COVISIAN S.P.A., with registered office in via dei Valtorta, 47 – 20127 Milano (MI) (“Company”) – email: firstname.lastname@example.org.
The contact details of the company’s DPO are as follows: email@example.com.
Categories of Data Processed
Among the Personal Data collected by this Website (hereinafter, also “Data”), either autonomously or through third parties, there are: IP addresses or domain names of the computers used by the Users who connect to the Website, Usage Data.
Personal Data may be freely provided by the User or, in the case of User Data, automatically collected during the use of this Web Site.
Unless otherwise specified, all Data requested by this Web Site are mandatory. If the User refuses to provide it, it may be impossible for this Web Site to provide the Service. In cases where this Web Site indicates certain Data as optional, Users are free to refrain from communicating such Data, without any consequences on the availability of the Service or its operation.
The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Web Site and warrants that he/she has the right to communicate or disseminate it, releasing the Owner from any liability towards third parties.
Purposes of Data Processing
The User Data are collected to enable the Controller to provide the Service, to comply with legal obligations, to respond to requests or enforcement actions, to protect its rights and interests (or those of Users or third parties), to detect any malicious or fraudulent activities, and for statistical purposes.
Legal basis for processing
The Controller processes Personal Data relating to the User if one of the following conditions is met:
However, it is always possible to request the Controller to clarify the concrete legal basis of each processing.
Mode of treatment
The Data Controller takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data.
The processing is carried out by means of computer and/or telematic instruments, with organisational methods and logics strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other employees involved in the organisation of this Web Site (administrative, sales, marketing, legal, system administrators) or external parties (such as third party technical service providers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller, may have access to the Data. The updated list of Data Processors can always be requested from the Data Controller.
The Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located.
The Data are processed and stored for the time required by the purposes for which they were collected.
When the processing is based on the User’s consent, the Controller may retain the Data until such consent is revoked. The Owner may also be obliged to keep the Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, the Personal Data will be deleted.
User has the right to ask the Data Controller, in compliance with the conditions set out in the GDPR:
Right to object: User has the right to object at any time, for reasons related to your particular situation, to the processing of Data by the Company for the pursuit of its legitimate interest and to the processing of your personal data for marketing purposes.
To exercise your rights, please contact the Data controller at the following address: firstname.lastname@example.org.
The exercise of the rights of the data subject is subject to some exceptions, in particular aimed to the safeguard of the public interest (e.g., the prevention or identification of crimes) and/or protecting the Company’s rights. In the event you have exercised any of the aforementioned rights, the Company shall check that you are entitled to exercise it and provide you feedback, normally, within one month.
If you believe that the processing of Data does not comply with the provisions of the GDPR, you also have the right to lodge a complaint to the Supervisory Authority of your Country, or to refer the matter to the appropriate courts.
Last changed: 11 September 2023