Privacy policy
INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA
IN RELATION TO THE PRIVACY POLICY OF THE SITE
This section contains the management methods of the site www.mcecchi.com with reference to the processing of the data of the users of M. CECCHI & CO. S.P.A.
This information is also valid for the purposes of art. 13 of Regulation EU no. 2016/679 (hereinafter also referred to as GDPR), concerning the protection of individuals with regard to the processing of personal data as well as the free circulation of such data, for those who interact with M. CECCHI & CO. S.P.A. and can be reached at the web address corresponding to the initial page www.mcecchi.com.
The information is provided only for the site www.mcecchi.com and not for other websites that may be consulted by the user via links contained therein.
The purpose of this information notice is to provide information about the methods, timing and nature of the information that the Data Controller must provide to users when they connect to the web pages of M. CECCHI & CO. S.P.A., regardless of the purposes of the connection itself, according to Italian and European legislation.
The information may be changed due to the introduction of new regulations in this regard; therefore the user is invited to periodically check this page.
If the user is under 14, pursuant to art. 8 paragraph 1 of the GDPR and of the art. 2 quinquies of (It.) Legislative Decree 196/2003, as amended by (It.) Legislative Decree 181/2018, they will have to legitimise their consent through the authorisation of the parents or guardian.
DATA PROCESSING
The company M. CECCHI & CO. S.P.A., with headquarters in 52045 - Foiano della Chiana (AR), Frazione Zona Industriale Farniole, via Enzo Ferrari numbers 38-40 - VAT number 00935720524 is the Data Controller and, therefore, the legal person who determines the purposes and means of processing personal data. It also deals with security profiles.
With regard to this website, therefore, the Data Controller is M. CECCHI & CO. S.P.A. and, for any clarification or to exercise the user's rights, you may contact it at the following e-mail address: info@mcecchi.com
As the Data Controller, M. CECCHI & CO. S.P.A. informs you that, pursuant to article 13 of the GDPR, your data will be processed in the following manner and for the following purposes:
- Nature of the processed data:
- Purpose of processing and legal basis:
- Without your express consent (art. 6 of the GDPR) for the following purposes:
-
-
- To conclude contracts with the Data Controller;
- To discharge the pre-contractual, contractual, accounting and tax obligations deriving from existing relationships with you
- To discharge the obligations provided for by the law, by a regulation, by EU legislation or by an order of the Authority
- To exercise the rights of the data controller, for example the right to legal defence in court
-
- Only with your specific and separate consent (art. 7 of the GDPR), for the following marketing purposes:
-
-
- To send you via mail,by post and/or SMS and/or telephone contacts newsletters, commercial communications and/or advertising material on products or services offered by the Data Controller and the degree of satisfaction with the quality of services;
- To send you commercial and/or promotional communications from third parties (for example, business partners, or other companies of the group, or associated companies, etc.) via e-mail, by post and/or SMS and/or telephone contacts.
-
- Cookies Policy
- Data provided by the user.
- Support in the configuration of your browser.
- Social Network Plug-ins.
- Facebook: https://www.facebook.com/help/cookie
- Twitter: http://support.twitter.com/articles/20170519-uso-del-cookie-e-d-altre-tecnologie-simili-da-parte-di-twitter;
- Google+: http://www.google.com/policies/tecnologies/cookies
- Pinterest: http://about.pinterest.com/it/privacy-policy
- Linkedin: http://www.linkedin.com/legal/cookie-policy
- Access to data
-
- To the employees and collaborators of the Data Controller in their capacity as persons in charge of the processing and/or internal processors and/or system administrators and to the Data Protection Manager (DPO) where appointed;
- To third-party companies or other persons who carry out professional activities for the Data Controller (by way of an example: credit institutions, professional firms, consultants, website management and maintenance providers, suppliers, etc.) in their capacity as external processors, the list of which is available at our offices.
- Data disclosure
- Data transfer
- Data retention
- Rights of the data subject
-
- Obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and their communication in an intelligible form;
- Obtain the indication: a) of the origin of the personal data; b) of the purposes and methods of processing; c) of the logic applied in the case of processing carried out with the aid of electronic instruments; d) of the identification data of the Data Controller, data processors and the representative designated pursuant to art. 3, paragraph 1 of the GDPR; e) of the subjects or categories of subjects to whom the personal data may be disclosed or who can learn about them as appointed representative in the State, processors or persons in charge of the processing;
- Obtain: a) updating, rectification, restriction or, when necessary, completion of data; b) the erasure, transformation into anonymous form or blocking of data processed in breach of the law, including data which do not need to be retained for the purposes for which the data were collected or subsequently processed; c) certification that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been disclosed or disseminated, except in the event that such fulfilment proves impossible or involves a manifestly disproportionate use of resources with respect to the protected right;
- object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of collection; b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales materials or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and/or through traditional marketing methods by phone and/or post. Please note that the data subject's right of objection, set out in point b) above, for direct marketing purposes by automated means, extends to the traditional ones and that the possibility for the data subject to exercise the right to objection also remains valid even if only partially. Therefore, the data subject may decide to receive only communications using traditional methods or only automated communications or none of the two types of communication.
- The data subject has the right to receive in a structured, commonly used, machine-readable format the personal data concerning him/her provided to the Data Controller and has the right to transmit such data to another data controller without impediment by the data controller to whom they were supplied if: a) the processing is based on consent pursuant to Article 6, paragraph 1, letter a), or Article 9, paragraph 2, letter a) of the GDPR or on a contract pursuant to Article 6, paragraph 1, letter b) of the GDPR; and b) the processing is carried out by automated means. In exercising their rights with respect to data portability, the data subjects have the right to obtain the direct transmission of personal data from one data controller to another, if technically feasible.
- Withdrawal of consent
- Modalities for exercising the rights
- Data controller, external processors and persons in charge of the processing
- Consent
- Security of the Data Provided.
- Amendments to this document.