- Data Controller and Data Protection Officer
- Purposes and legal bases of processing
- Who process your personal data
- How do we process the data
- Types of data processed and optional conferment
- Navigation data
- Data provided voluntarily by the user
- Data retention
- Rights of interested parties
1. Data controller and data protection officer
Cevlab S.r.l. – registered office: Via Luigi Settembrini, 102 20020 Lainate (MI) ,– is the data controller for the purposes of the 2016/679 EU Regulation (hereinafter also “Regulation” or “GDPR”), as it may decide in which, how and for what reasons collect and use the personal data provided by the user, and with which tools to process them and which security procedures to activate to guarantee their integrity, confidentiality and availability.
The Data Protection Officer (“DPO”) can be reached at: firstname.lastname@example.org .
2. Purposes and legal bases of processing
The user data are processed to respond to the requests expressly advanced by them. In particular, all data collection and following processing activities are aimed at achieving the following purposes:
• registration to our site
• subscription to the newsletter service via e-mail
• sending curricula vitae (“CV”)
•generic request for information
In the event of user is both adherent and / or has regular contacts with Cevlab S.r.l., their data may will be use by have been from the Owner, pursuant to art. 6, par. 1, lett. f), of the Regulations, and, for the particular categories of data, pursuant to art. 9, par. 2, lett. d) of the Regulations, for economic activity in the state, personalized direct communication with customers, and all activities involved data profiling / crossover, or to send update messages relating to the institutional activities of Cevlab S.r.l. with automated systems (e-mail including the regular institutional e-newsletter) and not automated (paper mail and telephone with operator). For the sending of e-mails, or other automated promotional messages, is always requested an optional consent to the interested party. this consent also extends to the paper mail and telephone with an operator, for non-members or in regular contact with the association. The interested user always has the right to oppose the use of personal data by the association, pursuant to art. 21, par. 1, of the Rules. Cevlab S.r.l. as regards the different aspects, as for the interested user, but only within the limits indicated in time in the eventual additional specific information as a kit of the different and particular service requested by the user.
With reference to the activities of registration to the site, request for information, the legal basis for processing personal data is art. 6.1.b) of the Regulations as they are necessary to provide services for the verification of inter-related requests. Information are optional, but the possible use of conferment makes it impossible to operate additional services from the site, find requests or to evaluate CVs.
With reference to the possible management of legal, accounting and tax obligations, it constitutes a legitimate processing of personal data pursuant to art. 6.1.c) of the Rules. Once the personal data have been provided, the processing is indeed necessary to fulfill the legal obligations to which Cevlab S.r.l. it is subject. Where necessary, specific summary information on the processing of personal data and requests for consent will be progressively reported or displayed on the pages of the Site predisposed for particular services.
3. Who process your personal data
Personal data will not be disclosed to third parties, will be made available to persons expressly authorized by Cevlab S.r.l. – and persons in charge of the treatment of data who carry out indispensable care activities for the pursuit of the aims indicated above; the categories of persons in charge are those employed by the administration, communication, accounting, legal advice, technical maintenance of information systems, advocacy, relationships with actual and potential customers, suppliers, according to the specific request forwarded by the interested user via this site.
The updated list of managers is available on request at the e-mail address email@example.com
4. How do we process data
All the treatments carried out within this site will be carried out with electronic or telematic tools, but could also be treated with paper / manual tools.The data will be processed with logic related to the purposes for which the data were collected and in compliance with current security regulations, for the purposes indicated above or specified from time to time in any further information presented to the user.
5. Types of data processed and optional conferment
The forms to be filled in on this site include data that are strictly necessary to adhere to what is of interest. The failure to complete the forms, both optional data that are not strictly necessary to process the request., does not allow to process the request.
6. Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their nature, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or computer names used by users who connect to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and to the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
7. Data provided voluntarily by the user
The personal data normally required for the use of this web site’s services are personal data, contact. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site or the completion of our forms entails the acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request. Normally, sensitive data are not processed as per art. 9 of the Regulations (in case of processing of sensitive data for certain services, specific information will be issued and the specific consent of the interested party requested).
Based on the aforementioned provision of the Guarantor, our web site uses:”Technical cookies”, that is strictly necessary for the site or for the provision of a service explicitly requested by the user. This category of cookies includes tools to collect information, in aggregate form, on the number of users and how to visit the site. For the use of this type of cookie, the user’s consent is not required, unless expressly deny it for one or all technical cookies.The user is informed that not allowing technical cookies may make it impossible to use the Website, view its contents and take advantage of the related services. Inhibiting cookies of functionality could mean that some services or certain functions of the Website are not available or do not work properly and the user may be forced to change or manually insert some information or preferences each time he visits the Website.The lack of authorization with respect to other cookies indicated by third parties will not affect the operation of the Site; however, being such types of cookies sent exclusively by third parties, and not being able to control the site manager to send these cookies to the user’s terminal, the relative opposition can be exercised only by accessing the consent forms prepared by the aforementioned third parties, if any, or through the settings of your browser.The choices made by the user in relation to cookies on the Site will in turn be recorded in a special technical cookie, having the characteristics shown in the table of cookies. This cookie may, however, in some circumstances not work properly: in such cases, we recommend that you delete unwanted cookies and inhibit their use through the functionality of your browser.Your preferences in relation to cookies will be reset if you use different devices or browsers to access the site. At the following link you can find the list of cookies active on the site www.cevlab.it/cookie-policy .
9. Data retention
Personal data processed for the purposes set out above will be kept for the time necessary to achieve those same purposes respecting the principle of minimization referred to in Article 5, paragraph 1, letter c) of the GDPR. In any case, since these are treatments performed for the provision of services, Cevlab S.r.l. will process personal data up to the time allowed by Italian law to protect its interests (Article 2946 of the Civil Code and subsequent amendments). Further information about the data retention period and the criteria used to determine this period can be requested by writing to Cevlab S.r.l. at the e-mail address indicated.
10. Rights of interested parties
Pursuant to articles 15 and following of the Rules, the interested party has the right to ask Cevlab S.r.l., at any time, to access their personal data, to rectify or cancel them or to oppose their treatment. to request the limitation of treatment in the cases provided for by art. 18 of the Regulations, to revoke the consent given pursuant to art. 7 of the GDPR at any time; to obtain, in a structured format, in common use and readable by automatic device, the data concerning him, in the cases provided for by art. 20 of the Regulations; and to propose a complaint to the competent control authority pursuant to article 77 of the GDPR (Personal Data Protection Authority) pursuant to art. 77 of the Regulations, if it considers that the processing of your data is contrary to the law in force.To exercise the above rights, requests must be sent at firstname.lastname@example.orgThe interested party has the possibility to make a request for opposition to the processing of his data pursuant to Article 21 of the GDPR in which to give evidence of the reasons justifying the opposition: the Controller reserves the right to evaluate this request, which would not be accepted in case of existence of binding legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the interested party.