This policy describes the procedures followed by Criotec Impianti Spa (hereinafter "Criotec" or the "Data Controller") in relation to the processing of personal data collected through the website www.criotec.com (hereinafter the "Website").
Unless otherwise specified, this policy also applies as information - pursuant to art. 13 of the Legislative Decree n. 196/2003 (hereinafter the "Code") and art. 13 of the Regulation (EU) n. 2016/679 (hereinafter the "GDPR") - rendered to those who interact with the Site (hereinafter the "User").
Information on the processing of detailed personal data are reported, where necessary, on the related pages to the individual services offered through the Site. Such information is aimed at defining limits and modalities of the processing of personal data of each service, based on which the user can freely express the your consent, if necessary, and possibly authorize the collection of data and their subsequent treatment.
Data controller. Responsible for the treatment.
The data controller is Criotec Impianti Spa, with registered office in Via Francesco Parigi 32/A, 10034 Chivasso (TO), Italy, tel. +39 011 919.52.00, e-mail CRIOTEC@CRIOTEC.COM. The updated list of any data controllers is available at the headquarters of the owner.
Responsible for data protection.
The person in charge of data protection, designated by the Data Controller, can be contacted by:
- - ordinary mail, to the address Via Francesco Parigi 32/A, 10034 Chivasso (TO), Italy, c.a. of the Head of Protection of the Data;
- - e-mail, to the address CRIOTEC@CRIOTEC.COM.
Types of data processed.
Through the Website, it will be possible to collect and process:
- - navigation data;
- - personal data voluntarily provided by the user in form present on the Site.
Cookies are small text files that visited sites send to the user's terminal, where they are stored, and then be transmitted back to the same sites on the next visit.
The Website uses technical cookies, both own and third-party. These cookies, being of a technical nature, do not require the prior consent of the User to be installed and used.
In particular, the cookies used on the Site are traceable to the following sub-categories:
- - browsing or session cookies, which guarantee the normal navigation and use of the Websites. Not being stored on the user's computer, they disappear when the browser is closed;
- - analytical cookies, with which statistical information on the number of users and visits to the Web sites is collected and analyzed;
- - social widgets and plugins : some widgets and plugins made available by social networks can use their own cookies to facilitate interaction with the reference site
Below are the third-party cookies installed on the Site. For each of them there is a link to the related information on the processing of personal data and on how to do so deactivation of cookies used. With regards to third-party cookies, the Owner has only the obligation to insert in the present policy the link to the website of the third part. Instead, the obligation is borne by that subject of the information and the indication of the modalities for the possible consent and / or deactivation of cookies.
Cookies can be disabled by the user by changing the browser settings based on the instructions made available by the relevant suppliers to the links listed below.
Purpose and legal basis of the processing.
Personal data collected through the Site will be processed to handle requests for information or information documents forwarded by the User. The processing of personal data for the aforementioned purposes does not require the consent of the User as the treatment is necessary to fulfill specific requests of the interested party pursuant to art. 24, c. 1, let. b) of the Code and of the art. 6, c. 1, let. b) of the GDPR.
Provision of data and consequences in case of failure to provide.
The provision of personal data for the aforementioned purposes is optional and their non-conferment as a sole consequence, it will be impossible for the Owner to manage and process requests concerned.
Method of treatment.
Personal data will be processed electronically, including through insertion and organization in databases, in compliance with the provisions of the Code and the GDPR in security measures.
Recipients or categories of recipients.
Personal data may be made accessible, brought to the attention of or communicated to the following subjects, which will be appointed by, as the case may be, those responsible or persons in charge:
- - Group companies to which the Holder (controlling, controlled, affiliated), employees and / or collaborators belong to any title of the owner and / or company of the group to which the Holder belongs;
- - Public or private subjects, natural or juridical persons, of which the Data Controller makes use for the carrying out the activities instrumental to the achievement of the aforementioned purpose or to which the Holder is required to communicate personal data, pursuant to legal or contractual obligations.
In any case, personal data will not be disclosed.
Personal data will be kept for 2 years from their registration.
Access rights, cancellation, limitation and portability.
The interested parties are granted the rights referred to in articles 7 of the Code and from 15 to 20 of the GDPR. By title example, each interested party can:
- obtain confirmation of the processing of personal data concerning him or her;
- if processing is in progress, obtain access to personal data and information regarding the treatment and request a copy of personal data;
- obtain the correction of inaccurate personal data and the integration of incomplete personal data;
- obtain, if one of the conditions foreseen by the art. 17 of the GDPR, the cancellation of personal data concerning him;
- obtain, in the cases provided for by art. 18 of the GDPR, the limitation of the treatment;
- receive personal data concerning him in a structured format, in common and legible from automatic device and request their transmission to another holder, if technically doable.
Each interested party has the right to object at any time to the processing of his personal data made for the pursuit of a legitimate interest of the owner. In the event of opposition, your data personal data will no longer be processed, provided that there are no legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subject or the assessment, exercise or defense of a right in court.
Right to propose a claim to the Guarantor.
Furthermore, each interested party may lodge a complaint with the Guarantor for the Protection of Personal Data in the event that he believes that his rights under the Code and the GDPR have been violated, according to the procedures indicated on the website of the Guarantor accessible at: www.garanteprivacy.it.