PRIVACY STATEMENT – PERSONAL DATA PROCESSING AND PROTECTION
Pursuant to arts. 13 and 14 of EU Regulation 2016/679 (General Data Protection Regulation - GDPR)
The European Regulation 2016/679, applicable in all Member States, recognizes the protection of their personal data that are subject to treatment by third parties to each data subject, as a sign of respect for human dignity and fundamental human rights and freedom.
Based on the provisions of the aforementioned Regulation, we wish to inform you that the processing of your data will be carried out in full compliance with the principles of lawfulness, fairness and transparency and protection of the confidentiality of your data in compliance with the provisions of said regulation.
Please also note that the data you provide to us through our websites or via email requesting information or clarifications will be acquired for the sole purpose of replying to your requests. Any other use will be subject to our explicit consent.
Therefore, according to the provisions of the applicable European Regulation and Member State law, we provide you with the following information.
1. Applied legal basis, purposes of the processing
The purposes of the processing for which your data are intended are linked to respond to your explicit requests, the fulfilment of the contractual and pre-contractual relationship existing between the parties for compliance with the rules and legal obligations to which the Data Controller is subject and for the pursuit of the legitimate interests of the Data Controller or third parties, if previously authorised. Any processing of your personal data for purposes other than those specified herein shall be subject to specific and independent disclosure and specific consent.
2. Method of processing
The data concerning you will be processed and stored using computerized media and tools and/or in printed form, so as to allow you access to your personal data in our possession, according to the most suitable methods to guarantee its completeness, updating, security and confidentiality, including the protection from unauthorised and/or unlawful processing, loss, destruction or accidental damage. Subject to communications carried out in compliance with legal obligations, the data may be disclosed to third parties who perform specific tasks on behalf of the undersigned person against explicit commitment to the protection of your personal data in accordance with the provisions of this privacy statement and the rules regarding the Data Processor pursuant to arts. 28 et seq. of EU Regulation 679/2016, as well as the applicable legal provisions.
3. Data storage
The data concerning you will be retained for the entire duration of the relationships established between the parties and after termination of the existing relationship/contract or upon completion of your request. Where there are contractual obligations, the data will be kept in compliance with civil and tax law requirements applicable to the existing relationship, as well as any other Data Controller’s fulfilment/legal obligation; in any case, they will be deleted after 10 years from the last processed operation (backup history deletion).
4. Data Controller
The data controller is Cy. Pag. S.r.l., based at 13 Via del Commercio, 23017 Morbegno (SO).
Tel: 0342 605011; e-mail: firstname.lastname@example.org
External data processors may be appointed upon the assignment of external tasks by the Data Controller, the execution of which requires the disclosure of your data, from among those who provide sufficient guarantees to put in place suitable technical and organisational measures to meet normative requirements and guarantee the protection of the rights of data subject, after the Data Controller has signed a specific contract/addendum to the professional assignment containing data processing requirements and specifications.
5. Rights of the data subject
You may exercise all the rights envisaged by the European Regulation and Member State law, namely arts. 13, 14, 15 to 22 and 34 of said regulation and decrees, at any time on written request, in particular:
a) the right of free access to the personal data and/or obtain a copy of the personal data undergoing processing, with the indication of all the aspects relevant to the processing envisaged by the GDPR;
b) the right to obtain, free of charge, the updating, the rectification of inaccurate personal data concerning you, the restriction of processing or the addition of supplementary data, as required;
c) the right to object, in whole or in part, to the processing of personal data concerning you even if pertinent to the purposes of collection for legitimate reasons or to withdraw, in whole or in part, your consent, whenever necessary.
d) the right to partial or total erasure of your data, including the right to be forgotten.
e) the right to lodge a complaint with a supervisory authority (in Italy, the Guarantor for personal data protection) or judicial authorities where the conditions exist.
The complete list of the rights of the data subject can be consulted on the Guarantor’s website or it is available at the Data Controller’s Head Office and can be sent via email, upon written request.
You can exercise your rights by sending a letter or an e-mail to Cy. Pag S.r.l., registered office at 13 Via del Commercio, 23017 Morbegno (SO), phone (++39) 0342 605011; e-mail: email@example.com
Below is a description of how we manage our website in connection with the processing of visiting users’ personal data. This disclosure is provided for all those who interact with the company web services and can be seen by logging on to www.cypag.com.
Our website can be accessed via SSL protocol and certified in compliance with current WEB security guidelines.
TYPES OF DATA PROCESSED BY THE WEB PLATFORM
Browsing data: during normal operation, the computer system and software procedures used to manage the www.cypag.com website acquire some personal data whose transmission is implicit in Internet communication protocols. The information collected is not intended to be associated with identified data subjects but which, by its very nature, could allow users to be identified through the processing and association with data held by third parties. This category includes the following data:
These data are only used to manage contacts with customers, consultants, suppliers and/or collaborators in general; they will be deleted immediately after processing/use. However, they could be used to identify any responsibilities in case of hypothetical computer crimes against the website or connected in any way to browsing on any links.
The www.cypag.com website can use session cookies and persistent cookies.
The types of cookies generated by this website directly are:
Technical cookies, that used :
This website also allows third-party cookies to be transmitted to the user terminals.
As a technical service intermediary, Informatica Service Center S.r.l. only sends third-party cookies and does not manage their processing (i.e. they do not have control and access to any provided/acquired information) as this is third parties’ responsibility. For these cookies, you can access the privacy statement and the third-party consent forms by clicking on the links below.
You can disable cookies on your browsers at any time. The procedure is illustrated below.
Users can manage these cookies through their browser settings.
Users can manage their cookie preferences through the features available in common browsers (Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari) to delete/remove cookies (all or some) or change browser settings so as to block the sending of cookies or limit it to specific sites (compared to others).
It is also possible to know how to configure browser settings (normally accessible from the “Tools” bar) from the “Support” web pages of browser providers (identifiable through a common search engine).
Disabling cookies does not, in principle, prevent the use of website services; however, if all cookies were deleted/blocked, including technical cookies, some operations could not be performed or would be more complex and/or less secure, such as operations in website Reserved Areas (cookies allow for user identification and data storage within the session).
If any users/visitors logging on to this website send own personal data to access to certain services or make requests by email, this involves the acquisition by Cy.Pag S.r.l. of the sender’s address and/or other personal data that will be processed only to respond to this request or provide the service. Personal data provided by users/visitors will be communicated to third parties solely when disclosure is required to meet users/visitors’ requests or is subject to their consent.
Cookies consist of portions of code installed in the browser that assist the Owner in providing the Service according to the purposes described. Some of the purposes for which Cookies are installed may also require the User's consent.
Where the installation of Cookies is based on consent, such consent can be freely withdrawn at any time following the instructions provided in this document.
Activity strictly necessary for the functioning of the Service
Activity regarding the saving of preferences, optimization, and statistics
Some of the services listed below collect statistics in an anonymized and aggregated form and may not require the consent of the User or may be managed directly by the Owner - depending on how they are described - without the help of third parties.
The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.
Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal Data collected: Cookies and Usage Data.
Displaying content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of this Application and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.
Google Maps widget (Google Inc.)
Google Maps is a maps visualization service provided by Google Inc. that allows this Application to incorporate content of this kind on its pages.
Personal Data collected: Cookies and Usage Data.
In addition to what is specified in this document, the User can manage preferences for Cookies directly from within their own browser and prevent – for example – third parties from installing Cookies.
Through browser preferences, it is also possible to delete Cookies installed in the past, including the Cookies that may have saved the initial consent for the installation of Cookies by this website.
Users can, for example, find information about how to manage Cookies in the most commonly used browsers at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Internet Explorer.
Notwithstanding the above, the Owner informs that Users may follow the instructions provided on the subsequently linked initiatives by the EDAA (EU), the Network Advertising Initiative (US) and the Digital Advertising Alliance (US), DAAC (Canada), DDAI (Japan) or other similar services. Such initiatives allow Users to select their tracking preferences for most of the advertising tools. The Owner thus recommends that Users make use of these resources in addition to the information provided in this document.
Owner and Data Controller
Via del Commercio, 1323017 Morbegno (SO), Italia
Owner contact email: firstname.lastname@example.org
Definitions and legal references
Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Information collected automatically through this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.
The individual using this Application who, unless otherwise specified, coincides with the Data Subject.
The natural person to whom the Personal Data refers.
Data Processor (or Data Supervisor)
Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.
The means by which the Personal Data of the User is collected and processed.
The service provided by this Application as described in the relative terms (if available) and on this site/application.
European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Small piece of data stored in the User's device.
This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).
Latest update: October 12, 2018