ctsv







Privacy Policy
Privacy Policy EU Regulation 679/16:
The Regulation on the “protection of natural persons with regard to the processing of personal data and on the free movement of such data” (the “Regulation”) contains a series of rules aiming to ensure that the processing of personal data takes place in compliance with the rights and fundamental freedoms of people. This Notice incorporates the Regulation requirements.
  • Purpose and legal basis of the processing: The Personal Data that concern you, which you communicated to the data controller or collected from third party subjects (in the latter case the compliance with the law and regulations by the third parties shall be duly verified), are processed by the Controller as part of its business activity for the following purposes:
  • Providing services and performing contracts.
  • Complying with the provisions of national and EU legislation. The processing of your Personal Data, in order to comply with the regulatory provisions is mandatory and your consent is not required (the processing is mandatory, for example, when it is required by taxation).
  • Categories of Personal Data Included among the Personal Data that the data controller processes, by way of example, are biographical data, address, ...
  • Processing method and personal data retention time: Your Personal Data will be processed using manual, electronic and telematic tools and in a way that ensures its security and confidentiality.
    In particular, your Personal Data are generally retained for a time period of 10 years, starting from the end of the contractual relationship you are part of. Likewise, the Personal Data may be processed for a longer time, should an act that interrupts and/or suspends the course of the term occur, entailing an extension of the data retention.
  • Categories of recipients to whom your personal data may be communicated: To achieve the purposes indicated above, it might be necessary to communicate your Personal Data to the following categories of recipients:
  • - Third parties (companies, freelancers, etc.) operating within and outside the European Union and that process your Personal Data as part of banking, financial and insurance services, payment systems, revenue offices and treasuries; recording the financial risks for the purpose of preventing and controlling the risk of insolvency; credit recovery and related activities; providing and managing procedures and IT systems; security and CCTV management services; auditing activities and consultancy in general; managing communication with customers, as well as the storage of data and documents, whether in paper or electronic form; recording of service quality, market research, information and commercial promotion of its products and/or services;
    - Authorities (e.g. judicial, administrative etc.) and public information systems established at public administrations. The third parties your Personal Data may be communicated to, act as: 1) Data Controllers, i.e. subjects which determine the purposes and means of the Personal Data processing; 2) Data Processors, i.e. subjects which process the Personal Data on behalf of the Controller or 3) Joint Data Controllers, which determine, together with the Controller, the relevant purposes and means.

    The updated list of the subjects identified as Data Controllers, Data Processors or Joint Data Controllers is available at all of data controller’s branches.
  • Transferring personal data to a third country or to an international organisation outside the european union. Your Personal Data are processed inside the European Union and are not disclosed. If necessary, for technical or operational reasons, the data controller reserves the right to transfer your Personal Data to countries outside the European Union or to international organizations, vis-à-vis the “adequacy” decisions of the European Commission or based on the appropriate safeguards, provided by the country to which the Personal Data shall be transferred, or specific derogations provided by Regulation.
  • Obligatoriness/optionality of providing personal data: The submission of your Personal Data needed to provide the services requested and perform the contracts (including the steps to be taken prior to entering into a contract) is not mandatory, but refusal to provide this Personal Data do not allow the data controller to fulfil the relevant requests.
  • Rights of the data subject: In your capacity as Data subject, you may exercise, at any time towards the Data Controller, the rights provided by the Regulation listed below:
  • Right of access: You can obtain confirmation as to whether or not your Personal Data are being processed and, where that is the case, to obtain access to the Personal Data and the information envisaged under art. 15 of the Regulation, among which, by way of example: the purposes of the processing, the categories of Personal Data concerned etc. Where Personal Data are transferred to a third country or to an international organisation, you have the right to be informed of the appropriate safeguards relating to the transfer
  • Right to rectification: You may obtain from the Controller the rectification of your Personal Data that are inaccurate as well as, taking into account the purpose of the processing, their integration, if the data are incomplete, by providing a supplementary statement.
  • Right to erasure: You may obtain from the Data Controller the erasure of your Personal Data, if one of the reasons provided by art. 17 of the Regulation occurs, including, by way of example, whether the Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed or if the consent on which the processing of your Personal Data is based was withdrawn by you or there is no other legal ground for the processing.
  • Right to restriction of processing: You may obtain the restriction of your Personal Data if one of the cases rovided by art. 18 of the Regulation applies, among which, for example:
  • - should the accuracy of your Personal Data be contested by you for a period enabling the Controller to verify the accuracy of the Personal Data;
    - the data subject has objected to processing, pending the verification whether the legitimate grounds of the Controller override those of the data subject.
  • Right to data portability: If the processing of your Personal Data is based on the consent or is necessary for the performance of a contract or to take steps prior to enter into a contract and the processing is carried out by automated means, you may:
  • - request to receive the Personal Data provided by you in a structured, commonly used and machinereadable format (e.g.: a computer and/or tablet);
    - transmit your Personal Data to another Data Controller without hindrance from the Controller.
  • Right to object: You may object at any time to the processing of Personal Data if the processing is carried out for the performance of a task carried out in the public interest or is necessary for the purposes of the legitimate interest of the Data Controller (including profiling).
  • Right to lodge a complaint with the Data Protection Authority: Notwithstanding your right to appeal to any other administrative or jurisdictional court, should you deem that the processing of your Personal Data takes place in breach of the Regulation and/or the applicable regulations, you may lodge a complaint with the Data Protection Authority.
  • Identity and contact details of the data controller: CTSV S.R.L. with registered office in Via Marco Polo 28, Bruino (TO) in its capacity as Data Controller processes your personal data (the “Personal Data”) for the purposes indicated in Section 1.
  • Contact details: In your capacity as Data subject, you may exercise, at any time towards the Data Controller, the rights provided by the Regulation listed below, by sending a specific request in writing to the e-mail address: info@ctsv.biz
 
 

CTSV: Via Marco Polo, 28 - 10090 BRUINO (TO) Italy - Tel. +39.011.9049381 - Fax +39.011.9055288 - info@ctsv.biz - Privacy Policy