Skip to content

DATA PROTECTION NOTICE

Pursuant to Legislative Decree no. 196 of 30 June 2003 No. 196, as amended (“Personal Data Protection Code”) and European Regulation. 679 of 2016 (the “GDPR” [General Data Protection Regulation]), CD10 S.r.l. (Tax code and VAT number 05149700287), with registered address at 35030 Selvazzano Dentro (PD), via Pelosa 78, email cd10@cd10.it, as Data Controller (hereinafter, the “Data Controller”), wishes to inform you that your personal data will be processed to handle your request to be contacted by the Data Controller.

You may describe your request for us via the “Contact us” area. However, please do not provide any data that is defined under the GDPR as special category data (such as that relating to your health status, religious beliefs, etc.).

The lawful basis of the processing is the provision of a service, pursuant to Article 6, section1(b) of the GDPR and therefore, no express consent will be required on your part for your request to be handled.

The data you provide will be processed mainly via paper means and/or computerised tools under the authority of the Data Controller, by parties that have been specifically authorised and instructed to process it (in accordance with Article 2-quaterdecies of the Personal Data Protection Code and 29 of the GDPR). We inform you that appropriate security measures are also observed pursuant to Articles 5 and 32 of the GDPR to prevent loss of data, unlawful or incorrect use and unauthorised access.

The data may be shared with the following parties, within the EU and in full compliance with the provisions of the GDPR: to organisations and/or public authorities, where this is required by law or upon their request; to external institutions, parties and companies used by the Data Controller to carry out activities connected, instrumental or consequential to the execution of the “Contact us” service; to external consultants, even when not designated in writing as Data Processors. The updated list of designated data processors can be provided upon the request of data subjects.

In the event that a Data Protection Officer is appointed (pursuant to Article 37 of the GDPR), their contact details will be posted on the website www.cd10.it.

Without prejudice to legal obligations, your personal data will be kept for a period not exceeding 6 months.

Articles 15 ff. of the GDPR cover the data subject’s right to obtain the following, in the manner and within the limits established in Article 2-undecies of the Personal Data Protection Code and Article 12 of the GDPR:

  • confirmation of the existence or otherwise of their personal data, even if not yet recorded, and disclosure of it in an intelligible manner;
  • Indication of the source of the personal data, the purposes and methods of the processing, the logic applied in the case of processing carried out with the aid of electronic tools, the identification details of the Data Controller;
  • update, rectification, addition, removal, anonymisation or block of unlawfully processed data – including those ones which do not need to be kept for the purposes for which they were collected or subsequently processed – confirmation that such activity operations have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disclosed to, except where it proves impossible or involves the use of resources that is clearly disproportionate to the protected right.

The data subject also has the right to:

  • revoke their consent (if given) to the processing of personal data at any time (without prejudice to the lawfulness of the processing based on the consent given before the revocation);
  • object to all or part of the processing of his/her personal data for legitimate reasons, even if pertinent to the purpose of their collection;
  • object to all or part of the processing of his/her personal data for the purpose of sending advertising materials, for direct sales or for market research or commercial communications;
  • lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali) in the cases provided for by the GDPR, by contacting the Garante per la protezione dei dati personali directly: Website www.garanteprivacy.it E-mail: protocollo@gpdp.it  Switchboard: (+39) 06.69677.1;
  • to the portability of personal data within the limits referred to in Article 20 of the GDPR.

The full form to exercise your rights can be download here with instructions for completion and on how to submit it to the Data Controller.