that provides you with the Internet connection guarantees the secure transmission of data through firewalls. , anti-spam filters and / or other similar guarantees.
Rights of the interested party
The interested party, in relation to the personal data covered by this information, has the right to exercise the rights provided for by the EU Regulation listed below:
- Right of access of the interested party [art. 15 of the EU Regulation] (the possibility of being informed about the processing carried out on their Personal Data and possibly receiving a copy);
- Right to rectify their Personal Data [art. 16 of the EU Regulation] (the interested party has the right to rectify inaccurate personal data concerning him);
- Right to cancel their Personal Data without undue delay (“right to be forgotten”) [art. 17 of the EU Regulation] (the interested party has, and will have, the right to cancel their data);
Right to limit the processing of personal data in the cases provided for by art. 18 of the EU Regulation, including in the case of unlawful processing or dispute of the accuracy of the Personal Data by the interested party [art. 18 of the EU Regulation];
- Right to data portability [art. 20 of the EU Regulation], the interested party may request their Personal Data in a structured format in order to transmit them to another owner, in the cases provided for by the same article;
- Right to object to the processing of their Personal Data [art. 21 of the EU Regulation] (the interested party has, and will have, the right to object to the processing of their personal data);
- Right not to be subjected to automated decision-making processes, [art. 22 of the EU Regulation] (the interested party has, and will have, the right not to be subjected to a decision based solely on automated processing).
Further information about the rights of the interested party can be obtained on the website www.garanteprivacy.it or by asking the Data Controller for an integral extract of the aforementioned articles.
The aforementioned rights can be exercised free of charge as established by the Regulations by sending an email to: email@example.com
The data controller, in compliance with art. 19 of the EU Regulation, proceeds to inform the recipients to whom the personal data have been communicated, of any corrections, cancellations or limitations of processing requested, where this is possible.
With reference to the aforementioned purposes, the interested party has the right to proceed, at any time, to revoke the consent for the processing of identification and personal data by sending an email to:firstname.lastname@example.org
Pursuant to art. 7 of the EU Regulation, the withdrawal of consent does not affect the lawfulness of the processing based on the consent carried out prior to the withdrawal.
Right to lodge a complaint
If the interested party considers that his rights have been compromised, he has the right to lodge a complaint with the Guarantor Authority for the protection of personal data, in the manner indicated by the same Authority at the following internet address:https://www.garanteprivacy.it/home/modulistica-e-servizi-online/reclamo.
Changes and updatesthe
This information is valid from 15/10/2020 until next update