Information for the processing of personal data according to
EU Regulation n. 2016/679 (GDPR)
The information is not to be considered valid for other websites that may be consulted via links on the websites of the owner, who is not to be considered in any way responsible for the websites of third parties.
CO.RA. S.r.l. with registered office in Chiappini, 51 55011 Spianate - Altopascio (LU) (hereinafter, "Owner"), as data controller, informs you pursuant to art. 13 EU Regulation no. 2016/679 (hereinafter, "GDPR") that your data will be processed in the manner and for the following purposes:
Object of the treatment
The Data Controller processes personal, identifying and non-sensitive data (by way of example but not limited to: name, surname, company name, address, telephone, e-mail - hereinafter, "personal data" or even "data") communicated by you when registering on this website (hereinafter, the "Site"), participating in opinion and satisfaction surveys, filling out registration forms through the Site and making online requests.
Purpose of the treatment
Your personal data are processed for the following Service Purposes:
- manage and maintain the Site or allow you access to dedicated areas;
- allow you to use any Services requested by you;
- respond to online contact chats;
- grant you access to programs and services;
- offer assistance and consultancy even remotely;
- process a contact request;
- for administrative-accounting activities in general;
- fulfill the obligations established by law, by a regulation, by community legislation or by a
- order of the Authority or upon requests from the Italian or foreign government or the Italian Chamber of Commerce;
- prevent or discover fraudulent activities or abuses harmful to the Site;
Processing methods and data retention period
The processing of your personal data is carried out by means of the following operations: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data.
Your personal data are subjected to both paper and electronic and / or automated processing, through the use of a website hosted on the data controller's server.
The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and in any case for no more than 10 years from the termination of the relationship for the purposes of the service and for no more than 2 years from the collection of data for the other purposes. In compliance with the provisions of art. 5 paragraph 1 letter. e) of EU Reg. 2016/679, the personal data collected will in any case be stored in a form that allows identification of the data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed.
Your data may be made accessible for the purposes referred to in paragraph 2:
- to employees and collaborators of the Data Controller, in their capacity as persons in charge and / or internal managers of the processing and / or system administrators;
- to third-party companies or other subjects (website provider, cloud provider, e-payment service provider, suppliers, hardware and software assistance technicians, shippers and carriers, credit institutions, professional firms, etc.) who carry out activities in outsourcing on behalf of the Data Controller, in their capacity as data processors
Communication of data
Without your express consent (pursuant to Article 24 letter a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data to Supervisory Bodies and Judicial Authorities, as well as to all other subjects to whom communication is mandatory by law. However, it ensures that your personal data will never be made public on the owner's website
Personal data are stored on servers within the company. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers, in which case the Data Controller ensures from now on that thedata transfer outside the EU will take place in compliance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission.
Nature of providing data and consequences of refusing to respond
The provision of data for the purposes referred to in paragraph 2 is mandatory. In their absence, we will not be able to guarantee you neither the registration on the Site nor the Services.
You can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided. In any case, you will continue to be entitled to the Services referred to in art. 2.A).
Rights of the interested party
In your capacity as interested parties, you have the rights referred to in art. 15 GDPR and precisely the rights of:
- obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
- obtain a copy of the personal data being processed;
- obtain from the data controller the correction of inaccurate personal data concerning him without undue delay;
- obtain from the data controller the cancellation of personal data concerning him without undue delay;
- oppose the processing of their personal data;
- and / or withdraw consent to the processing of your personal data (to the extent that such processing is based on consent and consent is the only permitted basis for processing).
How to exercise the rights
You can exercise your rights at any time by sending:
- a registered letter with return receipt to the place of business, with the address stated in the incipit;
- an e-mail to firstname.lastname@example.org
Owner, manager and agents
The Data Controller / Data Processor (pursuant to articles 4, 24, 28 of the EU Reg. 2016/679) is CO.RA. S.r.l. with registered office in Località Chiappini, 51 55011 Spianate - Altopascio (LU). The updated list of data processors and persons in charge of processing is kept at the headquarters of the Data Controller.
Changes to this Notice
This information may be subject to changes. It is therefore advisable to check this information regularly and refer to the most updated version.
------------ ADDITIONAL POLICIES AND AGREEMENTS ------------Confidentiality agreement for all information provided by our customers and site users
The data controller hereby declares to be aware that following the employment relationship with customers and / or consultancy, even free of charge, with users of the site who contact the owner by email or chat or other communication channels, he / she may become aware of data, information and news in general, of a confidential nature and undertakes to maintain the strictest confidentiality on what has been received, as well as on any other news, confidence and / or information, in the broadest meaning of the term, learned about and / or by the customer or user of the site.