Privacy Notice - Contact Section
(version 1.0 of 24 April 2018)
Dear Visitor / Visitor
This Internet site www.centrufficio.it is owned by the company Centrufficio Loreto spa - legal and administrative office legal office in Viale Andrea Doria 17 - 20124 Milano (MI) Italy and administrative office in Via Doria, 19 – 20093 Cologno Monzese (Mi) Italy; as Data Controller for subjects personal data processing of the Site provides below the privacy policy pursuant to art. 13 of Legislative Decree no. 196/2003 (hereinafter, the "Privacy Code") and pursuant to art. 13 of EU Regulation 2016/679 of 27 April 2016 (hereafter, "Regulations", the Regulations and the Privacy Code are together defined as "Applicable Regulations").
This Site and any services offered through the Site are reserved to subjects over eighteen years age. The Data Controller therefore does not collect personal data relating to subjects under such age. Upon request by Users, the Data Controller will promptly delete all personal data involuntarily collected and related to persons under 18 years of age.
The Data Controller takes the utmost account of the right to privacy and subjects personal data protection. For any information related to this privacy statement, Users may contact the Data Controller at any time, using the following methods:
• via recommends a.r. (at the address Via Doria, 19 – 20093 Cologno Monzese – Mi – Italy)
• by e-mail (at the address privacy@centrufficio.it)
The Data Controller has not identified the person in charge of data protection (RPD or DPO), as it is not subject to the obligation of designation provided for by art. 37 of the Rules.
1. Purpose of the processing
Users' personal data will be processed lawfully by the Data Controller pursuant to art. 6 of the Regulations for the following processing purposes:
a) to comply with the User's request: their personal data are collected and processed by the Data Controller for the sole purpose of processing their request. The User's data collected by the Data Controller for this purpose include: the name, surname, company, city and address of residence / domicile, email address, telephone number, as well as all personal information of the User possibly and voluntarily published. No other treatment will be carried out by the Owner in relation to the Users’ personal data, unless the User gives the Data Controller a specific and optional consent to the processing of their data for the further purpose of processing provided for in the
paragraph 2. Without prejudice to the provisions elsewhere in this privacy statement, under no circumstances will the Data Controller make the Users’ personal data accessible to other Users and / or third parties.
b) administrative-accounting purposes, or to perform activities of an organizational, administrative, financial and accounting nature, such as internal organizational activities and activities functional to the fulfilment of contractual and pre-contractual obligations;
c) legal obligations, or to fulfil obligations under the law, an authority, a regulation or European legislation.
The provision of personal data for the purposes of processing indicated above is optional but necessary, since failure to provide them will make it impossible for the user to make a request to the Owner.
The personal data that are necessary for the pursuit of the treatment purposes described in this paragraph 1, are indicated with an asterisk in the request form.
2. Additional processing purposes: marketing
With the free and optional consent of the User, some of his personal data (ie the name, surname, company, city and address of residence / domicile, email address, telephone number,) can be processed by the Data Controller also for marketing and newsletters (sending advertising material, direct sales and commercial communication, sending newsletters containing information in relation to news relevant to the sector related to the activities of the Data Controller), or in order for the Data Controller to contact User by mail, e-mail, telephone (fixed and / or mobile, with automated call or call communication systems with and / or without the intervention of an operator) to propose to the User the purchase of products and / or o services offered by the same Data Controller and / or by third-party companies, to present offers, promotions and business opportunities.
In case of lack of consent, the possibility of pursuing the purposes referred to in Article 1 will not be in any way affected.
In case of consent, User may at any time revoke the same, making a request to the Data Controller in the manner indicated in paragraph 5 below.
The User can also easily oppose further sending of promotional communications and e-mail newsletters by clicking on the appropriate link for the revocation of consent, which is present in each promotional email. Once the consent has been withdrawn, the Data Controller will send an e-mail to the User to confirm the revocation of the consent. If the User intends to withdraw his consent to the sending of promotional communications by telephone, however continuing to receive promotional communications via email, or vice versa, please send a request to the Data Controller in the manner indicated in paragraph 5 below.
The Data Controller informs that, following the exercise of the right to oppose the sending of promotional communications and e-mail newsletters, it is possible that, for technical and operational reasons (eg formation of contact lists already completed shortly before receipt from part of the Holder of the opposition request) the User continues to receive some additional promotional messages and newsletters. Should the User continue to receive promotional messages after 24 hours have elapsed from the exercise of the right of opposition, please report the problem to the Data Controller, using the contacts indicated in the following paragraph 5
3. Processing methods and data retention times
The Data Controller will process the Users’ personal data using manual and IT tools, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of the data.
The Users’ personal data will be kept for the time strictly necessary to carry out the primary purposes described in paragraph 1 above, or however as necessary for the protection in civil law of the interests of both the Users and the Data Controller.
In case, referred to in paragraph 2 above, the Users’ personal data will be kept for the time strictly necessary to carry out the purposes described therein and, in any case, for no more than twenty-four (24) months
4. Scope of data communication and distribution
The Users’ personal data may be disclosed to the employees and / or collaborators of the Data Controller in charge of managing the Site and the requests of the Users. These subjects, who are formally appointed by the Data Controller as "in charge of processing", will process the Users’ data exclusively for the purposes indicated in this statement and in compliance with the provisions of the Applicable Law.
The Users’ personal data may also be disclosed to third parties who may process personal data on behalf of the Data Controller as "External Processors", such as IT and logistic service providers functional to the operation of the Website, outsourcing or cloud computing service providers, professionals and consultants.
Users have the right to obtain a list of any data controllers appointed by the Data Controller, making a request to the Data Controller in the manner indicated in the following paragraph 5
5. Rights of the Subjects
Users may exercise their rights granted by the Applicable Law by contacting the Data Controller in the following ways:
• via recommends a.r. (at the address Via Doria, 19 – 20093 Cologno Monzese – Mi - Italy)
• by e-mail (at the address privacy@centrufficio.it)
Pursuant to Applicable Regulations, the Data Controller informs Users that have the right to obtain indication (i) of the origin of personal data; (ii) the purposes and methods of the processing; (iii) the logic applied in the event of processing carried out with the aid of electronic instruments; (iv) of the identification details of the owner and managers; (v) the subjects or categories of subjects to whom the personal data may be communicated or who may come to know them as managers or agents.
Furthermore, Users have the right to obtain:
a) access, updating, rectification or, when interested, integration of data;
b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case where such fulfilment is it proves impossible or involves a use of means manifestly disproportionate to the protected right.
Furthermore, Users have:
a) the right to withdraw consent at any time, if the processing is based on their consent;
b) the right to data portability (right to receive all personal data concerning them in a structured format, commonly used and readable by automatic device), the right to limit the processing of personal data and the right to cancel (" right to be forgotten ");
c) the right to oppose:
i) in whole or in part, for legitimate reasons, to the processing of personal data concerning them, even if pertinent to the purpose of the collection;
ii) in whole or in part, to the processing of personal data concerning them for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication;
iii) if personal data are processed for direct marketing purposes, at any time, to the processing of their data for this purpose, including profiling in so far as it is connected to such direct marketing.
d) if they believe that the treatment that concerns them violates the Regulation, the right to lodge a complaint with a Supervisory Authority (in the Member State in which they usually reside, in the one in which they work or in the one in which the alleged violation has occurred). The Italian Supervisory Authority is the GARANTE PER LA PROTEZIONE DEI DATI PERSONALI, located in Piazza di Monte Citorio n. 121, 00186 - Rome (http://www.garanteprivacy.it/).
The Data Controller is not responsible for updating all links that can be viewed in this Notice, therefore whenever a link is not functional and / or updated, Users acknowledge and accept that they must always refer to the document and / or section of the websites referred to by this link.