Information notice on use of the website in accordance with Article 13 of Regulation (EU) 2016/679 and Legislative Decree No. 196/2003, as amended by Legislative Decree No. 101/2018
The Data Controller, CYBERSEL SRL, Tax Code 10617990014, having its registered office in Turin (TO), Lungo Dora Colletta n. 81, in the person of the pro tempore legal representative (hereinafter, the “Data Controller” or “Cybersel”), hereby informs you under Article 13 of Regulation (EU) No. 679/2016 (hereinafter, “GDPR”) that your data will be processed in the manner and for the purposes set out below.
To that end, before communicating any personal data, the Data Controller invites you to read this information notice (hereinafter, “Information notice”), as it contains important information on personal data protection and on the safety measures adopted to ensure its confidentiality in full compliance with the GDPR.
This information notice is understood as being provided to users visiting the Cybersel website. The information notice exclusively concerns the processing carried out within this website and not on any other websites browsed by the user via our links. Your data will be processed in a pertinent and transparent manner in compliance with the principles of lawfulness and necessity currently in force in this field.
1. DATA CONTROLLER AND DATA PROTECTION OFFICER
The Data Controller is CYBERSEL SRL, Tax Code 10617990014, having its registered office in Turin (TO),Lungo Dora Colletta n. 81, in the person of the pro tempore legal representative (hereinafter, the “Data Controller” or “Cybersel”).
The data protection officer is Advocate Luca Montalbano, with chambers situated in Turin (TO), Corso Bramante n. 91, firstname.lastname@example.org.
2. TYPE OF DATA SUBJECT TO PROCESSING
Data processing takes place in conformity with the general principles of the Regulation and will be carried out either manually or with the aid of computer and electronic means capable of ensuring the safety and confidentiality of the relevant processing.
The data processed consists in personal data provided by the user during the browsing experience, such as:
1) personal details, e.g. name and surname, email and IP address.
3. PURPOSES AND LEGAL BASIS OF THE PROCESSING
The personal data, once collected, is processed:
A) To comply with obligations laid down by laws, regulations, European legislation, or instructions issued by Supervisory and Control Authorities or Bodies.
B) To enable correct use of the website via recourse to technical cookies.
The processing of your data for the aforementioned purposes has its legal ground in Article 6 (b), (c) and
of the GDPR, pursuant to which:
- Any processing carried out for purpose A) is necessary to fulfil legal obligations and enable use of the requested service/asset and does not require specific
- Any processing carried out for purpose B) is founded on a legitimate interest of the Data Controller and does not require specific
Provision of your data is compulsory and necessary.
4. STORAGE PERIOD
Your data will be stored as follows:
- the personal data processed and stored B) in order to allow a correct use of the website is processed and stored for a period not exceeding 12 months from the date of collection of each data separately;
- data collected C) within the context of using the services offered by the Data Controller is stored until termination of the service or cancellation by the user of registration for it.
-data collected for purposes A) will be stored for the period laid down by law and in any event for no longer than 11
At the end of said periods, your data will be conclusively erased or permanently anonymised.
5. PROCESSING RECIPIENTS AND DATA TRANSFER
Your data may be shared with:
1. subjects acting in a capacity as data processors and/or sub-processors.
2. persons authorised by Cybersel to personal data processing who have bound themselves to abide by confidentiality or have an adequate legal obligation of confidentiality.
3. third parties that can belong to the following categories: Group companies, financial operators, Internet providers, companies specialized in IT services, service providers, consultancy firms.
4. The data may be transmitted to third parties in the event of mergers, acquisitions, sales of businesses or business branches and other extraordinary transactions such as sale agreements, as well as to anyone wo is a legitimate recipient of communications required by laws or regulations.
Your data may be transferred outside the European Economic Space only to subjects bound by standard European contractual clauses admitted under Article 26(2) of Directive 95/46/EC or in the event that the territory where the processing is carried out has a suitability assessment in accordance with Article 25(6) of Directive 95/46/EC (inclusive, to dispel any possible doubts, the US/EU Privacy Shield).
A specific and updated list of those subjects is available at the operational venue of the Data Controller and may be perused upon request by the data subject.
6. DATA SUBJECT’S RIGHTS
You are entitled to ask the Company, at any time, for access to your personal data and for its rectification or erasure, and to object to its processing, and you have also the right to request the limitation of its processing in the instances laid down by Article 18 del GDPR, as well as to receive in a structured, commonly-used and machine-readable format the data that concerns your person, in the instances specified by Article 20 of the GDPR.
Requests can be addressed to email@example.com
In any event, you are always entitled to lodge a complaint with the competent monitoring authority (Personal Data Protection Officer), in accordance with Article 77 of the GDPR, if you are of the opinion that the processing of your data is in conflict with applicable laws.
7. SAFETY MEASURES
The Data Controller adopts suitable and preventive safety measures meant to safeguard the confidentiality, integrity, completeness and availability of the data subject’s personal data.
Technical, logistical and organisational precautions aimed at preventing damages, losses, including accidental ones, alterations, and undue and unauthorized use of the processed data, are deployed.
Furthermore, the Company may not be held liable for untruthful information sent directly by the user (e.g. correctness of the e-mail address, credit card details or postal address), as well as the information relating to him or her that has been provided by a third party, fraudulently as well.
The Data Controller will regularly test, check and assess the effectiveness of safety measures adopted in order to ensure ongoing improvement in safe processing.
The Data Controller is entitled to update the information notice at any time and apprise users thereof by resorting to the most suitable tools; for any further information or question, you can contact the Data Controller at: firstname.lastname@example.org