This policy has been drawn up specifically for visitors to the website cerinfo.iconicsrl.com and users of the cerinfo.iconicsrl.com app.
Specific summary information will be provided or displayed on the website pages dedicated to providing specific services on demand and complete with data collection forms.
Please note that to provide a complete service our website/app may contain links to other websites/apps not managed by Edi.Cer. S.p.A.
Edi.Cer. S.p.A. is not responsible for errors, content, cookies, publication of unlawful content, advertising, banners or files that do not comply with applicable regulations and the Personal Data Protection Code on the part of website/apps not managed by the Data Controller.
Data subjects: users of website cerinfo.iconicsrl.com, users of registered area and cerinfo.iconicsrl.com app
As the Data Controller for your personal data pursuant to articles 13 and 14 of European Regulation 2016/679, Edi.Cer. S.p.a. hereby informs you that the aforementioned Regulation protects the rights of data subjects with regard to the processing of their personal data and that said data will be processed in accordance with principles of fairness, lawfulness and transparency and in such a way as to respect your confidentiality and rights.
The information and personal data submitted by you or otherwise acquired during use of the website/app will be processed in accordance with the provisions of the aforementioned regulation and the privacy obligations contained therein.
Type of data processed by the website/app
a) Identified data as defined by art. 4. 2 of the European Regulation.
The website/app collects personal data supplied voluntarily by the user/data subject. The optional, explicit and voluntary sending of e-mail to the addresses indicated on this website/app and the filling out of the forms on the website will result in the acquisition of the sender’s personal data (for example, first name, last name and e-mail address). Specific information is provided below.
b) Navigation data
During normal operation, the computer systems and software procedures used for the functioning of this website/app acquire certain personal data through the use of Internet communication protocols.
Although such information is not acquired for the purpose of being associated with identified data subjects, by its nature it may enable users to be identified as a result of processing and association with data in the possession of third parties. This category includes IP addresses or domain names used by users who connect to the website/app, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used for submitting the request to the server, the size of the file obtained, etc.
These data are used for the sole purpose of obtaining anonymous and aggregated statistical information on the use of the website/app and to check that it is used correctly, and reside permanently on third-party servers (the hosting provider). The data may be used for verifying responsibility in the event of computer crimes that cause damage to the website/app.
Purposes of data processing:
2. Browsing the website/app: the data collected during navigation will be used for the following purposes:
2.a) performance of closely related operations instrumental to the management of relations with users or visitors to the website/app, on the legal basis of the execution of pre-contractual measures adopted at their request (art. 6.1.b) of the Regulation) as processing is necessary for provision of the Service;
2.b) collection, storage and processing of your data, on the legal basis of consent (art. 6.1.a), for:
• statistical analyses allowing visitor to be identified;
• statistical analyses for verifying the quality of the services provided by the website/app;
• improving the browsing experience by providing services and sending advertising messages in line with the preferences expressed during navigation;
• sharing of website/app content or the use of third party software.
The processing of data for the purposes indicated in point 2.a) is obligatory. Failure to communicate, or incorrect communication, of any of the information may limit and/or prevent full use of the functionality and services present on the website/app.
Provision of the data indicated in purpose 2.b) is optional and refusal to grant permission for your data to be processed will not affect the functionality or services present on the website/app. You can grant your consent by clicking on “Accept” in the Cookie Warning (banner).
Your personal data are processed using electronic means, automated calling systems, cookies and reports for the time strictly required to fulfil the purposes for which said data were collected. All processing is performed in accordance with the methods indicated in arts. 6 and 32 of the GDPR and adopting the adequate security measures indicated.
Web service related processing is performed on the external provider’s premises in Italy and is stored at the sites where the physical servers of the third parties who provide third party services are located.
Communication: Your data are processed only by duly appointed personnel and may be communicated to third parties acting as Data Controllers or Data Processors. The list of said third parties is available on request of the data subject by writing to: firstname.lastname@example.org
Public disclosure: Your data will not be disclosed publicly.
Period of retention: Please note that in accordance with the principles of lawfulness, purpose limitation and data minimisation, pursuant to art. 5 of the GDPR, your personal data will be retained no longer than the period of time necessary to perform the services provided or until such time as you object to processing.
Controller: In accordance with law, the Data Controller is the undersigned company (Edi.Cer. S.p.a., Via Monte Santo 40 – 41049 Sassuolo) in the person of its pro tempore legal representative.
You have the right to obtain from the Data Controller the erasure (“right to be forgotten”), restriction, information, rectification, portability and objection to processing of your personal data, and in general you may exercise all the rights established by arts. 15, 16, 17, 18, 19, 20, 21 and 22 of the GDPR by writing to email@example.com.
Application of this Privacy notice
If you have any queries about this Privacy Notice, please contact Edi.Cer. S.p.A. by sending an e-mail to firstname.lastname@example.org.
Changes to this Privacy notice
Extract from EU Regulation 2016/679: Arts. 15, 16, 17, 18, 19, 20, 21, 22 – Rights of the Data Subject
1. The data subject is entitled to receive confirmation of the existence of personal data regarding him or her, even if such data have not yet been recorded, and to be sent these data in an intelligible form, as well as to lodge a complaint with the supervisory authority.
2. The data subject has the right to obtain the following information:
the origin of personal data;
the purpose and methods of processing;
the rationale followed in the case of processing carried out with the aid of electronic equipment;
the identification details of the data controller, data processors and designated representative pursuant to article 5, subsection 2;
the parties or categories of parties to whom the personal data may be disclosed in their capacity as designated representatives in the state territory, as data processors or as appointees.
3. The data subject is also entitled to request:
that the data be updated, corrected or, if in his/her interest, supplemented;
that unlawfully processed data be erased, transformed into an anonymous form or blocked; this includes data that do not need to be stored for the purposes for which the data were collected or subsequently processed;
a declaration that the parties to whom said personal data have been communicated or disclosed have been informed about the operations indicated in subsections a) and e) and their contents, unless this operation should prove impossible or requires the use of resources that are manifestly disproportionate to the rights that are being protected.
4. The data subject has the right to totally or partially oppose:
the processing of his/her personal data for valid reasons, even if such data are relevant to the purpose of collection;
the processing of his/her personal data for the purposes of sending out advertising or direct sales material or for the conducting of market surveys or commercial communications.