DATA PROTECTION NOTICE

Dear User, we hereby inform you that your personal data will be processed in compliance with current legislation on privacy and as such based on principles of correctness, lawfulness, transparency and data protection.

This information, provided in compliance with art. 13 of EU Regulation 2016/679 (“GDPR”), contains below the general information regarding the processing of personal data carried out through this website.

This policy is intended only for the www.cattini.com site (the “Site”) and does not apply to other websites that may be reached by the user (“User”) through any links on the Site.

CONTROLLER

The controller of the personal data processing is Cattini e Figlio spa, based in Via dell’Ecologia 1/3 – Casarile (MI) – Italy.

For any matter concerning the personal data processed through the use of this Site and to exercise the rights provided for by the legislation on the protection of personal data described in the text below, you may contact the Controller by the following means:

by email: privacy@cattini.com, or by ordinary mail at the following address: Via dell’Ecologia n. 1/3 – 20080 Casarile (MI) – Italy.

TYPE OF DATA PROCESSED AND PROCESSING PURPOSES

Navigation data

The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols or is used to improve the quality of service offered. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow Users to be identified.

This category of data includes IP addresses or domain names of the computers used by users who connect to the Site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc..) and other parameters relating to the operating system and computer environment of the user.

This information is not collected in order to be associated with identified interested parties, as the data are used only to obtain anonymous statistical information on the use of the Site and to check its correct functioning, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.

Please note that the data could be used by the competent authorities to ascertain responsibility in the event of hypothetical computer crimes.

Data provided voluntarily by the user

To access some services made available on the Site, you need to register and enter some personal data in the appropriate forms.

The provision of some identification data is necessary in order to authenticate and verify the legitimacy of access, in the different levels of the reserved areas, to the subjects who access them.

Users may provide personal data through the explicit and voluntary sending of requests through the functionalities available on the Site (registrations, contact requests, etc…)

In general, the personal data collected through the Site are used to:

1) execute the service or performance requested (requests for contacts and information, navigation of the Site, etc.) providing information, updates and useful advice to the User on the products and initiatives of the Controller;

2) process statistical data regarding the performance of the Site.

LEGAL BASIS OF THE TREATMENT

The processing of personal data will be carried out on the basis of one or more of the following conditions.

In particular, the processing carried out for the purposes described above, which concern:

point 1: has as its legal basis the need to implement the express requests of the User to receive a service directly available through the Site: it is therefore a question of providing data that is strictly necessary and connected to a functional phase to respond to a specific request of the User, as such the data collected from time to time are mandatory and, if they are not provided, it will not be possible to provide the service or respond to the request.

Point 2: this data is collected through the use of technical cookies as provided for in the section on the use of cookies in this information notice and for which your express consent is not required.

If your consent is required for specific processing of personal data carried out by the Site, such consent may be revoked at any time and from the revocation the data will not be further processed. .

If the User is under 16 years old, in order to process the data for these purposes it will be necessary to obtain the consent of the holder of parental responsibility towards him/her.

Where the Controller can avail himself of another legal basis (legitimate interest, public interest…), specific information will be provided.

PROCESSING METHODS, SECURITY MEASURES AND STORAGE TIME

All data will be processed mainly in electronic format. Personal data, as well as any other information directly or indirectly associated with a specific User, are collected and processed by applying technical and organizational security measures such as to ensure a level of security appropriate to the risk, taking into account the state of the art and costs of implementation, or, where applicable, security measures prescribed by specific legislation.

When using the functionalities of this Site and with reference to personal data protection aspects, Users are invited, pursuant to art. 33 of GDPR, to report to the Controller any circumstances or events from which a potential “personal data breach” may arise in order to allow the Controller to evaluate the event and take any action to contain its effects, by sending a communication to the following email address: privacy@cattini.com.

Please note that a personal data breach is defined as “a breach of security that accidentally or illegally involves the destruction, loss, modification, unauthorized disclosure or access to personal data transmitted, stored or otherwise processed”.

The personal data processed will be kept for a period of time not exceeding the achievement of the purposes for which they are processed, without prejudice to the need to keep them for a longer period following requests by the competent authorities for the prevention and persecution of crimes or, in any case, to assert or defend a right in court.

CATEGORIES OF RECIPIENTS OF PERSONAL DATA

Personal data will be processed by specifically authorised personnel by the Data Controller as well as by third parties, including those established in countries outside the European Union, only when this is necessary for the operation and maintenance of the Site and the services made available through the Site, without prejudice to any obligations provided for by law.

The data will not be disseminated in any way and, as a rule, will not be exported to third countries outside the EU.

As provided for by GDPR, the Data Controller shall appoint as data processors the third party companies that carry out all or part of the activities in question exclusively on behalf of the Data Controller.

In the case of the involvement of third parties established in foreign countries with respect to the European Union, the appropriate guarantees corresponding to the standard contractual clauses defined by the European Authority or by the national Guarantor Authorities and to the adequacy decisions issued by the European Commission and/or by the national Guarantor Authority for the protection of personal data applicable from time to time will be adopted for the relative transfer of data abroad. Alternatively, the exemptions provided for by GDPR may be applied, also in this case as applicable from time to time to the specific case.

Further information regarding cases of possible transfers of data to foreign countries with respect to the European Union and the related guarantees adopted, as well as information regarding the companies appointed as data controllers, may be requested from the Controller.

RIGHTS OF THE INTERESTED PARTIES

In relation to the processing of personal data carried out through the Site, at any time, as data subject, the User may exercise the rights provided by GDPR. In particular, he or she may:

  • access his/her personal data, obtaining evidence of the purposes pursued by the Data Controller, the categories of data involved, the recipients to whom the data may be communicated, the applicable storage period, the existence of automated decision-making processes, including profiling, and, at least in such cases, significant information on the logic used, as well as the importance and possible consequences for the data subject, where not already indicated in the text of this Information Notice;
  • obtain without delay the rectification of inaccurate personal data concerning him/her;
  • obtain, in the cases provided for by law, the cancellation of their data;
  • obtain the limitation of the processing or to oppose the same, when permitted by the provisions of law applicable to the specific case;
  • in the cases provided for by law, to request the portability of the data provided to the Data Controller, that means to receive them in a structured format, in common use and readable by automatic device, and also to request the transmission of such data to another data controller, if technically feasible;
  • where deemed appropriate, to submit a complaint to the Supervisory Authority.

For the processing of personal data for which the legal basis is consent, this may always be revoked and, in particular, the User may exercise the right to object to direct marketing if carried out through the Site. To exercise these rights, simply contact the Controller by referring to the contact details at the beginning of this Policy.

For further information about your rights and privacy policy in general, please visit the website of the Data Protection Authority at http://www.garanteprivacy.it/.

MODIFICATIONS

The Data Controller reserves the right to make changes to this Privacy Policy at any time by advertising it to Users on this page. Therefore, please consult this page often, taking as reference the date of last modification indicated at the bottom.

Information published on: 08/01/2020

Contacts
Contacts
Scroll to Top
Call Email