Privacy contacts

EXTENDED PRIVACY POLICY CONTACTS

(version 1.0 of 1 December 2021)

 

Dear Visitor,

This website (www.cieffeinvestigazioni.it) is the property of Cieffe Investigazioni S.r.l. Unipersonale, with registered office in Via Luigi Pirandello, 10 - 20063 Cernusco sul Naviglio (MI), VAT No. 07857200963, which as the owner of the processing of personal data of users of the Site provides below the privacy policy under Art. 13 of Legislative Decree 196/2003 (hereinafter, the "Privacy Code") and pursuant to art. 13 of EU Regulation 2016/679 of 27 April 2016 (hereinafter, the "Regulation", the Regulation and the Privacy Code are together referred to as the "Applicable Legislation").

This Site and any services offered through the Site are reserved for persons aged 18 years or over. The Owner therefore does not collect personal data on persons under 18 years of age. At the request of Users, the Data Controller will promptly delete all personal data involuntarily collected relating to persons under 18 years of age.

The Data Controller takes into the utmost consideration the right to privacy and protection of personal data of its Users. For any information in relation to this privacy policy, Users may contact the Controller at any time, using the following methods:

-by registered letter with advice of receipt (to the address Cieffe Investigazioni S.r.l. Unipersonale, with registered office in Via Luigi Pirandello, 10 - 20063 Cernusco sul Naviglio (MI));

-by email (to )

The Data Controller has appointed Dr Luisa Bellissimo as the Data Protection Officer (DPO).

 

1. PURPOSE OF PROCESSING

Users' personal data will be lawfully processed by the Controller in accordance with Article 6 of the Regulations for the following purposes:

A) processing the User's request: the personal data of the Users are collected and processed by the Controller for the sole purpose of processing their request. The User's data collected by the Data Controller for this purpose include the User's surname, first name, email address, telephone number and any other personal information that the User may voluntarily publish. No other processing will be carried out by the Data Controller in relation to the personal data of the Users, unless the User gives the Data Controller a specific and optional consent to the processing of his/her data for the further processing purpose provided for in paragraph 2. Without prejudice to what is provided elsewhere in this privacy policy, in no case will the Controller make the personal data of the Users accessible to other Users and/or third parties.

B) administrative-accounting purposes, i.e. to perform activities of an organisational, administrative, financial and accounting nature, such to include internal organisational activities and activities functional to the fulfilment of contractual and pre-contractual obligations;

C) legal obligations, or to comply with obligations imposed by law, authority, regulation or European legislation.

The provision of personal data for the above-mentioned processing purposes is optional but necessary, as failure to provide such data will make it impossible for the User to make a request to the Controller.

The personal data that are necessary for the pursuit of the processing purposes described in this paragraph 1 are indicated with an asterisk in the request form.

 

2. FURTHER PROCESSING PURPOSES: MARKETING

With the User's free and optional consent, some of the User's personal data (i.e. name, email address) may also be processed by the Data Controller for marketing and newsletter purposes (sending of publicity material, direct sales and commercial communication, sending of newsletters containing information in relation to news relevant to the sector relating to the activities of the Data Controller), or so that the Data Controller can contact the User by e-mail, telephone (fixed and/or mobile, with automated call or call communication systems with and/or without the intervention of an operator) to propose to the User the purchase of products and/or services offered by the Data Controller itself and/or by third party companies, to present offers, promotions and commercial opportunities.

If consent is not given, the possibility of pursuing the purposes set out in Article 1 will not be affected in any way.

In the case of consent, the User may revoke it at any time by making a request to the Controller in the manner indicated in paragraph 5 below.

The User may also easily object to further sending of promotional communications and email newsletters by clicking on the appropriate link for the revocation of consent, which is present in each promotional email. Once consent has been withdrawn, the Controller will send the User an email to confirm that consent has been withdrawn. If the User wishes to withdraw his/her consent to the sending of promotional communications by telephone, while continuing to receive promotional communications by email, or vice versa, please send a request to the Controller in the manner indicated in paragraph 5 below.

The Data Controller informs that, following the exercise of the right to object to the sending of promotional communications and newsletters by email, it is possible that, for technical and operational reasons (e.g. formation of contact lists already completed shortly before the receipt by the Data Controller of the request for objection) the User will continue to receive some further promotional messages and newsletters. If you continue to receive promotional messages after 24 hours of exercising your right to object, please report the problem to the Data Controller using the contact details given in paragraph 5 below.

 

3. PROCESSING METHODS AND DATA RETENTION PERIODS

The Data Controller shall process the Users' personal data by means of manual and computerised tools, with logic strictly related to the purposes thereof and, in any case, in such a way as to guarantee the security and confidentiality of the data.

The personal data of the Site's Users will be stored for the time strictly necessary to fulfil the primary purposes illustrated in paragraph 1 above, or in any case according to what is necessary to protect the interests of both the Users and the Data Controller under civil law.

In the case referred to in paragraph 2 above, Users' personal data shall be stored for the time strictly necessary to fulfil the purposes set out therein and, in any event, for no longer than twenty-four (24) months.

 

4. SCOPE OF COMMUNICATION AND DISSEMINATION OF DATA

The personal data of the Users may be disclosed to the employees and/or collaborators of the Data Controller in charge of managing the Site and the Users' requests. These subjects, who are formally appointed by the Owner as "data processors", will process the User's data exclusively for the purposes indicated in this information notice and in compliance with the provisions of the Applicable Regulations.

Users' personal data may also be disclosed to third parties who may process personal data on behalf of the Data Controller in their capacity as "External Data Processors", such as, for example, suppliers of IT and logistics services functional to the operation of the Site, suppliers of outsourcing or cloud computing services, professionals and consultants.

 

5. RIGHTS OF DATA SUBJECTS

Users may exercise the rights guaranteed to them by the Applicable Legislation by contacting the Data Controller in the following ways:

-by registered letter with advice of receipt (to the address Cieffe Investigazioni S.r.l. Unipersonale, with registered office in Via Luigi Pirandello, 10 - 20063 Cernusco sul Naviglio (MI));

-by email (to )

Pursuant to the Applicable Law, the Data Controller informs that the Users have the right to obtain information on:

. the origin of the personal data

. the purposes and methods of the processing;

. the logic applied in the event of processing carried out with the aid of electronic instruments;

. the identity of the data controller and data processors;

. the entities or categories of entity to whom or which the personal data may be communicated or who or which may get to know said data in their capacity as data processors or persons in charge of the processing.

In addition, Users have the right to obtain:

a) access, updating, rectification or, where interested therein, integration of the data;

b) the cancellation, transformation into anonymous form or blocking of data processed in breach of the law, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;

c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

In addition, Users have:

(a) the right to withdraw consent at any time where the processing is based on their consent

(b) the right to data portability (the right to receive all personal data concerning them in a structured, commonly used and machine-readable format), the right to restriction of processing of personal data and the right to erasure ("right to be forgotten");

(c) the right to object:

. in whole or in part, on legitimate grounds to the processing of personal data concerning them, even if relevant to the purpose of collection;

. In whole or in part, to the processing of personal data concerning them for the purposes of sending advertising materials or direct selling or for carrying out market research or commercial communication;

. where personal data are processed for direct marketing purposes, at any time, to the processing of their data for such purposes, including profiling insofar as it is related to such direct marketing.

d) if they consider that the processing of their personal data is in breach of the Regulation, the right to lodge a complaint with a supervisory authority (in the Member State in which they have their habitual residence, in the Member State in which they work or in the Member State in which the alleged breach has occurred). The Italian Supervisory Authority is the Garante per la protezione dei dati personali, with headquarters at Piazza di Monte Citorio n. 121, 00186 - Rome (https://www.garanteprivacy.it).

The Data Controller is not responsible for updating all the links displayed in this Information Notice, therefore whenever a link is not working and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by such link.

 

Share