privacy policy
Pursuant to EU Regulation 2016/679
This privacy policy describes how we collect, use, process and disclose personal data, in accordance with the current legislation.
TYPES OF DATA WE COLLECT AND PURPOSES
All personal data will be processed, by all means, exclusively for purposes strictly connected to our business relationships and mandatory laws. In particular, we will collect identification data (name, surname, address, telephone number, e-mail address, social security number, copy of the identity document) in the company database for accounting purposes and payment information (bank account or credit card details) to manage receipts and payments.
THE CONTROLLER AND PERSONAL DATA TRANSFER
The processing of personal data will be carried out by Ciresa Srl, 23815 Introbio (LC), Via Vittorio Emanuele no. 62, as controller. Your data may be disclosed only for two justified reasons:
- to our external processors for the purposes of the execution of the contract, such as for example legal, administrative, fiscal consultancy, auditing firm, couriers and freight forwarders, data processing centres;
- to courts, public authorities, governmental authorities or authorized third parties, in the case and to the extent we are required or authorized to do so by law or if such communication is reasonably necessary.
WHEN DATA PROCESS IS MANDATORY OR OPTIONAL
We shall process personal data anytime is required by law or contract. Therefore, any refuse to provide such data will prevent us to fulfil contractual obligations.
On the other hand, although it is our legitimate interest to use our clients contacts for marketing purposes, you can object to processing such data so that you won’t receive any further information on our activities, services and products or our commercial offers.
RIGHTS OF THE DATA SUBJECT
At any time, you may exercise the rights listed below against us, by sending an email to ciresa@ciresa.it. We remind you that we may ask you to verify your identity before taking further action based on your request:
Data management: you can access and update your data by contacting us via e-mail;
Data rectification: you have the right to ask us to correct inaccurate or incomplete personal data concerning you;
Portability and access: you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller (where technically feasible);
Storage and erasure: your personal data will be kept for the time necessary to execute the contract with you and for the time necessary (generally a decade from termination of contract) to fulfil our legal obligations (tax and / or legal proceedings) . Upon expiration, they will be permanently deleted. We may retain some of your data for the time necessary to satisfy our legitimate business interests, such as fraud prevention and detection and the promotion of security. Personal data provided and processed for marketing will be retained for this purpose until your objection. Because we protect our business from accidental loss or data theft, residual copies of your personal information may, for a limited period of time, not be removed from our backup systems.
Withdrawal of consent and restriction of processing: at any time, you can revoke your consent by sending us an email specifying the type of process you do not allow. Withdrawal of consent is not retroactive and therefore does not affect any previous legitimately performed treatment.
Opposition to processing: you may object to processing your personal information for specific purposes (including profiling). We will no longer process your personal data unless there are compelling legitimate grounds to proceed or if processing is necessary for the exercise or defence of legal claims. Where personal data are processed for direct marketing, you may opt out or object at any time by sending us an email.
Complaints: you have the right to submit a complaint to the Italian Data Protection Authority (Garante della Privacy) about data processing activities carried out by Ciresa Srl.
To facilitate the exercise of your rights, we have made available the form drafted by the Italian Data Protection Authority.
SECURITY
Ciresa Srl constantly implements and updates appropriate administrative, technical and organizational security measures to protect your data from unauthorized access by third parties, from destruction or alteration. Firewalls, antivirus, and access controls to information are some security measures we use to protect your data. In case of use or suspicion of unauthorized use of your personal data you can contact us at the email ciresa@ciresa.it.