Privacy Policy
This information is provided, in accordance with Article 13 EU Regulation 2016/679 (GDPR) to users who interact with the CHIAROSCURO website accessible electronically from the address: www.chiaroscuro.eu, corresponding to the home page of the site.
This information describes the methods of management of only the company’s official website but not of other external websites that may be consulted by the user through links.
Additional information may be provided within the different access channels, divided on the basis of the topics covered. Other disclosures may be provided within the Site in relation to specific services.
Data controller: CHIAROSCURO SAS Via Antonio Cantore, 23 – 38061 Serravalle – Ala (TN)
Contact information: info@chiaroscuro.eu
Purpose of processing | Legal basis for processing | Period of data retention |
Administrative-accounting activities in general and for the fulfillment of obligations under the law, regulations and from applicable national and supranational legislation | Need to fulfill legal obligations | Contractual duration and, after termination, for the ordinary limitation period of 10 years. |
Possible contact request, sending information you requested; | Performance of a contract to which the data subject is a party or to the performance of pre-contractual measures taken at your request (Art. 6(1)(b) of the Regulation) | Time required to provide feedback |
If necessary, to ascertain, exercise or defend the rights of the Holder in judicial proceedings | Legitimate interest | Throughout the duration of the same, until the exhaustion of the time limits for the admissibility of legal challenges. |
Direct marketing Sending – by automated contact methods (such as sms, mms and e-mail) and traditional methods (such as telephone calls with operator) – promotional and commercial communications related to services/products offered or reporting of company events or participation in webinars, as well as carrying out market studies and statistical analysis. | Consent (optional and revocable at any time). It should be noted that the Data Controller collects a single consent for the Marketing purposes described herein pursuant to the General Order of the Guarantor for the Protection of Personal Data “Guidelines on Promotional Activities and Countering Spam” of July 4, 2013. If, you wish to object to the processing of your data for Marketing purposes carried out by the means indicated herein, as well as to revoke the consent given; you may do so at any time by contacting the data controller at the contact details indicated in this notice, without affecting the lawfulness of the processing based on the consent given before revocation. | Until consent is revoked. |
Once the above retention periods have expired, the Data will be destroyed, deleted or anonymized, consistent with the technical procedures for deletion and backup. |
Type of Data Processed and Method of Collection
Navigation data – log files
It is possible to access the Website without the user being asked to provide any personal data. The computer systems and applications dedicated to the operation of this website detect, in the course of their normal operation, some data (the transmission of which is implicit in the use of Internet communication protocols) not associated with directly identifiable users. The data collected include the IP addresses of users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request and the numerical code indicating the status of the response given by the server (successful, error, etc.).
This information does not provide the user’s personal data and is not collected to be associated with identified interested parties, but it is technical/informational data collected and used in an aggregate and anonymous manner for the purposes of verifying the proper functioning and monitoring the security of the Site; improving the quality of the service and providing statistics concerning the use of the Site; proceeding to ascertain responsibility in case of hypothetical computer crimes to the detriment of the Site.
Data provided voluntarily by the user
The voluntary and explicit sending of electronic mail to the addresses indicated in the different access channels of this site entails the subsequent acquisition of the address and data of the sender/user, necessary to respond to the instances produced and/or provide the requested service. It is assured, however, that such processing will be based on the principles of fairness, lawfulness and transparency and protection of confidentiality as indicated in the GDPR. In any case, before proceeding to the activation of a given service, appropriate information will be provided and, where necessary, the relevant consent to the processing of personal data will be acquired. This consent may subsequently be revoked at any time, causing the possibility of using the service in question to lapse.
Failure to provide consent or revocation of the same does not entail any consequences, except the impossibility of using the Site and/or the provision of the requested service or of obtaining more detailed information on the Company’s activities.
In any case, the processing of personal data may be carried out, if it is necessary, for the pursuit of a legitimate interest of the Data Controller or based on a legal obligation. In particular, obtaining consent to the processing referred to in the previous point regarding navigation and log data is not necessary as the data is processed as responding to a legitimate interest (Recital 47 of the GDPR).
Provision of Data
Apart from that specified for navigation data, the provision of personal data by the interested party, for certain purposes described in the preceding paragraph is to be considered optional. Failure to provide them may result in the inability to take advantage of certain services provided by the site.
Methods of Data Processing
Personal data are processed by automated means for the time strictly necessary to achieve the purposes for which they are collected in accordance with the principles of lawfulness, purpose limitation and data minimization, pursuant to Article 5 of the GDPR and in compliance with the mandatory time limits prescribed by law. Specific security measures are observed to prevent data loss, unlawful or incorrect use and unauthorized access.
Communication and/or Dissemination of Data
Your data, subject to processing, will not be disseminated but may be communicated to companies contractually linked to the company, in accordance with and within the limits of the GDPR. Personal data are stored on servers located within the European Union. It is in any case understood that the Data Controller, should it become necessary, will have the right to move the servers outside the EU as well. In this case, the Data Controller assures as of now that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission and the user will be informed.
Data may be disclosed to third parties belonging to the following categories:
– individuals who provide services for the management of the information system used by the company and telecommunications networks (including e-mail);
– firms or companies as part of assistance and consulting relationships;
– competent authorities for fulfillment of obligations of laws and/or provisions of public bodies, upon request.
– companies offering marketing platform management services
– companies offering website and information system maintenance services.
Subjects belonging to the above categories perform the function of Data Processor, or operate completely independently as separate Data Controllers The list of Data Controllers is constantly updated and available at the company’s headquarters. Any further communication or dissemination will take place only with your explicit consent.
Possible Existence of an Automated Decision Making Process
The owner informs the data subject that there is no automated decision-making process on this site, so in particular there is no profiling system.
Minor
This Site and the Owner’s Services are not intended for minors under the age of 16, and the Owner does not intentionally collect personal information referring to minors. In the event that information about minors is unintentionally recorded, the Owner will delete it in a timely manner upon users’ request.
Rights of the data subject
Data subjects have the right to receive information from the Company regarding the processing carried out of personal information by email to: info@chiaroscuro.eu.
– Right of access: we are transparent about the data we collect and how we use it. You can contact us at any time by sending an email to access the information we hold.
– Right to rectification: you have the right to have any inaccurate or incomplete information rectified and request that it be updated and/or amended.
– Right to deletion: send a request for deletion of all information about you and within 30 days we will take up your request.
– Right to limitation: you have the right to request that the data controller limits the processing of your data.
– Right to portability: if you ask us, we will export your data so that it can be transferred to third parties in a structured, commonly used, machine-readable format.
– Right to object: you can unsubscribe at any time from all specific uses we make of your data (newsletters, automated emails, etc.).
– Right to lodge a complaint: if you feel that your rights have not been respected, you may lodge a complaint with the competent authority according to the directions posted on www.garanteprivacy.it or by email to urp@gpdp.it.
Corso Antonio Cantore, 23
38061 Serravalle – Ala (TN) Italy
Tel: +39 0464 424715
Email: info@chiaroscuro.eu
General conditions of sale
Privacy
VAT IT01527050221
Copyright © 2023-2024 Chiaroscuro – All rights reserved