In accordance with the art. 13 of the European Regulation 679/16, named hereinafter GDPR, CIE Srl., defined hereinafter as the Company, would like to inform the dear Customers about the following subjects:
“Treatment” means any operation fulfilled with or without the help of automated processes and applied to personal data or sets of personal data like the collection, the registration, the structure, the adaption or modify, the extraction, the consultation, the use, the communication through transmission and any other means of diffusion, the comparison, the interconnection, the limitation, the cancellation or destruction;
“Common personal data” means any information about a physical person, identified or identifiable, directly or indirectly, with reference to an identification data like the name, an identification number, data related to a location, to online data or to a typical element of the physical, psychic, economical identity, etc.;
“Particular personal data” (or sensitive) means any data suitable for revealing the racial or ethnical origin; religious, philosophical (or other) believing; political opinion; subscription to a party or a trade union; health condition; sexual life; genetic data; biometric data;
“Data controller” means the physical or juridical person, the Public Authority or another entity which, individually or together with others, determines finalities and purposes about the treatment of personal data.
“Data co-owner” means the person who, together with the Data Controller, determines finalities and purposes of the treatment.
2. Information about the policy
3. Purposes of data collection, source, duration of the treatment, type of collected data
|Data collected in order to process contracts; order, supply, maintenance or other services required by the interested person||Contract||In accordance with contract||Common data: name, surname, telephone number, place and date of birth, residential address, tax code, passport/ID, passport/ID photo, email address|
|Data collected for marketing purposes, news, promotions||Elective explicit approval, confirmed through service usage or non-unsubscribing; public contact on social networks, registers or public lists||Duration of 12 months, implicitly renewable for the same period until the explicit revocation/cancellation||Common data: name, surname, email address social account|
|Data collected for fiscal/accounting reasons||Contract; law||In accordance with the fiscal legislation and in any case no less than 10 years||Common data: name, surname, postal address, place and date of birth, tax code, bank data|
|Data collected for employments and collaborations||Contract; law||For the entire duration of the working relationship or, anyway, until the expected termination, according to the financial regulation||CCommon data: name, surname, residential address, telephone number, place and date of birth, tax code, family condition, email address; CV; Particular data (sensible): health condition, subscription to trade unions|
4. Communication of the collected data to third parties
The collected data could be communicated to third parties:
|Common data: name, surname, residential address, place and date of birth, tax code, family condition, bank data Particular data (sensible): health condition, subscription to trade unions||Fiscal expert, lawyer, accountant Departments of social security||Payrolls elaboration, taxes and duties, communications with Public or Legal Authority or income revenue authority (Agenzia Entrate), INAIL, INPS; private insurances; banks and other banking companies||Mandatory|
|Common data: name, surname, place and date of birth, residential address, fiscal code, email address||Travel agency and administrative procedures (visas)||Organization of travels and visas||Mandatory|
|Common electronical data: email address, access data as log file, IP||System administrator Website administrator||Management, maintenance system, wire, personal computer and devices; Website management||Mandatory|
Under no circumstances the Company will divulge your personal data.
5. Data transfer to third countries extra EU
The company is allowed to transfer personal data to extra EU countries in order to process contracts or for marketing purposes, regarding to products and services it sells during events such fairs and congresses.
The protection of your personal data is guaranteed by international agreements.
6. Data protection and data breach
The company treats data both in paper and electronic format. We adopted technical and organisational measures in order to limiting the risk of loss, also accidental, of personal data. However, any system is not completely secure.
In case of breach in our informatic systems or loss of personal data, which could involve a risk of damage for you, the warrant authority and yourself will be right away informed.
7. Rights of the interested person
The interested person, in relation with the personal data object of such policy, has the right of exercise the following rights, according to the GDPR:
- Right of access to his/her own data, with the possibility of being informed about effectuate treatments and eventually to get a copy of it;
- Right of modify old or incorrect data;
- Right of cancellation of personal data without unjustified delay;
- Right of limitation of treatment;
- Right of portability of personal data through the transmission to another person;
- Right of opposition to the treatment;
- Right not to be subject to automated decisional processes;
- Right of complaining, if you think that your rights have been compromised, writing directly to the warrant authority.
Such rights could be exercised sending an email to: firstname.lastname@example.org
8. Modifies and updates
The company could modify or integrate such policy also as a consequence of eventual and subsequent changes of the policy or in the company. You can find the complete policy at www.cieeng.com.
via I Maggio 20/22
20070 San Zenone al Lambro (MI)