Data Controller
CIBRED SUD
Via Catania 2,
00041 Albano Laziale (Roma)
ITALY
Tel: +39 06 9344009
PRIVACY POLICY
The purpose of the present document about privacy is to ensure full transparency
of information that the website www.cibred.com will collect and use.
This document forms an integral part of the website and has been drawn according to
the provisions contained in the Italian (Legislative Decree No. 196 of 30 June 2003,
Personal Data Protection Code and subsequent amendments) and European regulations
(General Data Protection Regulation, Regulation No. 2016/679).
In particular, the present website does not use data for advertising purposes but
uses services from third parties for improvement; such third parties might collect
user data and use them to send personalized advertisements on other sites.
For further information please read the following information notice.
INFORMATION NOTICE
Legal basis to process data
The present website treats data mainly after user consent.
When using or looking up the site, visitors and users accept the present document about
privacy and give consent to the treatment of their personal data regarding processing
and purposes hereafter defined, including dissemination if necessary to third parties
for services. Special forms for service communication or request are used to collect
additional consents according to the service requested.
Data communication and consequently consent to data collection and treatment is
discretionary. The User can deny consent and withdraw consent previously given at any
time (by writing directly to the Data controller).
Purpose of Treatment
The treatment of data collected by the website, in addition to purposes connected, requested and necessary to provide service, is also carried out for the following reasons:
– Statistics (analysis)
Collection of data and information in a totally consolidated and anonymous manner to
check the correct operation of the website.
None of this information is connected to the physical person/User of the site that
can no way be identified. No consent is requested.
– Security
Collection of data and information to ensure website (antispam filters, firewall,
virus detection) and User security and prevent or debunk frauds or abuses against
the website. Data are automatically recorded and can also include personal data
(IP address) that might be used, according to current regulations, to stop any
attempts to damage the website or users, or any other detrimental activities or
crime. Data are never used for identification or definition of User and are
periodically cancelled. No consent is requested.
– Additional activities
Communication of data to third parties so that they can carry out activities
necessary to service operation or perform technical, logistic or other activities
on behalf of CIBRED SUD. Suppliers can only access to personal data necessary to
carry out activities, they undertake not to use data for other reasons and are
deemed to treat personal data in respect of current regulations.
Data collection
The present website collects user data in two ways:
Data are used for statistics and analysis only in consolidated manner. The IP address is only used for security reasons and is not matched with any other data.
Voluntary data collection
The website may collect other data in case users voluntarily use any service, i.e. communication services (contact and promotion forms); such data are solely used to carry out the service requested.Place of treatment
Data collected by the website are treated in the place where Data Controller is located.
Time limits for data storage
Data collected by the website are stored as long as a specific activity is carried out. When time elapses data are erased or made anonymous provided that they are not needed for other reasons.
Data (IP address) used for website security (to protect the site from any damage attempts) will be stored for 60 days.
Transfer of data collected to third parties
Data managed by the website are generally not given to third parties except for specific reasons: if requested by judicial authorities according to the current law; if needed to supply services requested by users; if needed to perform security and operation controls on the website.
Transfer of data in extra EU countries
The present website does not share data collected with services located in extra EU countries.
Cookies
The present website uses the following kind of cookies:
technical cookies, used only for electronic communication and ensure a correct view and surfing of the website. In addition, they make it possible to distinguish between various users connected in order to provide the requested service to the right person (Login) for security reasons. Some cookies are erased when the browser is closed (session cookies), other cookies have longer life (i.e. the cookie used to store user consent about cookies for 1 year). For these cookies no consent is requested.
The user can select which cookies to accept by following the relevant procedure present in the section “Cookie settings”, as well as accept, stop or erase (totally or partly) cookies by using the specific browser tools. In case all or some of the cookies are disabled, it is possible that the website does not work properly or some services or tools are not available or do not work correctly and/or the user is requested to change or enter manually any details or preferences every time the website is visited.
Security measures
Data of visitors/users are treated legally and correctly by using the proper security measures to prevent unauthorized access, dissemination, change or destruction of data. Personal data are protected during transmission thanks to the software Cookie Notice for GDPR which encrypts information in transit. Data are managed by information and/or electronic tools operated according to the requested purposes. Apart from the Data Controller, in some cases, data might also be accessed by other people involved in the website management (i.e. subcontract suppliers of technical services, hosting providers, etc.).
User rights
In compliance to the EU regulation no. 679/2016 (GDPR) and art. no. 7 of Italian
Legislative Decree no. 196 of 30/06/2003, User can exercise the following rights
according to modes and limits imposed by the regulations:
– denying totally or partly for legitimate reasons the treatment of personal
data for advertising, sales, market research or sales communication;
– asking for confirmation of the presence of personal data (access right);
– knowing the origin;
– receiving understandable communication;
– having information about reasons, modes and purposes of treatment;
– asking for update, correction, integration, cancellation, change to anonymous
status and denial of data treated in violation of the law, including data no
longer necessary to pursue the targets for which they had been collected;
– in case of treatment based on consent, receiving the data provided to the Data
Controller, with the possible payment of support, in structured way, readable by
a data processor and in a format commonly used by electronic devices;
– the right to file a claim to the control authorities (The italian Data Protection Authority);
– finally, in general, exercising all the rights reserved by the current regulations.
Such requests have to be made to the Data Controller.
Subjects of treatment
Updates
The present privacy policy is updated on 26/11/2020.