PRIVACY POLICY AND INFORMATION ART. 13 GENERAL DATA PROTECTION REGULATION (EU) 2016/679 (GDPR) (European regulation on personal data protection)
This Privacy Policy is intended to illustrate the methods and purposes of the processing of personal data carried out by CHERO PIPING S.P.A. as data controller and owner of the www.cheropiping.com site and all services connected to it.
CHERO PIPING S.P.A. is committed to respecting the privacy of every User visiting the Website and uses its Services.
The Policy does not apply to third party sites which may grant active or passive access through links on the website of the owner.
The processing of personal data of Users is in full compliance with (EU) Regulations 2016/679.
1. Identity and contact details of the Data Controller
Data Controlling is governed by CHERO PIPING S.P.A. – Località Pradaglie – 29013 Carpaneto Piacentino (PC)- VAT number IT00758540330 – privacy@cheropiping.com .
2. Categories of personal data processed
The Data Controller may process the following categories of Users personal data:
- Data communicated by the User: identification and contact data (mainly name, surname, e-mail address, message) entered voluntarily by the User in case of completion of a data request form; the optional, explicit and voluntary supply of messages to the owner’s contact addresses, as well as the completion and submission of any forms on the site, entail the acquisition of the sender’s contact details, which will need answering, as well as any personal data included in the communications; if necessary, specific privacy policies are published on any web pages that are designed to provide different services, and that have different purposes;
- Browsing data: during normal operation the computer systems and software procedures used to operate this site acquire some personal data which may be transmitted during the use of Internet communication protocols.
This category of data includes IP addresses or domain names of computers and terminals used by Users, the Uniform Resource Identifier/Locator (URI/URL) addresses of the requested resources, the time the request was made, the method used to submit it to the server, the size of the file obtained in response to the request, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the User’s operating system and IT environment.
These data, necessary for the use of web services, are also processed for the following purposes:
- to obtain statistics on the use of the services (the most visited pages, volume of visitors according to time of day, or per day, geographical areas of origin, etc.);
- to check the correct functioning of the services offered;
- In the event of suspected computer crimes against the website, the data could be used, with the agreement of the competent judicial authorities, for the purpose of ascertaining liability.
- Cookies: for information on the use of cookies, please refer to the separate “Cookie Policy” section.
3. Purposes and legal bases for the processing of personal data
The Owner processes User data to allow browsing the site and to respond to any request on behalf of the User.
Any further processing will only take place only on the basis of obligations established by law and on the basis of legitimate interest. For any other processing purpose, explicit consent is given by the User to the Data Controller.
CHERO PIPING S.P.A. will only collect and processes personal data of Users for the following purposes:
- purposes strictly connected with and instrumental to the management of administration and accounting requirements;
- purposes connected to legal and tax obligations established by laws, regulations, community legislation or orders issued by authorities, or by supervisory and control bodies;
- allow the Users to browse the site;
- respond to requests from Users sent via site;
- improve the presentation, features and functionality of the Site and Services;
- providing assistance with the use of the products/services, at Users’ request;
- subject to consent, for contacting Users by e-mail, newsletter, mailing list, text messages, other forms of messaging, in order to send them commercial and promotional communications, information on special initiatives. The User is added to a list of contacts to whom e-mails and messages can be sent via dedicated platforms. Each communication will contain information explaining how to oppose the processing and unsubscribe from the list, so as not to receive further communications. Provision of data for this particular purpose is optional, and if it is not provided, no commercial communications will be sent.
With regard to the legal basis for the processing, the following have been identified for the purposes listed in points (a) to (f): Art. 6.1.b) GDPR, on data processing necessary for pre-contractual/contractual procedures or to fulfil specific requests made by the User; art. 6.1.c) GDPR, on data processing necessary for compliance with legal obligations; and art 6.1.f) GDPR, on data processing necessary for the pursuit of legitimate interests.
For the purposes listed in point (g), CHERO PIPING S.P.A. processes User personal data on the basis of consent, in accordance with art. 6.1.a) GDPR, relevant to the giving of consent to data processing for marketing purposes (the sending of newsletters, market research activities, promotional activities, both on and off line).
4. Data storage times
Any personal data processed by CHERO PIPING S.P.A. on the basis of the User’s consent, will be stored for the time strictly necessary to achieve the purposes for which it was originally collected and, in any case, will no longer be processed as a result of revocation of given consent.
If any personal data processing should instead, take place in fulfilment of legal, fiscal or judicial obligations, such data may be stored up to a maximum of ten (10) years.
Browsing data will not persist for more than seven days (except for any need to ascertain criminal offense by judicial authorities).
5. Provision of personal data
Without prejudice to what is indicated in relation to navigation data, the user is free to provide his personal data. However, failure to provide data can make it impossible to obtain what is requested.
6. Treatment method
The Data Controller will take all necessary technical and organizational measures to guarantee high level security in order to minimize the risk of destruction or loss, even accidental, of any data, unauthorized access or non-processing- whether permitted or not in accordance with the purposes indicated in this document, according to articles 24, 25 and 32 of the GDPR.
However, since it is not possible to guarantee that the measures taken for the security of the Site and the transmission of data is such as to exclude any risk of unauthorized access or loss of data, we urge the User to make sure that his computer be equipped with updated antiviruses software for data network protection and that your Internet service provider has in turn taken appropriate measures for the security of data transmission.
7. Recipients of personal data – Communication and disclosure of personal data
The personal data processed will be communicated to well-defined subjects. On the basis of the roles and tasks performed, internal and external personnel is entitled to treatment within the limits of their competences and in accordance with the instructions given to them by the Owner.
These data may be communicated to legitimate subjects with system administration functions, hosting services and maintenance of the technological part of the site, platform managers, subjects appointed as Data Processors and subjects whose provisions of law or community regulations recognize the right to access data. The web hosting service is located in the EU.
8. Transfer of personal data abroad
The management and storage of personal data will take place on servers located within the European Union. In case of use of cloud services in non-EU countries, the Data Controller guarantees that the transfer of data outside EU will be performed in accordance with the applicable legal provisions, by stipulating, if necessary, agreements that guarantee an adequate level of protection and/or adopting the standard contractual clauses established by the European Commission.
9. Processing of personal data of those under age
The use of the Site and the Services is reserved only for Users over 18 years of age. CHERO PIPING S.P.A. it does not process personal data of those under age.
10. Rights of the interested party and withdrawal of consent
The Data Controller is freely contacted for any request related to this Policy by writing to privacy@cheropiping.com. The User may, at any time, exercise the rights referred to in Articles 15/16/17/18/20/21/22 of the GDPR 679/16.
The aforementioned rights may be exercised by sending a specific request to the Data Controller through the contact channels indicated in this document. With reference to art.7 GDPR 2016/679, the data subject has the right to withdraw the consent given at any time, either by communicating this decision to the Data Controller, or by using the unsubscribe function, following the instructions given at the end of each newsletter.
11. Cookie Policy
For information on the use of cookies, please refer to the separate “Cookie Policy” section.
12. Link to third-party sites
CHERO PIPING S.P.A. will under no any circumstances be held responsible for processing carried out through or in relation to such third-party sites.
Users are therefore invited to pay the utmost attention on the conditions of use and privacy and cookie policies published on the portals visited.
13. Changes and updates
This Policy is updated and applicable as from 26/05/2020.
Any further modification will be communicated to Users with the means and time deemed most appropriate by the Owner, in particular through the publication on the Site.