Privacy Policy

INFORMATION ABOUT PROCESSING OF PERSONAL DATA ON THE WEB SITE
www.cefla.it

With reference to the personal data voluntarily supplied by you or otherwise acquired by CEFLA through the above WEB site (hereinafter, the “Data”), pursuant the terms of Article 13 of Italian Legislative Decree No. 196/2003, we hereby advise you as follows.

The term Processing shall mean “any operation, or set of operations, carried out with or without the help of electronic or automated means, concerning the collection, recording, organisation, keeping, interrogation, elaboration, modification, selection, retrieval, comparison, utilization, interconnection, blocking, communication, dissemination, erasure and destruction of data, whether the latter are contained or not in a data bank”.

The term Personal Data shall mean “any information relating to natural persons that are or can be identified, even indirectly, by reference to any other information including a personal identification number”

PURPOSE OF DATA PROCESSING. Within the limits of applicable laws, the Data shall be processed for the following purposes:
a) fulfilling obligations required by laws, regulations and/or EU legislation;
b) providing access to protected areas for using online services;
c) to carry out marketing operations, distribution of commercial and promotional information, including sending newsletters and/or updates regarding Cefla s.c. activities/products.
The user is free to provide personal data through the use of online forms.
The submission of Data required online, and, where necessary, of a consent to Data Processing, for the purpose to provide a service, if marked with an asterisk (*), is compulsory, and failure to submit Data or give such consent shall make impossible to CEFLA to carry out the requested service.

LOCATION AND METHOD OF PROCESSING. The processing operations related to the web-based services that are made available via this website are carried out at CEFLA headquarters exclusively by Cefla staff. The processing of Personal Data shall be undertaken both using electronic instruments and not using electronic instruments in complete compliance with the terms of the laws in force. Specific security measures shall be applied to minimise the risk of loss of data, illicit or incorrect use and unauthorised access.

COMMUNICATION. DISSEMINATION. For the purposes specified in this Information, Data may be communicated only to companies of the Cefla Group. Data shall not be transferred abroad, distributed, disseminated or disclosed to third parties, except in aggregate, anonymous form or for statistical purposes, and shall be kept for the period of time strictly necessary for the purposes for which they have been collected.

DATA TRANSMISSION TO CEFLA. As the Internet is not a secure environment, unauthorised third parties might be able to gain access to Personal Data submitted by you via the Internet and collect and use them unlawfully. CEFLA may not be held liable in respect of the security and integrity of your Data during transmission via the Internet.

AUTOMATIC DATA COLLECTION. Access log. The use of computer systems necessary to display WEB pages implies the automatic acquisition of data related to an IP address or URI, domain name, operating system, browser type, time of request as well as other parameters related to the user’s computer system. Such data may be used by Cefla in a strictly anonymous manner and with the sole purpose of:
i) identifying and solving problems related to the service or problems of a technical nature associated with IP addresses;
ii) monitoring use and performance (navigation and contents) of the site; iii) limiting access to protected areas to registered users only; iv) estimating the total number of visitors.
Collected data may also be used to verify responsibility in the event of any computer crimes committed against the site. The servers keep track of visits to the site only for the time strictly necessary for processing access data. The terms of this information apply to the processing of automatically collected Data.

Cookies CEFLA does not use cookies to collect information of a personal nature, nor does CEFLA use so-called persistent cookies of any kind or user-tracking systems. The use of the so-called session cookies is strictly limited to the transmission of session ID’s – consisting of server – generated casual numbers – as necessary to allow secure, effective navigation.

LINKS TO OTHER WEB SITES. Links to third party web sites are provided only for your convenience. Cefla s.c. may not be held in any way liable in relation to errors, contents, cookies, publication of immoral or illegal content, advertisement, banners or files, and/or the personal data processing procedures applied in other web sites that do not comply with applicable regulations.

The Data controller for Data processing is CEFLA S.C., with registered offices on Via Selice Provinciale, 23/A, Imola (BO), Italy, e-mail address ceflaimola@cefla.it .
The updated list of Data processors is on display in the site and may also be sent to you upon request via email to ceflaimola@cefla.it.
By writing to the same email address, you may request further details and explanations regarding Data processing or may exercise your rights  under Article 7, Italian Legislative Decree 196/2003, quoted below for your convenience:

1. A Data Subject shall have the right to obtain confirmation as to whether or not personal data concerning him or her exist, regardless of their being already recorded, and communication of such data in intelligible form.

2. A Data Subject shall have the right to be informed:
a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d) of the identification data concerning data controller, data processors and the representative designated;
e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data
in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.

3. A Data Subject shall have the right to obtain:
a) updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless
this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

4. A Data Subject shall have the right to object, in whole or in part,
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.