POLICY ON PROCESSING OF PERSONAL DATA IN THIS WEBSITE IN
COMPLIANCE WITH ART. 13 OF THE GENERAL DATA PROTECTION
REGULATION (EU REGULATION 2016/679)
In compliance with art. 13 of the General Data Protection Regulation (EU Regulation 2016/679 – hereinafter referred as “GDPR”), this page illustrates how Cinalex manages its website (“The Site”) with regard to the processing of personal data of website users.
1. 1. CATEGORIES OF PERSONAL DATA
The Site will process the following personal data:
- Personal data: name and surname;
- Contact details: e-mail address, telephone, fax;
- Navigation data: IP address.
1. 2. PURPOSE AND LEGAL BASIS OF THE PROCESSING
Your data will be processed for the following purposes:
a) obligations related to the use of the website (eg guaranteeing access to the Site, navigation, registration in the membership area, use of the online services provided by the Site, etc.);
b) obligations related to the execution of a contract, pre-contractual measures and / or the provision of services;
c) fulfilments related to legal obligations provided for by European and / or national regulations.
The legal basis of the processing consists of:
- For the purposes referred to in lett. a) and b), from the execution of the contract of which you are a party or from the execution of pre-contractual measures;
- For the purposes referred to in lett. c), from the fulfillment of legal obligations.
The provision of data for the purposes referred to in lett. a), b) and c) is not mandatory, but any refusal to provide your data could make it impossible for the Data Controller to pursue the purposes indicated above.
1. 3. PROCESSING METHOD
The data provided through the Site are mainly processed with automated tools for the purposes indicated above and for the time strictly necessary to achieve the purposes for which they have been collected.
Specific security measures are taken to prevent, counter and minimize the risks of destruction or loss - even accidental - of the data, of unauthorized access or processing that is not permitted or does not comply with the purposes of the collection.
1. 4. RECIPIENTS OR CATEGORIES OF RECIPIENTS
The data provided may be made accessible, brought to the attention of or communicated to the following subjects, who will be appointed by the Data Controller, as appropriate, as external Data Processors, Autonomous Data Controllers and / or Authorized for processing:
- Cinalex employees and / or collaborators in any capacity;
- public or private subjects, natural or legal persons, of which Cinalex makes use for the performance of the activities instrumental to achieving the aforementioned purpose or to which Cinalex is required to communicate your personal data, by virtue of legal or contractual obligations.
In particular, the Data may be communicated, exclusively for the aforementioned purposes, to the categories of subjects indicated below:
- Companies, associations and professional firms that provide assistance and consultancy services and activities for the Company;
- Credit institutions for the fulfillment of obligations of an economic nature;
- Subjects whose right to access the Data is recognized by legal provisions or by provisions issued by Authorities legitimated by the law.
1. 5. DURATION OF THE TREATMENT AND STORAGE PERIOD
The data collected by the Site during its operation are kept for the time strictly necessary to carry out the specified activities. Upon expiry, the data will be deleted or anonymized, unless there are other purposes for their conservation.
1. 6. TRANSFER OF DATA TO THIRD COUNTRIES
Your personal data will not be transferred abroad.
1. 7. RIGHTS OF THE INTERESTED PARTY
We inform you that at any time, in relation to your data, you can exercise the rights provided within the limits and under the conditions set out in articles 7 and 15-22 of the GDPR.
To exercise these rights, described below, please contact the Data Controller at the following email address email@example.com; suitable feedback will be provided to this request without delay within 30 (thirty) days.
In detail, as an interested party, you can:
- revoke the consent previously given, without prejudice to the lawfulness of the treatment based on consent before the revocation;
- ask the Data Controller for access, rectification or cancellation ("Right to be forgotten") of personal data or the limitation of the processing of personal data concerning you, or to oppose their processing;
- obtain data portability;
- propose a complaint to the Data Protection Authority.
1. 8. HOLDER OF THE TREATMENT
The Data Controller is Avv. Enrico Toti, with registered office in Via dell'Arancio 47, 00186 Rome.
Last updated: June 2020