The Data Controller
The data controller is CRIF S.p.A, with registered offices in Via M. Fantin 1-3, 40131 Bologna.
Purposes of processing
The data shall be processed for the purposes time to time needed on the base of the service asked by CRIF’s customer. For each service asked by CRIF’s customer CRIF will provide a specific privacy notice with a detail of the applicable purposes of processing.
Ground of processing
The data shall be processed on the base of different ground of processing, in accordance with the type of service provided by CRIF. For each service asked by CRIF’s customer CRIF will provide a specific privacy notice with a detail of the applicable ground of processing.
Access to this Website may result in processing data about identified or identifiable natural persons (known as data subjects). CRIF, as data controller, shall ensure proper organisational and technical processing of data in order to protect it from unauthorised access, loss, damage, theft, unauthorised use or any other disclosure.
Data Processing Location
Personal data is processed at the premises of CRIF. The data is handled solely by persons with relevant technical skills and abilities who have been assigned specific data processing roles and made familiar with the content of the General Data Protection Regulation.
Data Processing Methods
Data is processed in a correct manner and in full compliance with the General Data Protection Regulation so as to ensure data security and protect data confidentiality. Data is processed using electronic or automated means and kept in secured systems.
Processed Data Types
The information systems involved in the operation of this Website use certain personal data during their normal operation. The transmission of this data is implicit in the use of ICP protocols. The data is not collected in order to associate it with specific entities; however, due to its nature, the processing and relation to other data possessed by third parties allow to identify the users. This data category includes IP addresses and the domain names of the computers used by the users connecting to the network, the URL addresses of the requested sources, the time the request was made, the method used in making the request and other parameters related to the user’s operating system and information environment. The data also includes information provided by cookies on the user’s hard disk – see the section below. We also collect aggregate data on Website use, such as the traffic the Website gets, the number of Website visits per day and the average time spent by users on each Website.
If a Website user decides to register to obtain access to useful information provided by the operator, we use in particular the following data: first name and surname, company name, company ID No., address, telephone number, email address and other information about the user that is necessary for us to identify the user and to know and respond to their needs.
It is at the discretion of Website users if they provide the personal data that CRIF needs to be able to provide the user with value-added information and/or other services. Failure to provide such data may make it impossible for CRIF to supply the requested information or products and services.
Use of Collected Data
Collected data may be used, for example, to meet the user’s requirements, provide useful advice and instructions, provide quotes on demand and/or process and fulfil the user’s offers. Furthermore, the data may be used to provide order status details and information on services and new content on the Website, etc.
Some operational data may also be processed to ensure the security and availability of the Website and related services. Statistical data on Website use is processed to improve the Website functionality and user-friendliness and prepare aggregate and anonymous information used for marketing and similar activities.
Recipients of Collected Data
CRIF may provide the information collected through the Website to other companies of the CRIF Group, and to third parties such as contractors or other entities that provide services (or products) demanded by the user. We may also provide these companies with aggregate statistics on visitors, transactions and other activities on the Website. Information on users may also be disclosed to other entities if it is required by the relevant law or necessary to safeguard the rights and legally protected interests of the GRIF Group members or another entity.
Privacy Protection and User Rights
The transmission of all information through the Website is encrypted. Nevertheless, CRIF provides no warranties as to the security of the transmission of information a user sends to CRIF .Any use of the Website is at the user’s sole responsibility. We also inform you that, under provisions of GDPR, on the base of lawfulness of processing and of the modalities of processing, if the conditions are met, you have the following rights: access to and rectification or erasure of personal data or the restriction of processing concerning your data or to object to processing as well as the right to data portability. Furthermore, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before this withdrawal. In these cases, requests should be sent to CRIF SpA, Via M. Fantin, 1-3, 40131 BolognaThe data subject can lodge a complaint with supervisory authority, using the following link: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524.
Data Protection Officer
For any questions regarding the processing of your personal data, please contact our Data Protection Officer, using the following contact details: e-mail: email@example.com; pec: firstname.lastname@example.org