INFORMATION REGARDING THE PROCESSING OF PERSONAL DATA IN ACCORDANCE WITH EU REGULATION 2016/679 (“GDPR”)
The present information regarding the processing of personal data describe the processing of data entered or gathered via www.cspinternational.it (“website”) or any other website where the present policy is published, in accordance with article 13 of EU regulation n.2016/679 (following “GDPR”).
The Data Controller is CSP International Fashion Group S.p.a., Via Piubega 5c, 46040 Ceresara (MN), email firstname.lastname@example.org (following stated as “Company” or “Controller”).
PERSONAL DATA PROCESSED
Via the company website www.cspinternational.it we gather the following kind of data: personal data, anonymous data and aggregate data. In particular we collect the following categories of personal common data:
- Browsing data, such as IP address, name and domain of computers in use by the users connecting to the website, URI (Uniform Resource Identifier) address of requested resources, time of the request, used method of request submission to the server, response file dimension, numerical code of server response status (success, error, etc.) and any other parameter related the operating system and the IT environment of the user;
- Data voluntarily submitted by the user in to websites owned or operated by the Controller which collect data for specific purposes (such as support, contact form, newsletter) supplying the inherent information notice;
- Log in information to the website restricted area, including name, surname, e-mail and password;
DATA PROCESSING PURPOSES, LEGAL BASIS AND RETENTION PERIOD
- Collection of statistical information through the collection of browsing data
IT sistems and software procedures for the correct functioning of the website may gather, during their normal operation, some personal data. Such information is not collected in order to be linked to identified data subjets, but they could allow, through the elaboration and connection with data held by third parties, the identification of the users.
These data are processed only to obtain statistical anonymous information about the use of the website in order to verify its correct functioning. These data are immediately erased after the elaboration.
These data could be used for ascertaining responsibilities in the eventual case of cybercrimes against the website.
The legal basis for the processing of these data is the legitimate interest of the Controller; the retention period is limited to the length of the navigation session on the website.
- Data voluntarily submitted by the user
Some sections of the website www.cspinternational.it and of the other websites runned by the Controller,
will require the submission of personal data. In these cases a specific Information Notice in accordance to art. 13 of the GDPR stating the data processing purposes will be provided.
- Data collection through cookies
Cookies are text files created by some websites on the users’ computer by the time he or she connects to such website with the aim to store and transport information.
Cookies are sent by a web server (the computer on which the visited website is runned) to the browser of the user (Internet Explorer, Mozilla Firefox, Google Chrome, etc.).
In particular, the websites employs:
- Browsing and Functionality Cookie: these cookie do not need the user’s consent since they are necessary to guarantee the normal browsing and fruition of the website. These cookie allow the user to browse the website following a series of entered criteria (such as language, products selected in your shopping cart) in order to enhance the services rendered by the website. Blocking these cookie may cause malfunctioning of the website or the non retention of your preferences and settings for further visits.
- Analytic Cookie (even third parties’, such as Google Analytics): the website use these cookies to collect information on the use of the website, such as which pages are visited and which errors may be encountered. These coookies are anonymous and are used only to help CSP International to enhance the functioning of the website and to understand better its users.
- Users may oppose the storing of cookies on their hard disk configuring their browser (Internet Explorer, Mozilla Firefox, Safari etc.) in order to disabling cookies. After doing so, however, certain web pages may not perform correctly.
In exception of what previously stated regarding navigation data and what contained in the information notices in accordance to art. 13 of GDPR supplied in the specific section of the website, Data provisioning for further purposes is optional.
The non-provision of the data may result in the impossibility to pursue such purposes.
DATA PROCESSING ARRANGMENT
Your personal data will be processed through automated tools only for the time strictly necessary to pursue the purposes of their collection.
Specific security measures have been taken in order to prevent data loss, fraudulent or erroneous use of the data or unauthorized access.
PARTIES AUTHORIZED TO PROCESS DATA
Data may be processed by employees in company departments who are responsible for carrying out the activities outlined above and have been authorised to process the Data and have received suitable operating instructions.
Data may be communicated to parties operating as data controllers, such as Public Organisations, Authorities, Istitutions and certifying bodies entitled to request the data.
Data may be processed on behalf of CSP International by external parties appointed as data processors carrying out specific activities for the controller, such IT services providers; outsourcing or cloud computing services providers.
Regarding the processing of personal data operated by the Controller, you can ask the Company for access to personal data, or the correction or deletion of personal data, and also have the right to restrict processing of the data in the cases set out in article 18 of the GDPR, and object to processing in the case of legitimate interests of the controller.
Furthermore, in the case where processing is based on consent or a contract and carried out with automated tools, data subjects have the right to receive the personal data in a structured, commonly used and machine-readable format, and to transmit the data to another data controller without obstruction.
In any case Data subjects have the right to lodge a complaint to the competent Supervisory Authority and to resort to any other mean of enforcement laid down in the regulation.
In order to exercise your rights you can contact the data Controller via mail to email@example.com