Dear user, we inform you that the EU General Data Protection Regulation 679/2016 regarding the protection of individuals with reference to personal data treatment, as well as to the free circulation of such data (hereinafter, “GDPR”) states that the protection of personal data referring to individuals must be considered as a fundamental right. On the basis of art. 13 GDPR we therefore inform you as follows.
1. DATA CATEGORY
Con Lor S.p.a. as Data Controller will process your personal data such as:
o Automatically collected data. IT systems and dedicated applications of this website, during their everyday functioning, will detect some data (which transmission is implicit in the use of Internet communication protocols) potentially associated to identifiable users. Amongst such data there are IP addresses and domain names of personal computers used by users who connect to the website, the Uniform Resource Identifier addresses of requested resources, the time of the request, the methodology used in submitting such request to the server, the dimension of the response file, the numerical code which indicates the status of the server response (positive, error, etc.) and other parameters regarding the operative system, the browser, and the IT environment used by the user. These data are processed, for a strictly necessary time span, for the sole purpose of obtaining statistical data regarding the use of the website and to check its regular functioning. The provision of such data is necessary since it is strictly linked to the navigation of the website.
o Data voluntarily provided by the user. The voluntary and explicit provision of electronic mails to the email addresses listed in the website do not oblige the Controller to get the individual’s explicit consent, and the compilation of forms specifically set up implies the subsequent acquisition of the email address and data of the sender, necessary for replying to the sender’s requests. The voluntary submission of emails to the Controller’s email addresses is not subject to the award of a specific consent. On the contrary, specific summary information will be provided or published on the website in case of contact forms: in such cases, the user will be requested to specifically consent to the processing of his personal data in order for the Controller to process his request.
2. SOURCE OF PERSONAL DATA:
Personal Data processed by Con Lor S.p.a. are collected directly form the data subject.
o Personal Data
Personal data are collected by mean of emails and online forms. Every time you will visit www.conlor.com we will collect generic and anonymous information on the geographical origin of visitors. All such data are incorporated in documents that are under the responsibility of the staff of www.conlor.com.
o We collect your data in order to:
o Help us understanding your needs, for offering a better service;
o Allow you to get in contact with our staff;
o Inform you on the services offered by www.conlor.com;
o Elaborate scientifical, social, economic and market studies for the sole purpose of improving the website and the services offered by www.conlor.com.
ï Establish a database for the sole interest of ConLor S.p.A..
3. DATA CONTROLLER
The Data Controller is ConLor S.p.A., having his legal seat in Via Bronzino 8, Milano (MI), email firstname.lastname@example.org.
3.1 PURPOSE OF THE PROCESSING
The basis of Your Data processing is the execution of a contract (letter a.), consent (b.), and legitimate interest of the Controller (c. and d.),
a. for the management and execution of the contract and the pre-contractual negotiation between You and the Controller;
b. for direct marketing purposes, such as forwarding newsletter and/or for setting up mailing lists;
c. to fulfill legal duties deriving from national of European rules and regulations, or from an order coming from a Jurisdictional Authority;
d. to grant the Controller the possibility to exercise his right, e.g. to defend himself in front of a relevant Court.
3.2 DATA PROCESSING PROCEDURE
Data processing is performed on the basis of the operations listed under art. 4 n. 2) GDPR and precisely: collection, registration, organization, storage, consultation, elaboration, modification, selection, extraction, comparison, utilization, interconnection, interdiction, communication, cancellation and destruction, Your Personal Data are subject to both in paper and electronic/automated format.
3.3 DATA PROCESSORS
With respect to the data processing purposes here listed, your data may be communicated to partners, consultants, companies, that have been appointed as Data Processors by the Controller, or in case such communication is mandatory on the basis of the applicable law, or in order to fulfill your requests. Your Data will not be subject to diffusion. Processors and appointed Operators are listed in the Privacy documents, periodically updated.
3.4 DATA TRANSFER ABROAD
Your Data will not be transferred outside the European Union.
3.5 DATA DISSEMINATION. DATA SUBJECT PROFILING.
Your Data are not subject to dissemination. Your data are not subject to profilation.
3.6 DATA PROCESSING DURATION
We underline that, following the principles of lawfulness, limitation of purposes and minimization of Data, according to art. 5 GDPR, your Personal Data will be stored for the time span needed in order to meet the purposes with reference to which they had been collected, or for the time span defined as mandatory by the rule of law.
The obsolescence check on the data stored by the Controller is carried out periodically.
3.7 RIGHTS OF THE DATA SUBJECT
You can anytime request to the Controller the access to his Personal Data, the correction, the cancellation, the limitation to treatment or the objection to the processing, the data portability, to revoke his consent to the treatment of his personal data, enforcing his rights under GDPR by simply notifying the Controller. The Data subject have the right to file a petition in front of a control authority at any time or by sending a email to the registered mail address email@example.com.
3.8 MANDATORY PROVISION OF DATA
The provision of your personal data is not mandatory in order to navigate this website.
3.9 PROTECTION OF PERSONAL DATA
Con Lor S.p.a. states that the collected Personal Data are processed lawfully and accurately, collected and recorded for the purposes stated herein, and used in other operations that are similar to such purposes. Con Lor S.p.a. undertakes to put in place all the suitable and preventive safety measures needed in order to safeguard the confidentiality, integrity, completeness, availability of the Data subject’s Personal Data.
Your Personal Data are subject to both in paper and electronic/automated format processing, for the time needed in order to pursue the declared purposes.
Specific safety measures are implemented in order to prevent data losses (also accidental losses), alterations, improper use, illicit use, unauthorized accesses.
Con Lor S.p.a. will not be held liable with reference to untruthful information sent by the user to the email addresses that are listed in this (e.g.: correctness of the email address or the credit card details, or the mail address), nor it will be held liable with reference to information regarding the data subject that have been submitted by a third person.
3.10 CONSULTATION, MODIFICATION AND CANCELLATION OF PERSONAL DATA
The Data subject, as provided for by the GDPR, has the right to anytime obtain from the Controller: confirmation of the existence of his Personal Data as well as their communication; the update, correction, integration, cancellation, transformation, interdiction of data processed against the law, and has the right to oppose to the data processing by writing a registered email to firstname.lastname@example.org.