We wish to inform you that Krema S.r.l. as Data Controller (hereinafter Data Controller) considers privacy and the protection of personal data one of the main objectives of its business, complying with the provisions of the 2016/679 European Regulation (GDPR).
Said processing complies with principles of fairness, legality and transparency and protection of your privacy and your rights.
This policy is inspired by Recommendation no. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by article 29 of Directive 95/46/EC, adopted on 17 May 2001 to identify some minimum requirements for the collection of personal data online.
- Data controller of personal data and responsible for the protection of personal data
Details of the Controller: Krema S.r.l., Via Antonio Gramsci, 3/2
42023 – Cadelbosco di Sopra – (RE), Italy, Tax ID and VAT 02633430356.
The Controller can be contacted at: email@example.com
The personal data provided by you may be processed by the employees or collaborators of the Data Controller, duly authorized for processing as provided by the GDPR. It is the responsibility of the Data Controller to give them specific instructions for the correct processing of data.
- Personal data processed
2.1 Personal and identification data
Personal data includes any information relating to an individual, identified or identifiable, even indirectly, by means of reference to any other information, including a personal identification number. Identification data includes any personal data that allows direct identification of the party concerned.
2.2 Browsing data
The IT systems and software procedures for operation of this website acquire, during normal operation, some personal data the transmission of which is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified parties concerned, but that by its very nature could, through processing and association with data held by third parties, allow identifying users.
This category of data includes IP addresses or domain names of computers used by users that connect to the website, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and the user’s IT environment.
This data is only used to obtain anonymous statistical information regarding use of the website and to verify its correct operation and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical cyber crimes against the site: at present, with the exception that the data on web contacts do not prolong for more than seven days.
2.3 Data provided voluntarily by the user
The website contains spaces dedicated to users who wish to voluntarily provide personal data, for example contact forms used to request information on the service provided by the Data Controller. The optional, explicit and voluntary sending of e-mail in the forms indicated on the website involves the subsequent acquisition of the sender’s address required to reply to requests, and any other personal data included in the message. Specific summary information is indicated on the website pages for services on request. The Data Controller is not responsible for untruthful information sent directly by users (e-mail address, for example), as well as information concerning them and that has been provided by a third party, even in a fraudulent manner. Apart from as specified for browsing data, the user is free to provide personal data on the request forms to Krema S.r.l. or however indicated in contacts with the Office to request the sending of information material or other communications. The non-conferment thereof may result in the impossibility of fulfilling the request.
Cookies are small text files that websites visited by users send and record directly on their computer or mobile device, to then be re-transmitted to the same websites at the next visit by the user.
There are various types of cookies depending on the duration, characteristics and functions. They are divided into session cookies and persistent cookies. The former are automatically deleted after the browser is closed; while the latter remain on the user’s device until a pre-established expiry date.
Technical cookies, thanks to which browsing of the website is facilitated, are cookies that keep track of the user’s actions and preferences so that they do not have to be indicated again when the user returns to visit the website. For the use of these cookies, prior consent is not required. Technical cookies include:
- analytics cookies used directly by the website administrator to collect information in aggregate form (for example the number of users);
- browsing or session cookies used for example, for authentication;
- functional cookies allow the user to browse according to the selected criteria (for example the language).
Other cookies are profiling cookies, aimed at creating profiles relating to the user and used to send advertising messages in line with the preferences expressed by the same in the context of browsing the net (for the use of these cookies, the prior consent of the user is required).
While browsing within a site, users can receive on their computer or mobile device even cookies of websites or web servers other than the one they are visiting, referred to as third-party cookies. Even these cookies require prior consent to use by the user.
On this page, it will be possible to provide prior consent to the use of profiling and third-party cookies and disable the function of all cookies in use on the website. It is recalled that disabling technical cookies may result in difficulty in browsing the website.
- Processing purposes and legal basis and consequences of non-conferment
The personal data in question is processed through the website to allow adequate browsing on the Portal. Said processing is carried out in compliance with a legal obligation established at EU level and to be able to respect a legitimate interest of the Controller, or to allow you and other users for correct browsing and experience as users of the Portal.
The conferment of personal data is however optional and related to your intention to proceed with browsing: eventual non-conferment thereof will not entail any limitation without prejudice to the possibility of proceeding with correct browsing.
The personal data in question may also be processed for promotional purposes of Krema S.r.l.
We wish to inform you that you can exercise your rights at any time, as provided by article 15 and following of the GDPR, by contacting the Data Controller via traditional or automated methods (at firstname.lastname@example.org).
Your personal data is processed by the Data Controller and possibly by third parties appointed as Data Processors, carefully selected for their reliability and competence as provided by article 28 of the GDPR.
Personal data is processed prevalently by automated tools, but also in paper form, for the time strictly necessary to achieve the purposes for which it was collected.
The Data Controller is responsible for observing specific security measures to prevent data loss, illicit or incorrect use and unauthorized access in compliance with the provisions of the GDPR.
- Communication and Dissemination
In the performance of its activities, the Controller may communicate the user’s personal data to third parties duly appointed Data Processors. These parties can belong to the following categories:
- the people, companies or professional firms that provide consultancy to the Data Controller;
- the parties delegated and/or appointed by the Controller to perform activities strictly related to the pursuit of the aforementioned purposes;
- public entities in compliance with EU laws, regulations and legislation.
The user’s personal data is also processed by the parties designated as System Administrators pursuant to the Provision of the Guarantor for the Protection of Personal Data of 27 November 2008 and subsequent amendments and additions.
Your personal data will not be disseminated by the Controller.
Any further communication or dissemination shall be subject to your explicit consent.
- Your rights
You may assert your rights as foreseen by articles 15 and following of the GDPR, by contacting the Data Controller by sending an e-mail to email@example.com. The communication must include the name, address and/or telephone numbers, to allow proper handling of the request.
You have the right, at any time, to obtain confirmation of the existence or otherwise of data and to know the content and origin, verify accuracy or request integration or updating, or correction or portability. Said article provides for the right to request cancellation, transformation into anonymous form or blocking of data processed in violation of the law, and to oppose to processing in any case for legitimate reasons. Lastly, it is recalled that at any time, you may file a complaint with a Control Authority, such as the Guarantor for the protection of personal data, respect to said processing.
If you wish to receive any information on the processing of your data, you can send an e-mail to firstname.lastname@example.org