Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA
of users consulting the website:

http://www.cariaggi.it

Pursuant to Article 13 of Regulation (EU) 2016/679

WHY THIS INFORMATION

In accordance with Regulation (EU) 2016/679 (hereinafter the "Regulation"), this page describes how the personal data of users who consult the website:

http://www.cariaggi.it .

are processed. 

This information does not concern other websites, pages or online services that can be reached through hypertext links that may be published on the websites, but which refer to resources outside the Data Controller's domain.

DATA HOLDER

Following consultation of the above-mentioned websites, data relating to identified or identifiable natural persons may be processed.

The Data Controller is CARIAGGI LANIFICIO S.P.A., Via Flaminia Nord n°48, Cagli (PU)

cariaggi.lanificio@pec.it

PURPOSE OF PROCESSING

Purpose
Providing information and/or services/
products requested by the user;
Responding to requests sent by the user via email;
Making website navigation possible and functional, and guaranteeing an adequate level of security, integrity and availability;
Analysis of statistical user data on aggregated or anonymous data, with the aim of monitoring the proper functioning of the Website, traffic usability and interest
Access to Reserved Area - Cariaggi WEB application on AWS cloud
Legal basis
Processing for these purposes is necessary for the fulfilment of contractual obligations and does not require the specific consent of the data subject.
Processing for these purposes is necessary for the fulfilment of contractual obligations and does not require the specific consent of the data subject.
Processing for these purposes relates to the overriding legitimate interest of the Data Controller and does not require consent.
Processing for these purposes relates to the overriding legitimate interest of the Data Controller and does not require consent.
Processing for these purposes is necessary for the fulfilment of contractual obligations and does not require the specific consent of the data subject.

YPES OF DATA PROCESSED AND PURPOSES OF PROCESSING

Navigation data

During their normal operation, the computer systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols.

This data category includes the IP addresses or domain names of the computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, time of the request, method used to submit the request to the server, size of the file obtained in response, numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.

These data, which are necessary for the use of web services, are also processed for the purpose of:

• Monitoring the proper functioning of the services offered.

Data communicated by the user

The optional, explicit and voluntary sending of messages to the contact addresses of the Data Controller entails the acquisition of the sender's contact data, which are necessary to reply, as well as all the personal data included in the communications.

The data collected will be processed exclusively for the purposes of the service and will be kept for a limited time compatible with statutory provisions.

Access to the RESERVED AREA and therefore, to the Cariaggi WEB application requires registration and account authentication. The registration process requires the user to voluntarily provide the data necessary to create the account, which are subject to privacy by design analysis and comply with the principle of minimisation, i.e. only the data strictly necessary for the purpose are requested. Account data will be processed by the Data Controller's employees in order to assign specific permissions with regard to the type of user, so as to allow maximum usability of the application. The data will be stored until the user explicitly requests the deletion of same. The common data requested during registration will be encrypted and then stored in an Amazon AWS database. The data will be stored until the user requests deletion and in any case, up to 3 years after the last access. When a deletion request is submitted, the data will be anonymised and replaced with random characters.

Cookies and other tracking systems

No cookies are used for user profiling.

Only session (non-persistent) cookies and technical persistent cookies are used, strictly limited to what is necessary for safe and efficient site navigation. The storage of session cookies in terminals or browsers is under the user's control, whereas, at the end of HTTP sessions, information relating to cookies remains recorded in the service logs, on the servers, for the retention times indicated in the table below:

_ga
Google Analytics sets this cookie to calculate visitor, session and accompanying data and to track site usage for site analytics reporting. Cookies store information anonymously and assign a randomly generated number to recognise unique visitors
Duration: 1 year, 1 month, 4 days
_ga_*
Google Analytics sets this cookie to store and count page views
Duration: 1 year, 1 month, 4 days

Managing cookies

The user can decide whether or not to accept cookies by using their browser settings.

Attention: total or partial disabling of technical cookies may affect the use of website's functions reserved for registered users. On the contrary, public content can be accessed even if cookies are completely disabled.

Disabling third-party cookies does not affect navigability in any way.

This setting can be defined specifically for different websites and web applications. Moreover, the best browsers allow you to define different settings for “proprietary” and “third-party” cookies. Below are the support pages for the main browsers on the market:

Chrome: https://support.google.com/chrome/answer/95647?hl=it 

Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie 

Internet Explorer: https://support.microsoft.com/it-it/kb/278835 

Edge : https://privacy.microsoft.com/it-IT/windows-10-microsoft-edge-and-privacy 

Opera: http://help.opera.com/Windows/10.00/it/cookies.html 

Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT 

DATA RECIPIENTS

The personal data collected are processed by the Data Controller's staff, who act on the basis of specific instructions provided regarding the purposes and methods of processing. The data provided for access and registration to the WEB Platform are also processed by Nautes S.p.A., which acts as Data Processor for technical assistance and platform maintenance operations.

DATA SUBJECT’S RIGHTS

Data subjects have the right to obtain from the Data Controller, in the cases provided for, access to and rectification or erasure of their personal data or restriction of processing concerning them or to object to processing (Art. 15 et seq. of the Regulation). The appropriate application to the Authority is made by contacting the Data Controller at the references given.

RIGHT OF COMPLAINT

Data subjects who believe that the processing of personal data relating to them carried out through this website is in breach of the provisions of the Regulation are entitled to lodge a complaint with the Privacy Authority, as provided for in Art. 77 of the Regulation, or to bring an action before the appropriate courts (Art. 79 et seq. of the Regulation).