Privacy and Cookie Policy
Privacy and Cookie Policy
Data Controller and Owner
Via Tiziano 11 – 20841 Carate Brianza (MB)
privacy@ceba-gears.com
Data Protection Officer
Via Tiziano 11 – 20841 Carate Brianza (MB)
privacy@ceba-gears.com
Mode and place of processing the Data
Methods of processing
The data may include, in addition to their collection, their recording, organization, storage, destruction, communication, modification, selection, retrieval, consultation, processing, interconnection, blocking, comparison, use, and will be carried out with the use of paper, and with the help of electronic computer and data, in a manner and with adequate means to ensure the security and confidentiality of the data.
In particular, will be taken all the necessary technical, computer, organizational, logistical and procedural security measures, as provided by Regulation, so as to guarantee the minimum level of protection Data provided by law. In addition, the applied methods guarantee that access to data is allowed only to persons involved in the treatment by the Owner. The updated list of those responsible (administrative staff, system administrators, hosting providers) may be requested from the Data Controller at any time.
Place
The processing of Data related to the services provided takes place at the premises of the Data Controller and in locations where those involved in the treatment operate, within the territory of the European Union. The user can request the full list to the Data Controller.
Retention time
The treatment will last no more than is necessary for the purposes for which the data were collected. In addition, the User can ask the interruption of treatment or deleting data at any time.
Types of Data collected
Browsing-related data
The digital systems and software used to operate this Website involve the acquisition of certain personal details that implies their transmission when using internet protocols.
The information is not collected to identify any user, but due to its nature may allow the Controller to identify users, by processing the data and associating it with the files on record of third parties, on explicit request by Judicial Authorities.
This category of information includes IP addresses and domain names of computers used by users who log onto this Website, URI (Uniform Resource Identifier) addresses, request date/time, the method used to submit requests to the server, the size of the file received as reply, incoming server data (completed, error, etc.) and other parameters of the OS and IT framework of the user. This data (at any rate immediately deleted once it is processed) is used for the sole purpose of drawing up anonymous statistical information on this Website access and to monitor its use.
It may be used to verify liability in the event of IT crimes (hacking) to this Website.
Data deliberately disclosed by users
The optional, explicit and wilful sending of e-mails to the addresses listed on this Website entails the acquisition of the personal details submitted, as for instance, the e-mail address of the sender used by us only to reply to requests.
Additional policy statements will be posted or displayed on this Website for the provision of other special customized services.
Options regarding provision of personal data
With the exception of navigation data, the user is free to choose whether or not to furnish personal data where requested on certain the pages or sections of the site. Failure to furnish the requested information may make it impossible to obtain the requested service. It must be remembered that in some cases (not the ordinary management of this Website) the Authority may request information according to Art. 157 of Legislative Decree no. N. 196/2003, in order to control the processing of personal data. In these cases reply is obligatory under penalty of a fine.
Detailed information on the processing of Personal Data
Contacting the User
Additional information about Data collection and processing
Rights of interested parties:
As foreseen by the art. 15 of the GDPR, you will be able to access your Personal Data, request its correction and update, if incomplete or erroneous, request its cancellation if the collection occurred in violation of a law or regulation, as well as oppose the processing for legitimate reasons and specific.
- Right of access: you will have the right, according to the art. 15, paragraph 1, GDPR, to obtain from the Data Controller confirmation that a Personal Data Processing is being processed and in this case, to obtain access to such Personal Data and to the following information: a) the purposes of the treatment; b) the categories of Personal Data in question; c) Recipients or categories of Recipients to whom your Personal Data have been or will be communicated, in particular if Recipients of third countries or international organizations; d) whenever possible, the retention period of the Personal Data provided or, if not possible, the criteria used to determine this period; e) the existence of the right of the interested party to request the Data Controller to rectify or delete Personal Data or limit the processing of personal data concerning him or to oppose their processing; f) the right to lodge a complaint with a supervisory authority; g) if the Personal Data are not collected from the Data Subject, all information available on their origin; h) the existence of an automated decision-making process, including profiling pursuant to art. 22, paragraphs 1 and 4, GDPR and, at least in such cases, significant information on the logic used, as well as the importance and the expected consequences of such treatment for the interested party. All this information can be found in this information that will always be available to you within the Privacy section of each of the Web sites.
- Right of rectification: you can obtain, pursuant to the art. 16 GDPR, the correction of your Personal Data that are incorrect. Taking into account the purposes of the processing, moreover, you can obtain the integration of your Personal Data that are incomplete, also by providing an additional declaration.
- Right to cancellation: you can obtain, pursuant to art. 17, paragraph 1, GDPR, the cancellation of your Personal Data without undue delay and the Data Controller will have the obligation to delete your Personal Data, if there is even one of the following reasons: a) Personal Data are no longer required with respect to the purposes for which they were collected or otherwise processed; b) you have withdrawn the consent on which the processing of your Personal Data is based and there is no other legal basis for their processing; c) you are opposed to the processing pursuant to Article 21, Paragraph 1 or 2 GDPR and there is no longer any legitimate overriding reason to proceed with the processing of your Personal Data; d) your Personal Data has been processed unlawfully; e) it is necessary to delete your Personal Data in order to comply with a legal obligation provided for by a community or national law. In some cases, as foreseen by art. 17, paragraph 3 of the GDPR, the Data Controller is entitled not to provide for the cancellation of your Personal Data if their processing is necessary, for example, for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest, for purposes of archiving in the public interest, scientific or historical research or for statistical purposes, for the assessment, exercise or defense of a right in court.
- Right to limit the processing: you can obtain the limitation of treatment, pursuant to art. 18 GDPR, in the event that one of the following hypotheses occurs: a) you have contested the accuracy of your Personal Data (the limitation will continue for the period necessary for the Data Controller to verify the accuracy of such Personal Data); b) The processing is illegal but you are opposed to the deletion of your Personal Data asking, however, that it is limited use; c) although the Data Controller no longer needs it for the purposes of processing, your Personal Data are used for the assessment, exercise or defense of a right in court; d) you are opposed to the treatment pursuant to art. 21, paragraph 1, GDPR and you are awaiting the verification of the possible prevalence of the legitimate reasons of the Data Controller with respect to yours. In case of limitation of treatment, your Personal Data will be processed, except for storage, only with your consent or for the assessment, exercise or defense of a right in court or to protect the rights of a other natural or legal person or for reasons of significant public interest. We will inform you, in any case, before this limitation is revoked.
- Right to data portability: you can, at any time, request and receive, pursuant to art. 20, paragraph 1 of the GDPR, all of your Personal Data processed by the Data Controller in a structured format, commonly used and readable or request transmission to another data controller without impediment. In this case, it will be your responsibility to provide us with all the exact details of the new data controller to whom you intend to transfer your Personal Data by providing written authorization.
- Opposition law: pursuant to art. 21, paragraph 2 GDPR and as also reiterated by Recital 70, you may object, at any time, to the processing of your Personal Data if these are processed for direct marketing purposes, including profiling in so far as it is related to such direct marketing.
- Right to lodge a complaint with the supervisory authority: without prejudice to your right to appeal to any other administrative or jurisdictional office, if you believe that the processing of your Personal Data carried out by the Data Controller is in violation of the GDPR and / or applicable legislation, you can lodge a complaint with the competent Data Protection Authority.
Legal action
The Data Controller has the right to disclose User information if required by law or by the court, by law enforcement or other government officials, or where it considers that disclosure is necessary or appropriate to prevent physical harm or financial loss, or as part of an investigation into fraudulent or illegal activities, actual or alleged.
Changes to this privacy policy
The Data Controller reserves the right to modify, update, add, or remove portions of this Privacy Policy at its discretion and at any time. The person concerned has to check periodically for changes. This document will indicate the date of update in order to facilitate the examination of this privacy policy. Your use of the site after the posting of changes will constitute their acceptance.
Information about this privacy policy
This privacy policy was prepared autonomously and with full assumption of responsibility by the Data Controller.
Information not contained in this policy
Any additional information not mentioned in this document can be requested at any time from the Data Controller.