WEBSITE DATA PRIVACY POLICY updated pursuant to Regulation (EU) 2016/679 (General Data Protection Regulation)
1) Introduction
Cedat 85 srl takes the privacy of users seriously and is committed to respecting it. This privacy policy ("Privacy Policy") describes the personal data processing activities carried out by Cedat85 srl through the website www.cabolo.com and the related commitments undertaken by the Company in this regard. Cedat 85 srl can process users' personal data when they visit the Website and use services and features on the Website. If applicable pursuant to EU Regulation 2016/679, users' consent will be requested before the processing of their personal data. If users submit personal data of third parties, they must ensure that the disclosure of data to Cedat 85 srl and its subsequent processing for the purposes specified in the applicable privacy notice complies with EU Reg. 2016/679 and applicable legislation.
2) Controller, Processor and Privacy Officer Identification details, Cedat85 srl Address: via Poli, 29 – 00187 - Rome Telephone: +39.06.68134164
3) Type of data processed
In addition to the so-called "navigation data" (see below), personal data voluntarily provided by the user may be processed when he/she interacts with the functionalities of the Website or requests to use the services offered on the Website. In compliance with the Privacy Code, Cedat 85 srl may also collect personal data from third parties in the performance of its activities.
4) Cookies and navigation data
Our Website uses cookies. By using the Website, you consent to the use of cookies in accordance with this Privacy Policy. Cookies are small files stored on the hard disk of the user's computer. There are two macro-categories of cookies: technical and profiling. Technical cookies are necessary to ensure proper functioning of a website and allow user navigation. Without them, users may not be able to view the pages correctly or use some services. Profiling cookies are used to create profiles of users and send advertising messages in line with the preferences expressed by them during navigation. Cookies can be further classified as:
- "session" cookies, which are deleted immediately upon closing the navigation browser; _"persistent" cookies, which remain in the browser for a certain period of time. They are used, for instance, to recognise the device that connects to a website, facilitating the authentication operations for the user;
- "first party" cookies, generated and managed directly by the owner of the website visited by users;
- "third-party" cookies, generated and managed by parties other than the owner of the website visited by users.
5) Cookies used on the website
Our Website uses the following types of cookies:
1) first-party, session and persistent cookies, necessary to allow navigation on the Website. They serve purposes of internal security and system administration;
2) third-party, session and persistent cookies, necessary to allow users to benefit from multimedia elements on the Website, such as images and videos;
3) persistent third-party cookies used by the Website to send statistical information to the Google Analytics system, through which Cedat85 srl can perform statistical analysis of accesses/visits to the Website.
Cookies are used exclusively for statistical purposes and they collect information in
4) persistent third-party cookies, used by the Website to include in its pages the link-buttons of some social-networks (Facebook, Twitter and Google+). By selecting one of these buttons, users can publish contents of the Website they are visiting through their private pages on social-networks.
6) Retention of personal data
Personal data are stored and processed through IT systems owned by [Company name] and managed by Cedat 85 srl; for more details, please refer to the section ‘Scope of communication and data access’ below. Data are processed exclusively by specifically authorised personnel, including personnel assigned to carry out extraordinary maintenance operations.
7) Data processing purposes and methods
Cedat85 srl may process users' personal and sensitive personal data for the following purposes: when they use services and features on the Website, to manage requests and reports from their users, to send newsletters, etc. Furthermore, with the additional and optional specific consent of the user, Cedat85 srl may process personal data for marketing purposes, i.e. to send users promotional material and/or commercial communications relating to the Company's services, to the addresses provided, through methods and/or means of contact that can be traditional (such as paper mails, telephone calls with operators, etc.) and automated (such as internet communications, fax, e-mails, text messages, apps for mobile devices as smartphones and tablets, so-called APPS-, social network accounts -e.g. via Facebook or Twitter-, phone calls with auto calling, etc.). Personal data are processed both in paper and electronic form and entered into the Company information system in full compliance with EU Reg. 2016/679, including security and confidentiality profiles, and guided by the principles of fairness and lawfulness of processing. In compliance with EU Reg. 2016/679, data are kept and stored for 5 years.
8) Security and quality of personal data
Cedat85 srl undertakes to protect the safety of users' personal information and complies with the safety provisions of the applicable law in order to avoid data loss, illegitimate or unlawful use of data and unauthorized access to data. Furthermore, the information systems and IT programs used by Cedat 85 srl are set to minimize the use of personal and identification data; these data are processed only for the achievement of the specific purposes pursued in each case. Cedat 85 srl uses multiple advanced security technologies and procedures to promote the protection of users' personal data and, for instance, personal data are stored on secure servers located in places with protected and controlled access. Users can help Cedat 85 srl to update and preserve the integrity of their personal data communicating any modification related to their address, qualification, contact information, etc.
9) Scope of communication and data access
Your personal data may be disclosed to:
10) Nature of provision of personal data
The provision of personal data by the user is necessary to allow the Company to manage notifications and user requests or to enable the Company to re-contact users after their requests. This type of data is marked with an asterisk [*] and in this case provision of data is mandatory to allow the Company to follow up on requests which otherwise cannot be processed. Conversely, the collection of other data not marked with an asterisk is optional: failure to provide data will not entail any consequences for the user. As specified in the section 'Data processing purposes and methods', the provision of personal data by users for marketing purposes is optional and the refusal to provide them will not have consequences. The consent granted for marketing purposes extends to the sending of communications carried out using automated and traditional methods and/or means of contact, as exemplified above.
11) Rights of the interested party
11.1 Article 15 (right of access) and 16 (right of rectification) of EU 2016/679
Data Subjects have the right to obtain from Data Controllers confirmation of whether or not processing of personal data concerning them is in progress, and if so, they have the right to obtain access to those personal data, as well as the following information:
11.2 Right pursuant to Article 17 of EU Reg. 2016/679 - right to cancellation ('right to be forgotten') Data Subjects have the right to obtain the deletion of personal data concerning them from the Data Controller without undue delay and Data Controller are obliged to cancel personal data without undue delay, for one of the following reasons:
a) personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed;
11.3 Right indicated in article 18 Right to limitation of processing
Data Subjects shall have the right to obtain restriction of processing from the Controller where one of the following applies:
11.4 Right under article 20 Right to data portability
The interested party shall have the right to receive personal data concerning him/her, which he/she has provided to a Data Controller, in a structured, commonly used and machine-readable format and the right to transmit those data to another Data Controller without hindrance from the Data Controller.
The Data Subject may withdraw consent to the processing of his/her personal data by sending a registered letter with return receipt to the following address: Cedat85 srl Piazza Carducci 27/28 - San Vito dei Normanni - 72019 Brindisi with an identity document photocopy and the following text: <withdrawal of consent to the processing of all my personal data>. At the end of this operation, personal data of the Data Subject will be removed from our records as quickly as possible.
If you wish to have more information on the processing of your personal data, or to exercise the rights referred to in paragraph 7 above, you can send a registered letter with return receipt to the following address: Cedat85 srl Piazza Carducci 27/28 - San Vito dei Normanni - 72019 Brindisi
Before we provide you with, or modify, any information, we may need to ask you to answer a few questions to verify your identity. We will reply as soon as possible.