The information provided below describes, as required by the EU Regulation 2016/679, the processing operations performed on the personal data of the users visiting the Crastan’s websites. Those websites include the following:
The information provided does not concern other online websites, pages or services that can be accessed via hyperlinks on the above websites, but referable to resources outside the Crastan’s domain.
The information identifies information to be provided for the collection of personal data online, and, in particular, the methods, times and nature of the information that the data controllers must provide to users when they connect to web pages, regardless the purposes of the connection.
Visiting the websites listed above may result into processing data relating to identified or identifiable natural persons.
The data controller is CRASTAN S.p.A. (hereinafter CRASTAN, or Controller) Via Maremmana, 24, Zona Industriale di Gello; 56025 PONTEDERA (PI); Tel. +39 0587/2592.1; Fax +39 0587/259299; e-mail: firstname.lastname@example.org; PEC: email@example.com., in the person of the legal representative pro tempore.
PURPOSES OF THE PROCESSING
User data are “Browsing data” and ” Data communicated by users”. The former are collected in order to allow the user the best navigation, while the latter are collected exclusively to be able to respond to the user in case of his request.
Some pages may request personal data and to this end, we inform you that failure to release personal data may make it impossible for the user / navigator to use the information and any requested service.
CATEGORIES OF PERSONAL DATA
The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.
This data category includes the IP addresses and/or the domain names of the computers and terminal equipment used by any user, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and computer environment.
These data are necessary to use web-based services and are also processed, in associate and aggregate form, in order to
– extract statistical, anonymous information on service usage (most visited pages, visitors by time/date, geographical areas of origin, etc.);
– check functioning of the services.
Browsing data are kept for no longer than seven days, except where judicial authorities need such data for establishing the commission of criminal offences.
Data communicated by users
Sending messages, on the basis of the user’s free, voluntary, explicit choice, to the Crastan’s contact addresses, or sending private messages to the Crastan’s social media pages and profiles (where this option is available), and filling in and sending the forms made available on the Crastan’s websites entail the acquisition of the sender’s contact information – which is necessary to provide a reply – as well as of any and all the personal data communicated in that manner.
Specific information notices will be displayed on the pages of the Crastan’s websites that are used for providing certain services and, depending of the nature of the service, consent could be requested for the user’s data processing.
COMMUNICATION AND DIFFUSION OF DATA
The data connected to the web services of this site will not be disclosed. Personal data may be processed by those who are needed for the provision of the services offered by the Site and for the analysis of the functioning of the Site operating as data processors, such as IT service providers (including cloud service providers): for the purposes of data analysis and storage.
In the event that the user requests the company Crastan S.p.a., Data Controller, the supply of goods or the provision of services, her/his personal data may be disclosed and processed by third parties for the provision of functional services to satisfy her/his request.
The personal data collected as above are also processed by Crastan’s staff, acting on specific instructions by Controller itself, concerning purposes and arrangements of such processing.
Specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.
Cookies and other tracking devices
OPTIONALITY OF PROVIDING DATA
Apart from what is specified for navigation data, the user is free or not to provide personal data.
Failure to provide them may in certain circumstances make it impossible to obtain the requested services.
METHOD OF TREATMENT
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
TRANSFER PERSONAL DATA
The data provided will not be transferred to countries outside the European Union or international organizations and will not be disseminated.
Any transfers of personal data to a country outside the European Union or to an international organization will take place on the basis of an adequacy decision of the Commission or, in the case of transfers referred to in articles 46, 47 or 49, second paragraph, of the European Regulation, on the basis of appropriate and opportune guarantees.
DATA SUBJECTS’ RIGHTS
Users have the right to obtain from CRASTAN, as for the Regulation n. 679/2016 the access to personal data, the correction or cancellation of the same or the limitation of the processing or to oppose the processing (articles 15 to 22 of the EU Regulation n. 679 of 2016).
For this purpose user can request the form for the management of data subject’s rights and send it, completed, to the following email box: firstname.lastname@example.org
We will respond to your request within one month from the date of receipt of the same; this term may be extended by any further two months in the case of particular complexity and the number of requests.
In case of non-compliance with the request, you can lodge a complaint with the Supervisory Authority (Garante della Privacy) pursuant to art. 77 and propose a judicial appeal pursuant to art. 79.
Last update: October 2020
When you visit a website, it may store or retrieve information on your browser, mainly in the form of cookies. Check here for your personal cookie services.