The company CMT s.r.l., with registered offices in via Bartolomeo D’Alviano, 18 – 20146 Milan, Italy, hereby informs you that it is the Data Controller pursuant to EU Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data (hereinafter, the “Regulation”) and that this website respects and protects the privacy of visitors and users, making every possible and proportionate effort not to infringe the rights of users.
LEGAL BASIS FOR PROCESSING
DATA COLLECTED AND PURPOSES
Like all websites, this site also makes use of log files in which information collected automatically during user visits is stored. The information collected may be as follows:
– internet protocol (IP) address
– browser type and parameters of the device used to connect to the site;
– name of the internet service provider (ISP);
– date and time of visit;
– the visitor’s web page of origin (referral) and exit;
– possibly the number of clicks.
The aforementioned information is processed automatically and collected exclusively in aggregate form for the purpose of verifying the proper functioning of the site, and for security reasons (as of 25 May 2018, this information will be processed according to the legitimate interests of the data controller). For security purposes (anti-spam filters, firewalls, virus detection), the automatically recorded data may possibly also include personal data such as the IP address, which could be used, in accordance with the relevant laws in force, in order to block any attempts to damage the site itself or to cause damage to other users, or in any case harmful or criminal activities. Such data are never used for user identification or profiling, but only for the purpose of protecting the site and its users (as of 25 May 2018, such information will be processed according to the legitimate interests of the data controller).
The data received will be used exclusively for the provision of the service requested and only for the time necessary for the provision of such service. The information that users of the website decide to make public through the services and tools made available to them, is provided by the user knowingly and voluntarily, exempting the data controller from any liability for any violations of the law. It is up to the user to verify that he/she has the permissions to enter personal data of third parties or content protected by national and international regulations.
In any case, the data collected by the site will never be provided to third parties, for any reason whatsoever, unless it is a legitimate request by a judicial authority and only in the cases provided for by law.
Unsuccessful attempts to access the site will be recorded and stored for the time necessary to ensure the security of the website.
Data are automatically recorded and may possibly also include personal data (IP address) that could be used, in accordance with the relevant laws, to block attempts to damage the site itself or to cause damage to other users, or in any case any other harmful or criminal activity. Such data are never used for the identification or profiling of the User.
PROCESSING OF PERSONAL DATA FOR CONTACT FORMS
This policy concerns personal data sent by the user when filling in the contact form.
PURPOSES OF PERSONAL DATA PROCESSING
The purposes of the processing of your data are as follows:
The data you provide will be used for the sole purpose of possibly contacting you via the contacts you have left through the contact form in order to process any requests contained in the message you send via the contact form made available on the site.
NATURE OF THE DATA PROCESSED AND METHODS OF PROCESSING
The personal data processed will be exclusively ordinary data strictly necessary and relevant to the purposes set out in point 1 above.
The processing of the personal data provided is carried out by means of the operations or set of operations indicated in art. 4 paragraph 1 letter a) Legislative Decree 196/2003 and EU Regulation no. 2016/679. 2016/679
The processing is carried out directly by the data controller’s organisation.
We inform you that the data you provide voluntarily through the form will be transformed into an email that will be stored within the email reception system used by the data controller for the time necessary to carry out the requested service.
This data will also be recorded in an archive in order to be able to demonstrate to the competent authorities the consent expressed by the user.
Period of retention of personal data
The personal data you provide will be retained until the purpose of the processing has been fulfilled and no longer than 2 years after your request for information.
With regard to any data associated with accounting matters, these will be retained for 10 years from the end of the financial year in which the contractual relationship with the Company was completed.
NATURE OF PROVISION AND CONSEQUENCES OF REFUSAL
There is no obligation to provide the owner of this site with the personal data requested in the contact form. The provision of data via the contact form is optional. However, refusal to provide the data for the purposes referred to in Art. 1 will make it impossible to contact the owner of the website via the contact form made available on the site.
Place of processing
The data collected by the site are processed at the Data Controller’s premises and at the web hosting’s data centre. The web hosting is located in the European Economic Area and acts in accordance with European regulations.
WHAT ARE COOKIES
Cookies are small text files sent by the site to the user’s device (usually to their browser), where they are stored and then transmitted back to the site on the next visit by the same user. A cookie cannot retrieve any other data from the user’s hard disk or transmit computer viruses or acquire email addresses. Each cookie is unique to the user’s web browser. Some of the functions of cookies may be delegated to other technologies. In this text the term ‘cookie’ refers both to cookies, properly so called, and to all similar technologies.
TYPES OF COOKIES
Cookies can be either first-party or third-party, where ‘first-party’ refers to cookies that have the site as their domain, and ‘third-party’ refers to cookies that are related to external domains.
Third-party cookies are necessarily installed by an external party, always referred to as a “third party”, not managed by the site. Such parties may possibly also install first-party cookies by storing their own cookies on the site’s domain.
NATURE OF COOKIES
With regard to the nature of cookies, different types exist:
Technical cookies are those used for the sole purpose of “carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide such a service” (cf. Art. 122(1) of the Code).
They are not used for any further purposes and are normally installed directly by the website owner or operator. They can be divided into:
- navigation or session cookies, which ensure normal browsing and use of the website (allowing, for example, to make a purchase or authenticate to access restricted areas); they are in fact necessary for the proper functioning of the website;
- analytics cookies, which are assimilated to technical cookies where they are used directly by the website operator to collect information, in aggregate form, on the number of users and how they visit the site, in order to improve the performance of the website;
- functionality cookies, which allow the user to browse the website according to a set of selected criteria (e.g. language, products selected for purchase) in order to improve the service provided to the user. Users’ prior consent is not required for the installation of such cookies.
Profiling cookies are designed to create profiles of users and are used in order to send advertising messages in line with the preferences expressed by users while browsing the web. These cookies do not collect users’ names, email addresses, telephone numbers, physical addresses.
The consent of the interested user is required for the use of profiling cookies. According to the regulation, the user can authorise or deny consent to the installation of cookies through the options provided below.
In the case of third-party cookies, the site has no direct control over the individual cookies and cannot control them (can neither directly install nor delete them). However, users can manage these cookies through their browser settings ( following the instructions below), or by asking the third party to opt-out directly or via www.youronlinechoices.com/it/le-tue-scelte
For more information on cookies and privacy you can consult the documentation on the website of the Italian Data Protection Authority at the following link: www.garanteprivacy.it
COOKIES INSTALLED ON THIS WEBSITE
This website uses different types of cookies.
Users can change or revoke their consent at any time from the Cookie Statement on our website.
This website uses technical and functionality cookies (for proper navigation) and third party cookies to improve navigation.
Mozilla Firefox – Microsoft Internet Explorer – Microsoft Edge – Google Chrome – Opera – Apple Safari
Third party cookies are used to provide additional services and functionality to visitors and to enhance the use of the site itself, such as social or video icons. This website has no control over third party cookies, which are entirely managed by the third party. Consequently, information on the use of these cookies and their purposes, as well as on how to disable them, is provided directly by the third parties on the pages indicated below.
It should be noted that user tracking generally does not involve identification of the user, unless the User has already subscribed to the service and is also already logged in, in which case it is understood that the User has already given their consent directly to the third party when subscribing to the relevant service (e.g. Facebook or Youtube).
DATA TRANSFERS TO COUNTRIES OUTSIDE THE EU
This website may share some of the data collected with services located outside the European Union. In particular with Google and Youtube services.
The transfer is authorised on the basis of specific resolutions of the European Union and the Italian Data Protection Authority, in particular resolution 1250/2016 (Privacy Shield – here you can find the information page of the Italian Data Protection Authority), so no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield.
This website processes user data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of data. The processing is carried out by means of computer and/or telematic tools, with organisational methods and logic strictly related to the purposes indicated. In addition to the data controller, in some cases, categories of people involved in the organisation of the site (administrative, sales, marketing, and legal staff, system administrators) or external parties (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data.
Pursuant to European Regulation 679/2016 (GDPR) and national legislation, the User may, in the manner and within the limits provided for by current legislation, exercise the following rights:
– request confirmation of the existence of personal data concerning them (right of access);
– know the origin of the data;
– receive intelligible communication of the data;
– obtain information on the logic, methods and purposes of the processing;
– request the updating, rectification, integration, cancellation, transformation into anonymous form, and blocking of data processed in violation of the law, including data no longer necessary for the purposes for which they were collected;
– in cases of processing based on consent, to receive, at the sole cost of any support, the data provided to the data controller, in a structured, machine-readable form and in a format commonly used by an electronic device;
– the right to lodge a complaint with the Data Protection Authority (“Garante Privacy” – link to the Authority’s page
– as well as, more generally, to exercise all the rights recognised to them by the laws in force.
Requests should be addressed to the Data Controller. In the event that the data are processed on the basis of legitimate interests, the data subject’s rights are in any case guaranteed (except for the right to portability, which is not provided for by the regulations), in particular the right to object to processing, which may be exercised by sending a request to the data controller.
The identification details of the data controller are as follows:
CMT s.r.l., Registered office: via Bartolomeo D’Alviano, 18 – 20146 Milan, Certified E-Mail: email@example.com
The data processor is identified as the Data Controller, together with the web hosting appointed as co-processor limited to the services it provides, processing the data on behalf of the Data Controller. The web hosting is located in the European Economic Area and acts in accordance with European standards.
TECHNICAL INFORMATION AND LOCATION OF THE SERVERS:
The servers are located in data centres on Italian territory, specifically: Datacenter Equinix, Via Savona, Milan – Italy.
They are equipped with a Firewall. The servers used produce daily backups with a 5-day history.