This policy describes the procedures followed by CEDEO SAS (hereinafter “CEDEO” or the “Data Controller”) in relation to the processing of personal data collected through the www.cedeo.net website (hereinafter the “Website”). Unless otherwise specified, this policy also applies to information – pursuant to art. 13 of the legislative decree n. 196/2003 (hereinafter the “Code”) and art. 13 of the Regulation (EU) n. 2016/679 (hereinafter the “GDPR”) – rendered to those who interact with the Site (hereinafter the “User”). Information on the processing of detailed personal data are reported, where necessary, in the pages relating to the individual services offered through the Site. This information is aimed at defining limits and methods of processing personal data of each service, on the basis of which the user can freely express their consent, if necessary, and possibly authorize the collection of data and their subsequent processing.
Data Controller responsible for the data processing.
The Data Controller is WimLabs Srl, with registered office in Via Borgionera, 103 10040 Villar Dora (TO) Italia, tel. +393381059702, e-mail firstname.lastname@example.org. The updated list of all data controllers is available at the headquarters of the Data Controller.
Responsible for Data Protection.
The person in charge of Data Protection, designated by the Data Controller, can be contacted by:
– ordinary post, at CEDEO SAS, Via Borgionera, 103 10040 Villar Dora (TO) Italia, att.n the Data Protection Officer;
– telephone number +393381059702;
– e-mail, at email@example.com
Types of data processed
Through the Website, it will be possible to collect and process:
– navigation data;
– personal data provided voluntarily by the user in the forms on the Site.
Cookies are small text files that visited sites send to the user’s terminal, where they are stored, and then be transmitted back to the same sites on the next visit. The Website uses technical cookies, both of the Website or of third parties. These cookies, being of a technical nature, do not require the prior consent of the User to be installed and used. In particular, the cookies used on the Site are traceable to the following sub-categories:
- browsing or session cookies, which guarantee the normal navigation and use of the Website. As they are not stored on the user’s computer, they disappear when the browser is closed;
- analytical cookies, which collect and analyse statistical information on the number of users and visits to the Web sites;
- social widgets and plugins: some widgets and plugins made available by social networks can use their own cookies to facilitate interaction with the reference site.
Below third-party cookies installed on the Site are listed. For each of them a link is provided to the related information on the processing of personal data and how to disable cookies used. With regard to third-party cookies, the Data Controller has the sole obligation to include in this policy the link to the third-party site. It is the responsibility of this subject, however, to disclose and indicate the methods for the possible consent and/or deactivation of cookies.
- Google Analytics: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
Cookies can be disabled by the user by changing the browser settings based on the instructions made available by their suppliers to the links listed below.
– Microsoft Internet Explorer: https://support.microsoft.com/it-it/help/278835/how-to-delete-cookie-files-in-internet-explorer
– Microsoft Edge: https://support.microsoft.com/en-us/help/4027947/windows-delete-cookies
– Mozilla Firefox: https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie
– Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=it
– Apple Safari: https://support.apple.com/kb/ph21411?locale=it_IT
– Opera: http://help.opera.com/Windows/10.00/it/cookies.html
Purpose and legal basis of the processing
Personal data collected through the Website will be processed to handle requests for information or documents sent by the User.
The processing of personal data for the aforementioned purposes does not require the consent of the User as the processing is necessary to fulfill specific requests of the data subject pursuant to art. 24, c. 1, lett. b) of the Code and of the art. 6, c. 1, lett. b) of the GDPR.
Provision of data and consequences in case of failure to provide.
The provision of personal data for the aforementioned purpose is optional and their failure to provide will result, as a sole consequence, in the inability for the Owner to manage and fulfil the requests of the person concerned.
Method of treatment
Personal data will be processed electronically, also through insertion and organization in databases, in compliance with the provisions of the Code and the GDPR in security measures.
Recipients or categories of recipients
Personal data may be made accessible, brought to the attention of or communicated to the following persons, who will be appointed by, as the case may be, those responsible or persons in charge:
- companies in the group of which the Data Controller is a member (controlling, controlled, connected), employees and / or collaborators for whatever title of the owner and / or company of the group to which the Holder belongs;
- public or private entities, natural or legal persons, whose owner is used for the performance of activities instrumental to achieving the aforementioned purpose or to which the Data Controller is required to communicate personal data, pursuant to legal or contractual obligations.
In any case, personal data will not be disclosed.
Personal data will be kept for 2 years from their registration.
Access rights, cancellation, limitation and portability
The interested parties are granted the rights referred to in articles 7 of the Code and from articles 15 to 20 of the GDPR. By way of example, each interested party can:
- obtain confirmation of the processing of personal data concerning the interested party;
- if processing is in progress, obtain access to personal data and information regarding the treatment and request a copy of personal data;
- obtain the correction of inaccurate personal data and the integration of incomplete personal data;
- obtain, if one of the conditions foreseen by the art. 17 of the GDPR, the cancellation of personal data concerning the interested party;
- obtain, in the cases provided for by art. 18 of the GDPR, the limitation of the treatment;
- receive personal data concerning him in a structured format, commonly used and readable by automatic device and request their transmission to another holder, if technically feasible.
Each interested party has the right to object at any time to the processing of his personal data carried out for the pursuit of a legitimate interest of the Data Controller. In the event of opposition, your personal data will no longer be processed, provided that there are no legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the interested party or for the assessment, exercise or defense of a right in court.
Right to propose a claim to the Authority
Furthermore, each interested party may lodge a complaint with the Authority for the Protection of Personal Data in the event that he believes that his rights under the Code and the GDPR have been violated, according to the procedures indicated on the website of the Authority accessible at : www.garanteprivacy.it.