Privacy policy on the
processing of personal
data pursuant to Regulation
(EU) 2016/679 of the European
Parliament and of the Council
of 27 April 2016 (GDPR)
INTRODUCTION
This information takes into account the
provisions of the GDPR and the Privacy
Code (Legislative Decree 30 June 2003
n. 196). The document has also been
drafted in accordance with the
Guidelines of the Privacy Guarantor
(especially the Guidelines for combating
spam issued by the Privacy Guarantor
on July 4, 2013).
Data Controller: CENTROMACCHINE
S.R.L. with registered office in Padenghe
(BS) Piazza Caduti, 24 (registered in the
Chamber of Commerce of Brescia at
number REA BS - 448928; P.Iva - C.F.:
02428230987; Cap. Soc.: € 20.000,00
I.V.; Email: info@marina-vintage.it; PEC:
centromacchinemmt@gigapec.it;)
Site to which this privacy policy refers:
www.marina-vintage.it (Site).
The Data Controller has not appointed a
DPO. Therefore, you may send any
inquiries directly to the Data Controller.
GENERAL INFORMATION
This document describes how the Data
Controller processes your personal
data.
The following describes the main
processing of your personal data. In
particular, we explain the legal basis of
the processing, whether the provision of
personal data is compulsory and the
consequences of not providing personal
data. To better describe your rights, if
necessary, we have specified if and when
a certain processing of personal data is
not carried out.
Site registration
The Site does not offer the possibility of
registration. Therefore, the Data
Controller does not process your
personal data for this purpose.
Purchases on the Site
It is not possible to make purchases on
the Site. Therefore, your personal data
will not be processed for this
purpose.The Data Controller does not
process the user's data to send
"reminder" emails to purchase products
and/or services from the Data
Controller.
Answering your requests
Your data will be processed to respond
to your requests for information. The
conferment is optional, but your refusal
will make it impossible for the Data
Controller to answer your questions.
The legal basis for the processing is the
legitimate interest of the Data
Controller in fulfilling your requests.
This legitimate interest is equivalent to
the user's interest in receiving a
response to communications sent to the
Data Controller.
Marketing
Subject to your consent, the Data
Controller may process the personal
data provided by you in order to send
you advertising material and/or
newsletters relating to its own products
or those of third parties. The legal basis
of this treatment is your consent. The
provision of personal data for this
purpose is purely optional. Failure to
consent to the processing of data for
marketing purposes will make it
impossible for you to receive advertising
material relating to products/services of
the Data Controller and/or third parties,
as well as making it impossible for the
Data Controller to carry out market
surveys, also aimed at assessing the
degree of user satisfaction, and to send
you newsletters. These communications
will be sent to your e-mail.
Profiling
The Data Controller does not carry out
"profiling" with your personal data.
Therefore, it will not send you
advertising material and/or newsletters
relating to its own products or third
parties of your specific interest.
Data transfer
The Data Controller does not transfer
your personal data to third parties.
Geolocalization
The Site does not implement tools to
geolocate the user's IP address.
Curriculum Vitae
It is not possible to send CVs via the
Website. Your data will therefore not be
processed for these purposes.
Communication of personal data
As part of its ordinary business, the Data
Controller may communicate your
personal data to certain categories of
subjects. In article 2 you can find the list
of subjects to which the Data Controller
communicates your personal data. In
order to facilitate the protection of your
rights, Article 2 may specify in certain
cases when your data is not
communicated to third parties.
The "communication" of personal data
to third parties is different from the
"transfer" (governed by the preceding
point). In fact, in the communication the
third party to whom the data is
transmitted can use it only for the
specific purposes described in the
relationship with the Data Controller. In
the transfer, instead, the third party
becomes the autonomous Data
Controller. Moreover, to transfer your
personal data to third parties is always
required your consent.
Without prejudice to the foregoing, it is
understood that the Data Controller
may still use your personal data in order
to correctly fulfill the obligations
provided for by the laws in force.
PRIVACY POLICY
Art. 1 Method of processing
1.1 The processing of your personal data
will be mainly carried out with the help
of electronic or automated means,
according to the methods and with the
tools suitable to ensure their security
and confidentiality in accordance with
the GDPR.
1.2 The information acquired and the
methods of treatment will be relevant
and not excessive in relation to the type
of services rendered. Your data will also
be managed and protected in secure
computer environments appropriate to
the circumstances.
1.3 Through the Site are not processed
"special data". Particular data are those
that can reveal racial and ethnic origin,
religious, philosophical or other beliefs,
political opinions, membership of
parties, trade unions, associations or
organizations of a religious,
philosophical, political or trade union,
health and sex life.
1.4 No judicial data is processed through
the Site.
Art. 2 Communication of personal data
The Data Controller may communicate
your personal data to certain categories
of subjects. The subjects to whom the
Data Controller reserves the right to
communicate your data are indicated
below:
•
The Data Controller may
communicate your personal data to
all those subjects (including Public
Authorities) who have access to
personal data by virtue of regulatory
or administrative measures.
•
Your personal data may also be
disclosed to all those public and / or
private individuals and / or legal
entities (legal, administrative and
tax, judicial offices, Chambers of
Commerce, Chambers and Offices of
Labor, etc..), if the communication is
necessary or functional to the
proper fulfillment of obligations
under the law.
•
The Data Controller uses employees
and/or collaborators in any capacity.
For the proper functioning of the
Site, the Data Controller may
communicate your personal data to
these employees and/or
collaborators.
•
The Data Controller does not use
companies, consultants or
professionals in charge of the
installation, maintenance, updating
and, in general, the management of
the Data Controller's hardware and
software. Therefore, your data will
not be communicated to these
categories of subjects.
•
The Data Controller does not use
CRM platforms (companies that
carry out the activity of sending
automated communications to users.
Therefore, your personal data are
not communicated to these
companies.
•
The Data Controller does not use
external companies to provide
customer care services. Therefore,
your personal data will not be
processed for this purpose.
The Data Controller reserves the right
to modify the above list in accordance
with its ordinary operations. Therefore,
you are invited to regularly access this
information to check to which subjects
the Data Controller communicates your
personal data.
Art. 3 Personal data retention
3.1 This article describes how long the
Data Controller reserves the right to
retain your personal data.
•
User data will be kept only for the
time necessary to ensure the proper
provision of the services offered
through the Site.
3.2 Without prejudice to the provisions
of Article 3.1, the Data Controller may
retain your personal data for the time
required by specific regulations, as
amended from time to time.
Art. 4 Transfer of personal data
4.1 The Data Controller is based within
the European Union. Therefore, the
processing of your data is safe from a
regulatory point of view as it is governed
by the GDPR. If the transfer of your
personal data takes place in a non-EU
country and for which the European
Commission has issued an adequacy
opinion, the transfer is in any case
considered safe from a regulatory point
of view. This Article 4.1 indicates from
time to time the countries to which your
personal data may possibly be
transferred and where the European
Commission has issued an adequacy
opinion.
•
You are therefore invited to access
this article regularly to check
whether the transfer of your
personal data takes place in a
country with these characteristics.
4.2 Without prejudice to what is stated
in article 4.1, your data may also be
transferred to countries outside the EU
for which the European Commission has
not issued an adequacy opinion. You are
therefore invited to regularly review
this article 4.2 to find out to which of
these countries your data may be
transferred. In order to allow for the
proper functioning of the Site, your
personal data may be transferred to the
U.S.A.. In these cases, the Data
Controller will take all appropriate
contractual measures to ensure an
adequate level of protection of personal
data, including, among others, the
Standard Contractual Clauses approved
by the European Commission on June 4,
2021.
4.3 In this article, the Data Controller
indicates the countries in which it may
specifically direct its activities. This
circumstance may imply the application
of the legislation of the country of
reference, together with that of the
GDPR.
•
At the request of the user, the Data
Controller will apply to the
processing of personal data any
more favourable legislation provided
for by the user's national legislation.
Art. 5. Your rights under the GDPR
Pursuant to art. 13 of the Privacy
Regulations, the Data Controller
informs you that you have the right:
•
to request from the Data Controller
access to your personal data and the
rectification or erasure of the same
or the restriction of the processing
thereof or to object to the
processing thereof, in addition to the
right to data portability
•
revoke consent at any time without
affecting the lawfulness of the
processing based on the consent
given before revocation
•
to lodge a complaint with a
supervisory authority (e.g. the Italian
Data Protection Authority).
The rights referred to above may be
exercised by making a request without
formalities to the contacts indicated in
the Introduction.
Art. 6. Amendments
The Data Controller reserves the right
to make changes to this policy at any
time, giving appropriate publicity to
users of the Site and ensuring in any
case an adequate and similar protection
of personal data. In order to view any
changes, you are invited to regularly
consult this policy. In case of substantial
changes to this privacy policy, the Data
Controller may give notice of such
changes also by email.
Centromacchine S.r.l.
Piazza Caduti, 24
25080 Padenghe (BS) Italy
Cel.:
Email:
P.Iva: 02428230987
Privacy