This document describes how the website https://www.crisandcris.net (“Site”) is managed, with reference to the processing of personal data of users (“User/Users”) who consult it.
This is a disclosure made pursuant to theArt. 13 of Legislative Decree. n. 196/2003 and Article 32 GDPR – General Data Protection Regulation (EU/2016/679)., so called Personal Data Protection Code (“Privacy Code”), to all those who communicate with Crisandcris.net (“Company”) by filling out the appropriate form telematics for requesting information regarding the Holder’s services or for submitting unsolicited applications, available at “Contacts” of the Site, or by sending electronic mail to the addresses emails featured on the Site.
This information is provided only for the Site and not also for other websites that may be consulted by the user through links on the Site.
1. Data owner and data controller
The owner of the processing of personal data is Crisandcris.net, with registered office in Via Meina, 3 – 10146 Turin (“Owner”).
The data controller is Crisandcris.net. For an updated list of data processors, write to contatti@crisandcris.net.
2. Types of data processed and purposes of processing
2.1 Personal data
Personal data provided by the User are collected and used by the Owner for the purpose of:
(a) allow the User to request information from the Owner regarding services promoted by the Owner on the Site;
(b) to process Users’ requests and provide them with any requested quotation;
(c) to acknowledge any job applications sent spontaneously by Users;
d) with the express consent of the Users, send via electronic mail promotional communications and/or informative newsletters concerning goods and/or services offered by Crisandcris.net.
2.2 Navigation data
The computer systems and software procedures used to operate the Site acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected in order to be associated with identified data subjects, but which by its very nature could, through processing and association with data held by third parties, allow Users to be identified.
This category of data includes IP addresses or domain names of computers used by Users connecting to the Site, addresses in URI notation (Uniform Resource Identifier) of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the User’s operating system and computer environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its proper functioning and is deleted immediately after processing. The data could be used to ascertain liability in case of hypothetical computer crimes against the Site: except for this eventuality, at present web contact data do not persist for more than seven days.
2.3 Cookies
For the processing of Users’ data via cookies, please review the relevant policy, available at the following cookie policy link.
2.4 Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the email addresses listed on the Site or requests for information sent through the use of the “Contacts” of the Site itself, entail the subsequent acquisition of any other personal data of Users included in such communications, which will be processed by the Controller for the purpose of responding to them.
3. Methods of processing
Personal data are processed using manual computer and automated systems for as long as necessary to achieve the purposes for which they are collected.
The Data Controller adopts specific security measures in order to ensure the processing of data in compliance with the Privacy Code, having particular regard to the prevention of the loss of such data, illicit or incorrect use or unauthorized access to databases.
4. Nature of data and consequences of refusal to respond
The processing of data is necessary to forward requests for information to the Data Controller, to enable the latter to process Users’ requests and to communicate to Users any quotation requested for the use of Crisandcris.net’s services. The refusal to the aforementioned processing, therefore, would imply the impossibility for the User to communicate with the Controller and for the latter to provide a response to Users’ requests.
Processing of data for sending commercial communications and informative newsletters is optional. In case of refusal, however, the user will not be able to stay updated on news and/or promotions offered by Crisandcris.net.
5. Rights of the data subject
The User has the right at any time to obtain confirmation of the existence or non-existence of personal data concerning him/her, even if not yet registered, and to receive their communication in an intelligible form.
The User, in particular, has the right to obtain the indication:
(a) of the origin of personal data;
(b) of the purposes and methods of processing;
(c) of the logic applied in the case of processing carried out with the aid of electronic instruments;
(d) of the identification details of the owners and managers;
e) of the subjects or categories of subjects to whom the personal data may be communicated, or who may become aware of them, in their capacity as designated representative in the territory of the State, as managers or appointees.
The User also has the right to obtain:
f) updating, rectification or, when interested, integration of data;
(g) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
(h) certification that the operations referred to in paras. (a) and (b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except where this proves impossible or involves the use of means manifestly disproportionate to the right protected.
The User has the right to object, in whole or in part:
(a) for legitimate reasons to process personal data concerning him/her, even if relevant to the purpose of collection;
b) to the processing of personal data concerning him/her for the purpose of sending advertising material or for carrying out market research or commercial communication.
To exercise the above rights, simply write to Crisandcris.net at the registered office above or at the e-mail address contatti@crisandcris.net, indicating in the subject line “Crisandcris.net – exercise of the rights of the data subject.”
6. Disclosure of data
Personal data collected on the Site will not be disclosed, sold or transferred to third parties, except as required by law.
It is without prejudice, in any case, to the communication of data to companies expressly appointed to perform certain services within the scope of the activity carried out by the Data Controller and/or, in general, in its favor, which will operate as autonomous data controllers and/or data processors, as well as the communication and/or dissemination of data required, in accordance with the law, by police forces, judicial authorities, information and security bodies or other public entities for purposes of defense or state security or the prevention, detection or repression of crimes.
7. Changes
This document constitutes the Site’s privacy policy, which will be subject to possible changes and/or updates over time.
8. Duration of treatment.
The processing will last no longer than necessary for the purpose for which the data were collected in compliance with applicable civil, tax and fiscal obligations.
*** *** ***
This privacy policy becomes effective on March 22, 2023.