Privacy policy
test wsPRIVACY AND COOKIE POLICY
This Privacy and Cookie Policy informs Users of this Site about the processing of their personal data by the data controller and about the data protection rights available to them. This Privacy and Cookie Policy concerns this Site only and not any other sites that the User might access via links on this Site.
THE DATA CONTROLLER
The data controller is Calligaris S.p.A. a socio unico, with registered office at Via Trieste 12 , 33044 Manzano (UD), Italy, contact email: [email protected]. (the “Data Controller” or “Calligaris SpA”).
LEGAL BASIS FOR DATA PROCESSING
The personal data referred to on this page are processed by the Data Controller for the purposes of managing the Site, providing dedicated information notices and where necessary obtaining the consent of the data subjects involved, so as to be able to offer and perform services on the Site.
Where the data controller uses, for direct marketing of its products or services, the details of the email supplied by a data subject for the sale of a product or service, the Data Controller can refrain from requesting the data subject’s consent on condition that the products and services in question are similar to those sold and that the data subject, once suitably informed, does not object to such use either initially or on receiving subsequent communications. The data subject must be informed of the option of objecting to such processing at any time, easily and free of charge, both at the time of collecting the data and when sending any communications for the purposes referred to above. In this case the legal basis for data processing is the legitimate interest of the Data Controller.
TYPE OF DATA PROCESSED
Browsing data
The IT systems and software procedures used to power this Site collect, as part of their normal workings, personal data, the transmission of which is implicit in the use of internet communications protocols. This information is not collected for the purpose of being correlated with the relevant identified Users, but such information could by its very nature be employed to identify Users through specific procedures and correlation with data held by third parties. This data category includes: IP addresses and domain names of computers used by Users connecting to the Site; the addresses of the resources requested in URI (Uniform Research Identifier) form; the time of the request; the method used to submit the request to the server; the size of the file obtained in response; the numerical code indicating the status of the response given by the server (successful, error, etc.); and other parameters relating to the operating system and the IT environment of the User. Such data are used exclusively to collect anonymous statistical information on Site use and to monitor the correct working of the Site and are deleted immediately after processing. Where appropriate they could also be used to identify guilty parties in cases of unlawful computer activities against the Site. Except in such cases, such data on web contacts are currently not stored for more than seven days.
Data provided voluntarily by the User
The optional, express and voluntarily sending of emails to the addresses specified on this Site will involve subsequent recording of the sender’s address, which is necessary to respond to the request, together with any other personal data contained in the message. Relevant information notices are provided or viewable on the dedicated pages of the Site for provision of certain services on a request basis.
OPTIONAL DATA
Apart from the provisions regarding browsing data, Users are free to provide their personal data as entered into request forms. Failure to provide such data may render the service requested impossible.
TYPE OF DATA PROCESSED
Only data collected through browsing protocols, data resulting from use of cookies and data voluntarily provided during browsing or during subsequent contacts will be processed.
RECIPIENTS OF DATA
The data collected following accessing of the Site as specified above may be sent to the entities appointed as data processors, for the services of development, provision and operational management of the technological platforms used.
The personal data collected are also processed by the persons in charge of processing appointed by the controller, acting in accordance with specific instructions provided on the purposes of and methods used for processing. These include couriers, IT service providers, marketing agencies, customer services and other entities.
PROCESSING METHODS
Personal data will be processed using automatic means for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures will be put in place to avoid loss, unlawful or improper use and unauthorised access to the data.
All marketing and personal data profiling activities will be performed only after obtaining the express and unequivocal consent of the data subject in question.
PERIOD OF DATA STORAGE
Browser data are stored only for the time strictly necessary for the purposes of browsing. Data provided on a voluntary basis will be stored for the period of time necessary for the requested services to be performed.
The Site will consider various factors to determine the appropriate storage period for personal data processed by the Site with the User's consent, so as to ensure that personal data is not kept for longer than necessary. Such factors include the purpose for which the Site processes personal data and the current type of relationship with the data subjects in question (how often they access their account on the Site and open newsletters, or how regularly they browse or buy on the Site, etc.);
The Site will erase the personal data or render them anonymous once their storage is no longer possible or necessary in accordance with the applicable laws.
TRANSFER OF DATA OUTSIDE OF THE EU
No data collected following browsing of the Site will be transferred to non-European Union countries.
DATA SUBJECT RIGHTS
Data subjects have the right to request of the Data Controller access to and rectification and erasure of their personal data, as well as limitation of the processing of such data, or to oppose data processing. Requests should be sent using the contact details given above.
Specifically, data subjects have the right to obtain:
- updating, rectification or, where it is in their interest, completion of the data;
- erasure, anonymisation or blocking of data that have been processed unlawfully, including data the storage of which is unnecessary for the purposes for which they have been collected or subsequently processed;
- certification to the effect that the operations as per letters a) and b) have been notified, also with regard to their contents, to the data processors and the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;
- suspension of data processing, where provided for under the law;
- the portability of personal data, in other words the right to receive personal data concerning them in a structured, commonly used, machine-readable and interoperable format, within the limits provided for under the law;
Users also have the right to withdraw consent to processing of their data at any time.
Data subjects have the right object, in all or in part, to the processing of their personal data on legitimate grounds, both where the data are relevant to the purposes for which they have been collected, and in cases where they are used for advertising communication or marketing purposes.
For all correspondence and to exercise their rights, data subjects can contact the controller at the email address: [email protected]
RIGHT OF COMPLAINT
Data subjects have the right to lodge a complaint with the supervisory authority (the “Garante”) if they believe that their data was processed in violation of the GDPR, or to take action before the courts.
7/14/2020 3:21:27 PM