This information is provided in accordance with Art. 13 of Regulation (EU) 2016/679 (GDPR), to users visiting the website of Came SpA, which can be accessed online at the landing page, www.came-italy.com.
This policy only describes the management of the company’s official website, and does not apply to external websites that the user may visit through links.
Additional information can be obtained from various channels, divided according to topic. Other information about specific services may be obtainable on the website.
Controller Came spa –
Via Risorgimento, 96 36070, San Pietro Mussolino, VI
contact data: firstname.lastname@example.org
Purposes of the processing
Personal data supplied voluntarily will be processed for the following purposes:
- browsing this website;
- interacting with the social networks;
- your requests for contact and information;
- the sending of emails, via newsletters;
- administration and accounting purposes, and to fulfil legal requirements.
Your personal data may also be used for marketing and publicity purposes, with your consent. Registration for the newsletter will enrol you on a mailing list, which mean you will be sent commercial or promotional communications.
Types of data processed; method of collection
Browsing data and log files
You can access the website without having to provide any personal data. The information systems and applications on this website will, during the course of their normal functioning, record certain data (the transmission of which is implicit in the use of internet communication protocols) but which is not associated to directly-identifiable users. This data includes the IP addresses of users logging on to the site, URI (Uniform Resource Identifier) addresses, the time of the request and the numerical code indicating the status of the reply from the server (successful, error, etc.).
This information does not provide the user’s personal details and is not collected for the purposes of matching to identified data subjects. It is technical/digital data that is collected and used in aggregate, anonymous form to verify the proper functioning of the website and monitor its security, to improve service quality and to provide statistics about the use of the website, to verify responsibility for computer crimes against the website.
Data given voluntarily by the user
The voluntary, express sending of emails to the addresses indicated on the various channels on this website will mean that the sender’s/user’s address and data are stored in order to respond to the enquiry or provide the requested service. However, the data will be processed in accordance with the principles of fairness, lawfulness, transparency and protection of privacy, as indicated in the GDPR. In any case, before activating a certain service, appropriate information will be given and consent to the use of personal data will be obtained if required. This consent may be revoked at any time, whereupon the service in question may not be used.
Legal basis for the data processing
The personal data of visitors and users of the website will be processed in accordance with the consent provided in relation to the uses and purposes described above, for data supplied voluntarily after accessing and browsing the website and/or using the services supplied by the Data Controller through the website. Apart from the information given in relation to browsing data, which is automatically collected by the system, and for the operation of cookies (please see above), the provision of data is optional. Users may revoke or withhold consent already given, at any time.
Failure to provide consent or revocation of consent will have no consequences except the impossibility of using the website and/or of accessing the required service or of obtaining more detailed information about the Company’s activities.
In any case, personal data may be processed if necessary to pursue a legitimate interest of the Data Controller or on the basis of a legal obligation. The obtaining of consent for the processing referred to above in relation to browsing data and log files is not necessary, as the data will be processed as a response to a legitimate interest (Recital 47 GDPR).
Optional provision of data
Apart from the information given in relation to browsing data, the provision of personal data by the data subject for the purposes described in the above paragraph, is optional. Non-provision of this data may result in the impossibility of using certain services supplied by the website.
Method of data processing
The personal data will be processed by automated means for the time strictly necessary to fulfil the purpose for which it was collected, in accordance with the principles of legality, limitation of purpose and minimisation of data (Art. 5 GDPR) and in accordance with the obligatory periods prescribed by law. Specific safety measures will be observed to prevent the loss of data, illegal or unauthorised use, and unauthorised access.
Disclosure and/or dissemination of data
Your processed data will not be disseminated but may be disclosed to companies with legal connections to the company, in accordance with the limits of the GDPR. The collected data will not be transferred abroad. Your data may be disclosed to third parties in the following categories:
– providers of services for the management of the information system used by the company and telecommunications networks (including email);
– service and consulting firms or companies;
– the competent authorities, to fulfil legal requirements and/or orders by public bodies, on request.
The parties mentioned in the above categories will act as Data Processor, or alternatively in full autonomy, as separate Data Controllers. A list of the data processors is kept up to date at all times and can be obtained from the Company’s offices. Any other communications or disclosures will only take place with your express consent.
Period of conservation of data
On completion of the service or delivery, your personal data will be stored only for historic or statistical purposes in accordance with the law, the regulations, EC directives and codes of good practice signed in accordance with Article 40 of Regulation (EU) 2016/679 for a period prescribed by current laws (usually 10 years), or, if no law applies, for a period of no more than 5 years. Beyond that period, the personal data will be stored anonymously or will be destroyed.
Automated decision-making process
The data controller informs the data subject that this website does not contain any automated decision-making processes, and in particular there is no profiling system.
This website and the Data Controller’s services are not intended for children under 16 and the Data Controller does not deliberately collect the personal details of minors. If the personal details of minors are involuntarily recorded, the Data Controller will promptly delete them at the user’s request.
Rights of the data subject
Data subjects have the right to receive information from the Company about the processing of their personal data, by sending an email to: email@example.com
- Right of access: we are clear and open about the data we collect and how we use it. You can contact us at any time by sending us an email to access the information in our possession.
- Right of rectification: you have the right to obtain the rectification of any inaccurate or incomplete data, and to request its updating and/or modification.
- Right to erasure (‘right to be forgotten’): Send a request for the erasure of all your data and we will process your request within 30 days.
- Right of limitation: you have the right to request that the data controller limits the processing of your data.
- Right to data portability: At your request, we can export your data in a structured, commonly used and machine-readable format so that it can be transferred to a third party.
- Right to object: You can unsubscribe at any time, from any of the specific uses that we make of your data (newsletters, automatic emails etc.)
- Right to lodge a complaint: If you consider that your rights have not been respected, you can complain to the relevant authority according to the instructions published on the website www.garanteprivacy.it or by sending an email to firstname.lastname@example.org