INFORMATION ON THE PROCESSING OF PERSONAL DATA

Who is it for?

This information is aimed at those who will use the services provided by the website www.categora.it, that is, in detail:

  1. natural persons who browse the website, even if only for consultation;
  2. natural persons who contact the company Cosmobile S.r.l. using the “Contact Us” form;
  3. natural persons who contact the company Cosmobile S.r.l. using the “Work with us” form.

In this information they will be indicated as Interested.

Who processes the data?

The data controller for all treatments carried out as a result of using the website www.categora.it is the company COSMOBILE S.R.L. (VAT number 02864441205), a company incorporated under Italian law in Minerbio (BO), in the person of its pro tempore legal representative.

As part of the treatments covered by this information, it is possible to contact the Data Controller at the following addresses:

Cosmobile Srl – Via Europa, 6 – 40061 – Minerbio (BO) – Italy info@cosmobile.com

The data are physically processed by employees and collaborators of the Data Controller, who have been previously instructed and authorized for processing.

What data are processed?

For the management of the services provided through the website www.categora.it, the following data are processed:

IP address, position, activity on the site, for navigation on the site; Name and Surname, Company, Telephone, E-mail, to get in touch with Cosmobile s.r.l .;

Where is the data processed?

The data collected through the website www.categora.it will be processed by the Data Controller at its offices, located in Italy, and by any external subjects to whom administrative, organizational or technological management is entrusted – who have been previously appointed Managers of the treatment – at its offices and branches, located in the territory of the European Union.

How are the data processed?

The data is collected from the interested party, through the use of cookies, or by sending them via online forms dedicated to contact with the company.

Once acquired, the data of the interested party is archived and stored in digital form on the computer systems of the Data Controller and / or its Data Processors.

Which cookies collect data?

The website www.categora.it uses technical cookies, which can be used without seeking the consent of the interested party, as they are strictly necessary for the provision of the service. Furthermore, third-party profiling cookies may be used, the use of which is subject to the consent given directly to such third parties by accessing the relevant information on the use of cookies. Profiling cookies can be used, by the Data Controller or by the owner of the cookie itself, to memorize the choices made by the interested party, to provide customized or optimized features or to memorize his habits and preferences shown during navigation. Consult the Cookie Policy page to see which cookies the website www.categora.it uses.

For what purposes are the data processed?

The data collected by the Data Controller are used in order to:

  • improve the use of the site and record statistics on its use, as well as profile the interested parties;
  • respond to requests forwarded by the interested party to Cosmobile S.r.l. through the website www.categora.it.

On what legal basis are the data processed?

The Data Controller will process the personal data of the interested party solely on the basis of the explicit consent of the interested party.

If the interested party withdraws their consent to the processing, the Data Controller may continue the processing for obligations deriving from the law and/or on the legal basis of their legitimate interest.

How is the data protected?

With the aim of ensuring the availability, integrity and confidentiality of information, Cosmobile S.r.l. has adopted specific IT security measures to protect information from the risk of loss or destruction, even accidental, of the stored data.

In particular, access control measures, credentials management, modification restrictions, incremental backups, anti-intrusion systems have been envisaged, both at a physical and IT level.

Is it mandatory to provide the data?

The provision of data by the interested party is mandatory in order to fulfill the requests of the interested party.

Any refusal to provide the data will make it impossible to provide the requested service, preventing the interested party from contacting Cosmobile S.r.l..

The provision of data collected through technical cookies is mandatory to navigate the site, while it is optional for analytical and profiling cookies.

Who is the data disclosed to?

The data collected and processed by the Data Controller may be disclosed to public and private entities, in compliance with current legislation or for organizational, technical or information needs related to the requests received by the interested party.

How long are the data processed?

The data collected through the website www.categora.it are stored and processed only as long as the purposes for which they were collected remain, namely:

  • in case of navigation, the data are processed for the duration specified for each cookie;
  • in the event of a contact request, the data will be processed until the request is completely processed, and in any case for a period of time not exceeding 12 months;

At the end of the period provided for each activity, the data will be destroyed or, possibly, anonymized for statistical purposes.

How are interested parties protected?

The interested party can protect himself and his personal data by exercising the rights provided for by current legislation, by sending a free form request to the Data Controller.

The Data Controller will respond as soon as possible, and in any case within one month of receipt of the request or, if further time is required to process the request, within a maximum of two months; in the latter case, the Data Controller will communicate the reasons for the delay to the interested party.

In the event that the Data Controller does not deem it necessary to process the request, it will communicate its refusal directly to the interested party within one month of receiving the request. In this case, the interested party may lodge a complaint with the supervisory authority of their country or appeal to the judicial authority of their country.

The exercise of the rights of the interested party is free, unless the requests are manifestly unfounded or repetitive: in this case, the Data Controller may charge a fee or refuse the request.

The interested party can exercise his right of access, pursuant to art. 15 Reg. 2016/679 EU, by addressing a request to the Data Controller in order to obtain confirmation that data processing concerning him is (or is not) in progress. In the same way, you can ask to know: what data are processed and for what purposes; how long they are kept; if the data have been or will be disclosed to other subjects, and possibly the identity of these subjects and the country where they are located, in addition to the existence of adequate guarantees for the transfer; the existence of the right to request the rectification, limitation or cancellation of their data; the existence of the right to object to the processing; the existence of the right to lodge a complaint with a Supervisory Authority; the existence of an automated decision-making process, including profiling, and the consequences of such processing. Finally, the interested party has the right to receive a free copy of their personal data being processed, provided that this does not affect the rights of other subjects; any further copies requested could be issued upon payment of a fee.

The interested party can exercise his right of rectification, pursuant to art. 16 Reg. 2016/679 EU, by making a request to the Data Controller in order to have inaccurate data concerning him corrected. In the same way, the interested party can request that the data processed be integrated with others, providing their own declaration to that effect.

The interested party can exercise his right to cancel, pursuant to art. 17 Reg. 2016/679 EU, by making a request to the Data Controller to delete the personal data collected and processed by the company Cosmobile S.r.l. in one of the following cases: if the personal data are no longer necessary for the purposes for which they were collected; if the interested party has revoked his consent to the processing; if the interested party has opposed the processing; if the personal data have been unlawfully processed by the Data Controller; if the data must be deleted to fulfill a legal obligation to which the Data Controller is subject; if the interested party is under the age of 16 and the persons exercising parental responsibility have not given their consent.

If the Data Controller has made the data subject’s personal data public and is obliged to delete them, he will inform any other subjects who are processing the data subject‘s data of the cancellation request, limited to the actual technical and economic possibility of this procedure.

The interested party can exercise his right to limitation, pursuant to art. 18 Reg. 2016/679 EU, by addressing a request to the Data Controller so that the data processing is limited solely to the retention of the data, without the Data Controller being able to carry out other operations, in one of the following cases: if the Data Subject disputes the accuracy of the data, for the time necessary for the Data Controller to verify; if the processing is unlawful and the interested party opposes the cancellation; if the Data Controller no longer needs to process the data but must keep them for judicial reasons; if the interested party has opposed the processing, for the time necessary to verify the balance between the rights of the interested party and the legitimate interests of the data controller.

The interested party can exercise his right of opposition, pursuant to art. 21 Reg. 2016/679 EU, at any time and for reasons related to your particular situation. This right can be exercised by sending a communication to the Data Controller if the processing is based on the legitimate interest of the Data Controller or if the data are processed for scientific research or statistical purposes.

In the event that the interested party believes that the processing of their personal data is carried out in violation of the 2016/679 European Regulation, they have the right to lodge a complaint with the supervisory authority, pursuant to art. 77 Reg. 2016/679 EU, choosing from the supervisory authorities of the Member State in which he resides, of the Member State in which he works or of the Member State in which the alleged violation has occurred.

In any case, the interested party may take action to protect their rights also by resorting to the Administrative and / or Judicial Authority of their country.

The interested party can withdraw consent to the processing of their data at any time, in the same manner in which they gave their consent or by sending a communication to the Data Controller. The withdrawal of consent will not affect the treatments already carried out, but will result in the interruption of the treatments in progress and the destruction of the data of the interested party.

Regulations and references

This information is provided pursuant to European Regulation 2016/679 and Legislative Decree 196/2003, as amended by Legislative Decree 101/2018, as well as pursuant to the General Provision of 8 May 2014 of the Guarantor Authority for the protection of personal data.

This version is effective from 01.01.2019.