Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ART. 13 OF EU REGULATION 2016/679

 

 

Website Browsing Policy

 

  1. FOREWORD

Pursuant to Art. 13 of the EU Regulation 2016/679 (hereinafter "Regulation"), this information note describes the procedure to process the personal data of users consulting the websites of the Data Controller.

This information does not involve other websites, pages or online services that can be reached through any hypertext links published on the websites but referred to resources outside the domain.

Personal data processing is based on principles of lawfulness, correctness and transparency, purpose limitation and storage, data minimisation, accuracy, integrity, and accountability, to protect the confidentiality and rights of the data subject.

 

  1. DATA CONTROLLER

The Data Controller of the personal data is Cristina Srl, sole shareholder company.

 

  1. LEGAL BASIS AND CATEGORIES OF PERSONAL DATA

The personal data indicated on this page is processed by the Data Controller for the purpose of facilitating contact with its structure based on the consent of the Data Subjects expressed following the voluntary browsing of the website, and the legitimate interest of the Data Controller to manage the site efficiently and safely. 

  • Browsing data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified Data Subjects, that could allow, due to their nature, users to be identified through processing and association with data held by third parties. This data category includes IP addresses or the domain names of the computers used by users connecting to the website, the URI (Uniform Resource Identifier) of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, and so on) and other parameters relating to the user's operating system and computer environment.

This data is used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct operation and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the website: except for this possibility, at present the data on web contacts does not persist for longer than necessary to achieve the above purposes.

  • Data provided voluntarily by the user

The optional, explicit, and voluntary sending of electronic mail to the addresses indicated on this website entails the subsequent acquisition of the sender's address that is necessary to answer requests, as well as any other personal data included in the message.

Specific information is reported or displayed on the website pages used for specific services upon request.

Except for what has been specified for browsing data, the user is free to provide personal data indicated in the forms on the website or anyhow indicated to send information material or other communications. Some forms may highlight the information for which their provision is indispensable to provide the requested service, and those for which the completion is optional.

Failure to provide essential information makes obtaining what has been requested impossible.

 

  1. RECIPIENTS, DATA SHARING AND TRANSFER TO THIRD COUNTRIES

The processing operations are carried out to guarantee the logical and physical security and confidentiality of your personal data, by the internal staff of Cristina (Data Controller), also using tools and platforms provided by any Data Processors.

 

  1. RIGHTS OF THE DATA SUBJECTS

Pursuant to Art. 13, par.2, letter b), c), d) of Reg. EU 2016/679, the subjects to whom the personal data refer have the right to obtain, at any time, confirmation of the existence or not of such data and to know its content and origin, verify its accuracy or request its integration or updating, or rectification (ex Art.15-16).

Pursuant to Art. 17 - 18 - 19 of the above-mentioned Regulation, data subjects have the right to request the cancellation, limitation of processing, as well as to object in any case, for legitimate reasons, to their processing.

For information or to exercise the rights granted by the GDPR, please contact Cristina's Privacy Team at: teamprivacy@cristinagroup.com.

 

PRIVACY - GDPR - INFORMATION NOTICE FOR CUSTOMERS AND SUPPLIERS

 


1. INTRODUCTION
Pursuant to art. 13 of Regulation EU 2016/679 (GDPR), your personal data will be processed on the basis of the principles of lawfulness, fairness, transparency, purpose and storage limitation, data minimisation, accuracy, integrity and responsibility, protecting the confidentiality and rights of the data subjects.

2. THE CONTROLLER
The Personal Data Controller is CRISTINA S.r.l.

3. PURPOSE, LEGAL BASE AND CATEGORIES OF PERSONAL DATA
Your personal data is processed for entry in the customer and supplier archives to manage precontractual (offers and quotations) and contractual (sales/purchase of products and services) matters as well as for internal operational and managerial needs, for accounting, tax, civil law purposes and similar requirements.
Your data will be processed by specifically appointed staff, using paper or electronic methods.
Your data must be provided in order to fulfil the obligations arising from the contractual relations.
If you do not provide your data, we may not be able to perform all or part of the contract or proceed with our relations.

4. DATA SHARING AND THE TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES
The data processors to whom your (personal, accounting and tax) data may be disclosed are: employees working in the administrative and commercial departments of our company, external subjects who may perform tax, accounting or IT services on behalf of our company, as well as transporters, credit institutes to manage payments and collections, other subjects who have the right of access to your data pursuant to specific legal provisions or regulations, and any other subjects provided for by law.
Your data will not be disclosed to other third parties or be processed outside of the EU.

5. RETENTION OF PERSONAL DATA
The data collected shall be duly stored for a maximum period of 10 years or other variable term according to the criteria of balancing the legitimate corporate interests (linked to tax checks, any special commercial correspondence, or specific disputes including disputes, defaulting payments, legal aspects, periodical purchases, statistical, productive or quality purposes).

6. RIGHTS OF THE DATA SUBJECTS
Pursuant to art. 13(2) lett. b), c), d) of Reg. EU 2016/679, you may contact the Controller in relation to any of the following rights relating to the processing of personal data:

  • right of access (art. 15);
  • right to rectification (art. 16);
  • right to erasure (art. 17);
  • right to restriction (art. 18);
  • right to data portability (art. 20);
  • right to object (art. 21);
  • right to lodge a complaint with a supervisory authority (art. 77);
  • right to withdraw consent, in the cases provided for in art. 6(1) lett. a) or art. 9(2) lett. a)


For information or to exercise the rights granted under the GDPR, please contact the Cristina Privacy Team using the following e-mail address: teamprivacy@cristinagroup.com


INFORMATION NOTICE FOR MARKETING ISSUES



1. INTRODUCTION
Pursuant to art. 13 of Regulation EU 2016/679 (GDPR) our company is constantly committed to processing personal data in accordance with the principles of lawfulness, fairness, transparency, purpose and storage limitation, data minimisation, accuracy, integrity and confidentiality.

2. THE CONTROLLER
The Controller of personal data is CRISTINA S.r.l.

3. PURPOSE, LEGAL BASE AND CATEGORIES OF PERSONAL DATA
The data is processed for the purpose of sending information, communications and material of a commercial, technical or promotional nature relating to our products, applications and services, including newsletters, sent using automated (e-mail, text message etc.) or other instruments (paper-based mail).
The legal base for the processing of Personal Data for these purposes is consent to processing.
The Controller will process Personal Data which may consist of identification such as name and surname, company name, postal address, e-mail address, home and/or mobile telephone number, an ID number, self-declared professional or business category.

4. DATA SHARING AND THE TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES
Personal Data may be shared for the purposes indicated in section 3 above, with persons authorised by us to process Personal Data for the activities strictly related to the sending of commercial information, newsletters, etc.

5. RETENTION OF PERSONAL DATA
Our company will continue to process the Personal Data provided until consent is withdrawn; you may exercise the right to withdraw consent by following the instructions or writing to the address given below.

6. RIGHTS OF THE DATA SUBJECTS
Pursuant to art. 13(2) lett. b), c), d) of Reg. EU 2016/679, you may contact the Controller to assert the following personal data processing rights:

  • right of access (art. 15);
  • right to rectification (art. 16);
  • right to erasure (art. 17);
  • right to restriction (art. 18);
  • right to data portability (art. 20);
  • right to object (art. 21);
  • right to lodge a complaint with a supervisory authority (art. 77);
  • right to withdraw consent, in the cases provided for in art. 6(1) lett. a) or art. 9(2) lett. a)


For information or to exercise the rights granted by the GDPR, contact the Cristina Privacy Team at the following e-mail address: teamprivacy@cristinagroup.com

 

 

Information Note for the Recipients of Technical Assistance

 

Pursuant to Art. 13 of EU Regulation 206/679, we inform you that the Data Controller Cristina Srl, sole shareholder company, employs, through its staff, the personal data acquired through the exchange of e-mails or other shared means, only to perform the support services requested. For example, the data processed indicates personal details, address, telephone number, e-mail address, etc. The data may be communicated to companies acting as Data Processors, to perform activities related to the request should this be necessary to provide the services requested. The data is stored for the period necessary to manage the request and further on for documentary purposes or if required by law, for the duration of storage set by the enforced regulations. 

We would like to remind you that you may exercise your rights under the legislation by sending an e-mail to teamprivacy@cristinagroup.com and filing a complaint with the Privacy Authority.