Privacy Policy
Costampress S.p.A. with registered office in via G. Taliercio 13 – 30037 Gardigiano di Scorzè – Venice – Italy, Italian Vat No. and Tax Code 00273100271 (hereinafter, “Controller”), owner of the website http://www.costampress.it (hereinafter, the “Website”), as Controller for processing the data of users that browse and are registered on the Website (hereinafter, the “Users”), provides here below the data protection information pursuant to art. 13 of Italian Legislative Decree 196/2003 (hereinafter, the “Data Protection Code”) and pursuant to art. 13 of EU Regulation 2016/679 of 27 April 2016 (hereinafter, “Regulation”, the Regulation and Data Protection Code together are defined as the “Applicable Law”).
This Website and any services offered through the Website are reserved to persons that are at least eighteen years old. Therefore, the Controller does not collect personal data relevant to persons under 18 years of age. Upon request of the Users, the Controller will promptly cancel al of the personal data inadvertently collected and relevant to persons under 18 years of age.
The right of its Users to privacy and protection of their personal data is of utmost importance to the Controller. For all information relevant to this data protection information, Users can contact the Controller at any time, using the following methods:
a. Sending a Registered Letter w/ acknowledgement of receipt to the registered office of the Controller;
b. sending an e-mail to web Diese E-Mail-Adresse ist vor Spambots geschützt! Zur Anzeige muss JavaScript eingeschaltet sein!.
1. PURPOSE OF THE PROCESSING
Users' personal data will be processed lawfully by the Controller pursuant to art. 6 of the Regulation for the following processing purposes:
a. BROWSING OF THE WEBSITE, with reference to the ability to collect the Users’ data that is necessary at a technical level, such as the IP address, while browsing the website.
b. SENDING OF NEWSLETTERS, subject to your specific request.
c. ANSWERS TO REQUESTS FOR INFORMATION, which we receive through the contact form.
d. LEGAL OBLIGATIONS, i.e. to fulfil obligations envisaged by the law, an authority, regulation or European legislation.
2. LEGAL BASIS FOR PROCESSING
The provision of personal data for the above purposes of processing is optional but necessary, as failure to provide the same will make it impossible for the User to browse the Website, subscribe to the Website and use the services offered by the Controller on the Website.
With reference to the purposes set out in points 1a, 1c, the legal basis for the processing is in fact the execution of the services provided through the Website and requested by you (pursuant to article 6, subsection 1, letter b) of the Data Protection Regulation 2016/679); with reference to the optional purposes referred to in point 1/b of the previous paragraph, the legal basis of the processing is your freely expressed consent (pursuant to article 6, subsection 1, letter a) of the Data Protection Regulation 2016/679); with reference to the purposes referred to in point 1d) of the previous paragraph, the legal basis for the processing is to fulfil a legal obligation to which the Controller is subject (pursuant to article 6, subsection 1, letter c) of the Data Protection Regulation 2016/679).
3. PROCESSING METHODS AND STORAGE TIME OF DATA
The Controller will process the personal data of Users using manual and IT tools, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of the data.
The personal data of the Website Users will be kept for the time strictly necessary to carry out the purposes described in paragraph 1 above, or, however long it is necessary for the statutory protection of the Users’ and Controllers’ interests. In relation to the purpose referred to in point 1b, the data will be kept until you opt-out of receiving the newsletter using the appropriate link contained within the same or by exercising your rights using the methods set out in paragraph 4.
4. AREA OF COMMUNICATION AND DISSEMINATION OF DATA
The Users’ personal data may be disclosed to the employees and/or associates of the Controller in charge of managing the Website. These subjects, that are formally appointed by the Controller as “third parties”, will process the Users’ data exclusively for the purposes indicated herein this information and in compliance with the provisions of the Applicable Law.
The Users’ personal data may also be disclosed to third parties who may process personal data on behalf of the Controller as “External Processors”, such as, for example, IT and logistic service providers functional to the operation of the Website, outsourcing or cloud computing service providers, professionals and consultants.
Users have the right to obtain a list of any Data Processors appointed by the Controller, by forwarding a request to the Controller using the methods indicated in paragraph 5 below.
5. RIGHTS OF DATA SUBJECTS
Users may exercise their rights granted by the Applicable Law by contacting the Controller using the following methods:
a. Sending a Registered Letter w/ acknowledgement of receipt to the registered office of the Controller;
b. Sending an e-mail to: Diese E-Mail-Adresse ist vor Spambots geschützt! Zur Anzeige muss JavaScript eingeschaltet sein!.
Pursuant to the Applicable Law, the Controller informs that the Users have the right to obtain information relevant to the (i) origin of the personal data; (ii) purposes and methods of the processing; (iii) logic applied in the event of processing electronic instruments; (iv) identification data concerning the Data Controller and data processors; (v) of the entities or categories of entities to which the personal data may be communicated or which may get to know said data in their capacity as data processors or persons in charge of the processing.
Moreover, Users have the right to obtain:
a. access, updating, rectification or, should you so request, integration of the data,
b. the erasure, anonymisation or blocking of data that have been processed unlawfully, including data whose storage is unnecessary for the purposes for which they have been collected or subsequently processed;
c. the certification that the operations set out in letters a) and b) have been notified, also for that which regards their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
Moreover, Users have:
a. the right to revoke consent at any time, should processing be based on their consent;
b. the right to data portability (right to receive all of the personal data concerning the same in a structured and commonly used format that is machine readable), the right to the restrict the processing of the personal data and the right to erasure (“right to be forgotten”);
c. the right to object:
i. in whole or in part, for legitimate reasons, to the processing of personal data concerning them, even if pertinent to the purpose of the collection;
ii. in whole or in part, to the processing of personal data concerning them for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communications;
ii. if personal data is processed for direct marketing purposes, at any time, to the processing of their data for this purpose, including profiling, in so far as it is related to such direct marketing.
d. should they believe that the processing that regards them breaches the Regulation, the right to lodge a complaint to a Supervisory Authority (in the Member State in which they usually reside, in the one in which they work or in the one in which the alleged violation has occurred). The Italian Supervisory Authority is the Data Protection Authority, with headquarters in Piazza di Monte Citorio n. 121, 00186 – Rome (http://www.garanteprivacy.it/).
Last update: 19/10/2018