Information on the processing of personal data – EU Reg. 2016/679 (RGPD)
This information is prepared pursuant to art. 13 of EU Regulation 2016/679 (hereinafter, for brevity “EU Regulation”) on the protection of individuals with regard to the processing of personal data.
This page describes the management methods of the www.creistt.com site with reference to the processing of personal data of users who consult it and of those who interact with web services accessible electronically starting from the address www.creistt.com , corresponding to the homepage of the official website of CREI STT Elettronica sas.
This disclosure is provided only for the website www.creistt.com and not for any other websites that may be consulted by the user via links.
The information is also inspired by the Recommendation n. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by art. 29 of directive no. 95/46/EC, collaborated on 17 May 2001 to identify some minimum requirements for the collection of personal data online, and, in particular, the methods, times and nature of the information that the data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.
Following consultation of this site, data relating to identified or identifiable persons may be processed
In order to facilitate the understanding of this Information, the following definitions are reported (Article 4 of the EU Regulation):
– “processing”: any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data such as the collection, registration, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, diffusion or any other form of making available, comparison or interconnection, limitation, cancellation or destruction;
– “personal data”: any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more characteristic elements of his physical identity, physiological, genetic, psychic, economic, cultural or social;
– “data controller”: the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of processing personal data.
OWNER OF THE TREATMENT
The Data Controller of personal data relating to users of this website is:
CREI STT Elettronica sas
Via Bellini, 3 – 40055 Villanova di Castenaso (BO)
Tel. (+39) 051/781185
Fax (+39) 051/781273
PLACE OF TREATMENT
The treatments connected to the web services of this site and to the e-mail service take place at the aforementioned headquarters of the data controller.
Any personal data provided by the user are used for purposes related to the execution of the service or provision requested.
No data is communicated or disclosed to third parties, except in cases provided for by law or if necessary to perform the services requested with prior authorization from the interested party.
PROCESSING METHODS AND DATA STORAGE PERIOD
Personal data is processed with proprietary IT tools (management and office automation software) installed on PCs inside the aforementioned processing locations, or on paper forms, for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access:
- We monitor access to the site by administrator users, to check for any password theft.
- We block IP addresses that make too many incorrect login attempts.
- We use the https protocol to encrypt the transmitted data.
- We use antivirus and antimalware software on the PCs responsible for data processing.
WEB SERVICE PROVIDERS
This website, the related e-mail boxes and the database of the same site are hosted by the provider: ARUBA (Italy) – website: www.aruba.it
These providers are committed to strictly complying with their GDPR, as described on their respective websites.
LIST OF PROCESSING PROVIDED BY THIS WEBSITE
TREATMENT: “DATA PROVIDED BY THE USER VIA EMAIL”
The optional, explicit and voluntary sending of personal data – also by e-mail – to the addresses indicated on this site entails the subsequent and necessary acquisition of the sender’s address – as well as any other data included in the message – in order to respond to requests .
TREATMENT: “DATA PROVIDED BY THE USER THROUGH WEB FORMS”
The user is free to provide the personal data requested in the forms and failure to provide them may make it impossible to obtain what has been requested.
The data present in the forms of this site are stored in the website database and made available for consultation in the administration area of the website by the personnel in charge of processing for the time necessary to perform the requested service.
This data includes requests for information sent via the appropriate web contact form.
TREATMENT: “WEBSITE STATISTICS”
We store some significant data on user visits in the database of the www.creistt.com site, but without resorting to cookies or third-party applications. This information may be associated with user details such as:
- IP address
- domain of origin
- navigation browser
- date and time
- web page visited
- device type (PC or smartphone)
However, they are analyzed in an aggregate way, together with information from other users, so as not to identify a particular user compared to another.
This statistical information is stored in the website database and automatically deleted after 2 months.
TREATMENT: “USE OF FIRST-PARTY TECHNICAL COOKIES”
The www.creistt.com site uses only technical cookies for:
- Remember your browsing preferences
- Use of the reserved area
- Management of the shopping cart (until the order is completed by the interested party)
- Favorite management
The cart and favorites cookies do not collect any data attributable to the interested party, but only encrypted strings used as keys for the site database.
RIGHTS OF INTERESTED PARTIES
The interested party can assert the rights referred to in articles 15-21 of the EU Regulation, namely: the right of access to data, rectification and the right to cancellation (“right to be forgotten”) of the same, the right to limit their treatment, the right to portability, the right to object to treatment.
Requests must be sent by email to firstname.lastname@example.org or by telephone on (+39) 051/781185
PRIVACY GUARANTEE CLAIM
The interested party has the possibility to lodge a complaint with the Privacy Authority, which can be contacted on the website www.garanteprivacy.it