Pursuant to Art. 13 of EU Regulation 2016/679 and in relation to the personal data of which C.E.T. S.R.L. (hereinafter, the “Company” or “Data Controller”) will be in possession, we wish to inform you of the following.
The data controller is C.E.T. S.R.L. STRADA STATALE 12 N. 16 41030 SORBARA DI BOMPORTO (MO) E.mail:
P.IVA – C.F. 00185220365
In the person of its legal representative pro tempore.
Purpose of data processing.
1: Processing of your Personal Data will be conducted by the Data Controller to enable you to receive newsletters, send inquiries, or contact us directly through the Data Controller’s phone numbers and e.mail addresses on the site;
The Processing of your Personal Data is therefore based on a request from you for information and/or pre-contractual or contractual activities with the owner therefore complying with Reg. EU art 6 paragraph 1 letter b.
In order to enable the Data Controller to carry out the Processing activities for the purposes mentioned above for the completion of contact forms, it will be necessary to provide Personal Data ( name – e.mail address ) Failing this, it will not be possible to proceed with the Processing of your Personal Data and, as a result, you will not be allowed to finalize your request for which a provision of Personal Data is required.
2: The Processing of your Personal Data will be conducted by the Data Controller to enable you to receive commercial information, advertising, communications of events, trade shows, new products and direct marketing from the C.E.T. S.R.L. and companies related to it; The Processing of your Personal Data is therefore based on a request by the user for explicit consent as provided by Reg. EU art 6 para 1 letter a. Any refusal to consent does not preclude activities under treatment 1. However, the right to change consent can be exercised at any time.
The data required in the
The Personal Data that will be requested from you for the pursuit of the above purposes will be those given in the contact form i.e. : name, e-mail address,.
Data related to the navigation of the site
The computer systems and software procedures used to operate this website acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected in order to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and is deleted immediately after processing.
The data could be used to ascertain liability in the event of any computer crimes against the Site.
Third parties performing part of the Processing activities and/or activities related and instrumental to the same on behalf of the Data Controller. These individuals have been appointed as data controllers, having to be understood individually by this expression, according to Article 4 under 8) of the Regulations, “The natural or legal person, public authority, service or other body that processes Personal Data on behalf of the Data Controller” (hereinafter the “Processor“);
Individuals, employees and/or contractors of the Data Controller who have been entrusted with specific and/or multiple Processing activities on your Personal Data. Such individuals have been given specific instructions regarding the security and proper use of Personal Data and are defined, in accordance with Article 4 at 10) of the Regulations, as “persons authorized to process Personal Data under the direct authority of the Data Controller or Data Processor” (hereinafter the “Authorized Persons“).
Where required by law or to prevent or suppress the commission of a crime, your Personal Data may be disclosed to public bodies or judicial authorities without them being defined as Recipients. In fact, according to Article 4 at 9), of the Regulation, “public authorities that may receive communication of Personal Data as part of a specific investigation in accordance with Union or Member State law are not considered Recipients.”
Mode of data processing.
Processing will be carried out in automated and/or manual form, in accordance with Art. 32 of EU Regulation 679/2016 on security measures, by specially authorized individuals and in compliance with the provisions of Art. 29 of the Regulation.
Your personal information is not subject to dissemination
Data profiling and/or automated decision making.
Your personal data are not subject to profiling and/or automated decision making.
Transfer of data abroad.
Personal Data will be processed by the Data Controller within the territory of the European Union.
Should it become necessary for technical and/or operational matters to use entities located outside the European Union, we hereby inform you that such entities will be appointed as Data Processors pursuant to and for the purposes of Article 28 of the Regulations and the transfer of your Personal Data to such entities, limited to the performance of specific Processing activities, will be regulated in accordance with the provisions of Chapter V of the Regulations. All necessary precautions will then be taken to ensure the fullest protection of your Personal Data by basing such a transfer: (a) On adequacy decisions of third country recipients made by the European Commission; (b) on adequate guarantees expressed by the third party recipient pursuant to Article 46 of the Regulations; (c) On the adoption of corporate binding rules, so-called corporate binding rules.
In any case you can request more details from the Data Controller if your Personal Data has been processed outside the European Union by requesting evidence of the specific safeguards adopted.
Processing by cookies
Data retention period.
One of the principles applicable to the Processing of your Personal Data concerns the limitation of the storage period, regulated in Article 5(1)(e) of the Regulation, which states “Personal Data shall be retained in a form which permits the identification of Data Subjects for a period of time not exceeding the achievement of the purposes for which they are processed; Personal Data may be retained for longer periods provided that they are processed solely for archiving purposes in the public interest, scientific or historical research or statistical purposes, in accordance with Article 89(1), subject to the implementation of appropriate technical and organizational measures required by this Regulation to protect the rights and freedoms of the Data Subject“.
In light of this principle, your Personal Data will be processed by the Data Controller only to the extent necessary to fulfill the purpose set forth in Section 1 of this Notice. In particular, your Personal Data will be processed for a period of time equal to the minimum necessary as indicated by Recital 39 of the Regulation, i.e., until the termination of the existing contractual relationship between you and the Data Controller subject to an additional retention period that may be imposed by law as also provided for in Recital 65 of the Regulation.
With respect to processing carried out to achieve the purposes set forth in the point 2 of this Notice, the Data Processors may lawfully process your Personal Data until you communicate, in one of the ways provided in this Notice, your wish to withdraw your consent to any or all of the purposes for which you have been asked. Any revocation of consent will, in effect, require the Data Controller to cease processing activities of your Personal Data for these purposes.
Rights of the data subject
The Regulations give individuals whose personal data are processed specific rights, including:
- (a) to obtain confirmation of whether or not personal data concerning him or her are being processed and to obtain access to them (Art. 15 of the Regulations);
- (b) obtain rectification of inaccurate personal data (Art. 16 of the Regulations);
- (c) obtain the deletion of any personal data concerning him or her, in observance of the right to oblivion (Art. 17 of the Regulations);
- (d) obtain restriction of processing by the Controller (Art. 18 of the Regulations);
- (e) obtain their personal data in a structured, readable, and understandable form, as well as obtain that such data be transmitted to another data controller without hindrance (Art. 20 of the Regulations);
- (f) object to the processing of their personal data (Art. 21 of the Regulations).
Right to join a supervisory authority.
You have the right to appeal to the supervisory authority (Privacy Guarantor) at any time, if they believe that the processing of their data is done in an unorthodox manner.
You may revoke the consent given to the Data Controller at any time, without such revocation affecting the processing carried out up to that point by the Data Controller.
You may exercise your rights by written request sent to the Company, either to the mailing address of the registered office or to the email address listed above.
This policy may be subject to change over time – including related to the possible enactment of new industry regulations, the updating or delivery of new services, or to intervening technological innovations – so we encourage you to consult this page periodically.