This English Translation is provided for Customers’ convenience only. Only the original Italian Text is legally binding. Should there be discrepancies between the Italian and the English Versions, the Italian text will prevail.
Ciotola S.R.L., registered office in Piazza De Gasperi, 18, IT – 35131 Padua (PD), Italy, in its capacity as data controller (hereinafter “Ciotola” or “Data Controller”) pursuant to EU Regulation 679/2016 (hereinafter: “Regulation” or “GDPR”) – considers privacy and the protection of personal data a key factor within its professional activities. Before communicating any personal data to the Data Controller, all Users of the Ciotola site are invited to read carefully this statement which contains important information on the protection of their personal data. “Personal Data” may also include sensitive personal data.
This notice only describes management procedures for the official Ciotola website (www.ciotolasrl.it – hereinafter: “Website”) and not for any external websites, which may be consulted by the User via links.
Additional information may be provided within the different “access channels” (channels permitting interchange of information between Data Controller and User including but not limited to newsletters and online forms), divided up by the topics covered (subject areas).
- constitutes an integral part of the Website
- is made pursuant to Art. 13 of the Regulation for those who interact with the Internet services of the Website
- in certain sections of the Website, where considered necessary, will be supplemented by detailed provisions regarding the specific processing of Personal Data.
Processing of Personal Data will be based on principles of fairness, lawfulness and transparency, respecting data purpose restrictions and retention periods, data minimisation and accuracy, integrity and confidentiality, as well as the principle of accountability pursuant to Art. 5 of the GDPR.
Users’ Personal Data will therefore be processed in accordance with the legislative provisions of the Regulation and the confidentiality obligations set out therein.
Personal Data processing means any operation or set of operations on Personal Data or sets of Personal Data, performed with or without the use of automated processes such as collecting, recording, organising, structuring, storing, adjusting or modifying, retrieving, consulting, using, disclosing by transmission, dissemination or otherwise making available, comparing or correlating, blocking, cancelling or data destruction.
The Personal Data being processed may be in the form of text, photographic or video images and any other information liable to identify the data subject or render him/her identifiable.
- Data Controller
Ciotola S.R.L., registered office Piazza De Gasperi 18, IT-35131 Padua (PD), Italy.
2. Personal Data processed
2.1. Navigation data – log files
The computer systems and the applications dedicated to the functioning of this Website detect, during their normal operation, certain data (the transmission of which is implicit in the use of Internet communication protocols) which is not associated with direct User identification.
The collected data includes IP addresses and the domain names of the computers used by the Users connecting to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the file size obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters concerning the operating system and the IT environment used by the User. This data is processed, only for the time strictly necessary, for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning.
2.2. Data provided voluntarily by the User
The voluntary and express act of sending electronic mail to the addresses indicated in the different access channels of this Website or filling in specifically prepared forms, entails the subsequent registration of sender’s / User’s addresses and data, necessary to respond to product requirements and / or to provide the requested service. Specific information in summary form will be indicated or displayed on Website pages, set up for particular ” on request”services.
2.3. Third party data provided voluntarily by Users
In the use of particular services, Personal Data of third parties, communicated to Ciotola by the User, may be processed. With regard to these hypothetical situations, the User stands as an independent data controller, assuming all corresponding legal obligations and responsibilities. In this connection, the User will fully indemnify Ciotola against any objection, claim, request for damages deriving from data processing, which may be received by the Ciotola from third parties, whose Personal Data has been processed through User’s use of the Website services in violation of applicable regulations governing Personal Data protection
In any event, if the User provides or otherwise processes third party Personal Data in their use of the Website, he/she hereby guarantees – and assumes full consequential liability – that this particular instance of processing is based on the User having previously obtained the third party’s consent to processing of any information regarding the latter.
- Purpose of Processing
The Ciotola Website may process Personal Data only within the limits of what is strictly necessary to perform our principal business activities to enable us to provide services to Users, but precluding data processing when the objectives pursued can be achieved via anonymous data, or using methods which may allow for identification of the interested party only where strictly necessary. Specific purposes, related to individual types of processing, may be reported in the various “access channels”. Here, the User can find additional information on the processing of Personal Data.Personal Data collected through the Ciotola Website may be used, with the consent of the interested party, to fulfil enquiries for despatches of informative or commercial material.
- Methods of processing
Personal Data is processed with automated tools, for no longer than strictly necessary to achieve the purposes for which it is collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorised access.
- Optional nature of the provision of data
The User is free to provide, or not, Personal Data contained in the enquiry forms for the various services offered in the portal; however, failure to provide any compulsory information, will make it impossible for the service to be supplied.
- Transfer, communication and dissemination of Personal Data
In order to guarantee and fulfil contractual obligations and / or to reach the conclusion of a contract between the Data Controller and another legal entity on behalf of the person concerned, the Data Controller may transfer the Personal Data to a third country outside the EU.With regard to the transfer of Personal Data, the European Commission has approved the use of standard contractual clauses as a means of guaranteeing the Data Subject an adequate level of protection for data transferred outside the European Economic Area.By specifically incorporating the standard contractual clauses into a contract between the parties who transfer the Personal Data, it is possible to guarantee the protection of personal information transferred to countries which are not part of the European Economic Area.The transfer is therefore carried out in full compliance with Regulation (EU) 2016/679.The Personal Data of Users requesting informative material to be sent to them (mailing-lists, answers to questions, notices and newsletters, files and provision of products and services, etc.) is used solely for the purpose of supplying the service requested and is communicated to third parties only in cases where:
- this is necessary to fulfil an enquiry (e.g. shipping service for requested documentation)
- the communication is imposed by legal or regulatory obligations
- during legal proceedings.Data processing, connected to the services of this Website is handled exclusively by:
Ciotola S.R.L., registered office:Piazza de Gasperi 18, IT-35131 Padua (Italy).
- Storage of Personal Data
Personal Data processed for the simple navigation of the Website will be kept for the time strictly necessary for this activity.For enquiries, requesting shipment of informative material or commercial information, Personal Data will be kept for a period of two years.Notwithstanding the above, Ciotola reserves the right to store the User’s Personal Data for the period of time provided for and permitted by Italian law to protect their interests pursuant to Art. 2947 of the Italian Civil Code.
- Data Subject’s Rights
Pursuant to articles 15 ff of the GDPR, Users have the right to request from Ciotola access to their Personal Data, at any time, to rectify or cancel it, or to object to its processing pursuant to Art. 21 of the Regulation. Users also have the right to request processing be restricted in the cases provided for by Art. 18 of the Regulation.Further, Users have the right to obtain, in a structured, commonly used and machine-readable format, Personal Data concerning them, according to the cases provided for by Art. 20 of the Regulation. Requests should be sent in writing to the Data Controller at the Email address: firstname.lastname@example.org.Users are entitled, at any time, to lodge a complaint with the competent supervisory authority (guarantor for the protection of Personal Data), pursuant to Art. 77 of the Regulation, if they consider that their data has been processed contrary to the legislation in force.
To exercise the above-mentioned rights or for any other enquiry,
please write toData Controller:
registered office: Piazza De Gasperi 18, IT -35131 Padua (PD), Italyor to email@example.com.