We would like to inform you that the “European Regulation 2016/679 on the Protection of Individuals with regard to the Processing of Personal Data and on the free movement of such data” (hereinafter “GDPR”) provides for the protection of individuals with regard to the processing of personal data as a fundamental right. Therefore, pursuant to Article 13 of the GDPR, we inform you that:
1. CATEGORIES OF DATA: CeDisMa will process your personal data such as:
Automatically collected data. The computer systems and applications dedicated to the operation of this website detect, in the course of their normal operation, certain data (the transmission of which is implicit in the use of Internet communication protocols) potentially associated with identifiable users. The data collected include the IP addresses and domain names of the computers used by the users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters regarding the operating system, browser and computer environment used by the user. These data are processed, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to check its regular operation. The provision of such data is mandatory as it is directly related to the web browsing experience.
Data provided voluntarily by the user. The voluntary and explicit sending of electronic mail to the addresses indicated in the different access channels of this site does not imply a request for consent, and any completion of specifically prepared forms entails the subsequent acquisition of the address and data of the sender/user, necessary to respond to the instances produced and/or provide the requested service. The voluntary sending, on your part, of e-mails to our e-mail addresses do not require further information or requests for consent. On the contrary, specific summary disclosures will be shown or displayed on the pages of the site set up for particular services on request (forms). Therefore, the user must explicitly consent to the use of the data in these forms in order to send the request.
2. SOURCE OF PERSONAL DATA: The personal data CeDisMa holds is collected directly from the data subject.
3. DATA CONTROLLER: The data controller CeDisMa, Largo Gemelli 1 – 20123 – Milan can be contacted by phone at 02 7234 3238 or at the email address email@example.com.
4. PURPOSE OF DATA PROCESSING AND LEGAL BASIS: The processing of your data has as its legal basis your consent and is carried out for the following purpose:
To perform statistical analysis on an anonymous basis
To send commercial and informative communications of various kinds to the email address provided
5. RECIPIENTS OF THE DATA: To the extent relevant to the processing purposes indicated, your data may be disclosed to partners, consulting companies, private companies, appointed as Data Processors by the Data Controller or for legal obligations or to fulfill your specific requests. Your data will not be disseminated in any way. The Data Processors and Persons in Charge are punctually identified in the Privacy Document, which is updated periodically.
6. TRANSFER OF DATA ABROAD: The data collected is not subject to transfer abroad.
7. PERIOD OF STORAGE: The collected data will be stored for a period of time not exceeding the achievement of the purposes for which they are processed (“principle of limitation of storage,” art.5, GDPR) or according to the deadlines provided by the legal regulations. Verification of the obsolescence of retained data in relation to the purposes for which they were collected is carried out periodically.
8. RIGHTS OF THE DATA SUBJECT: The data subject always has the right to request from the Data Controller access to his/her data, rectification or erasure of data, restriction of processing or the possibility to object to processing, to request data portability, to withdraw consent to processing by asserting these and other rights under the GDPR by simple communication to the Data Controller. The data subject may also lodge a complaint with a supervisory authority.
9. OBLIGATENESS OR LESS OF CONSENT: The provision of your data is mandatory while browsing our website and for the specified purposes.
10. METHODS OF DATA PROCESSING: The personal data you provide, will form the subject of processing operations in compliance with the aforementioned legislation and the obligations of confidentiality that inspires the activity of the Owner. The data will be processed both with computer tools and on paper media and on any other type of suitable media, in compliance with the appropriate security measures pursuant to art 5 par. 1 letter F of the GDPR.