PERSONAL DATA PROTECTION POLICY (GDPR POLICY)
The Gruppo Cimbali company
(hereinafter the “Company”) takes great care to ensure the security and
confidentiality of its clients’ personal data during all business operations.
The Company is the data controller
for personal data gathered on this website.
WHAT KIND OF PERSONAL DATA
MAY BE COLLECTED
The following categories of personal
data may be collected:
Contact details –
information relating to your name, date and place of birth, tax code, address,
telephone number, mobile number, email address, VAT number and registered
information you provide in relation to your interests, including products in
which you are interested.
Other personal data – information you provide relating to your date of birth,
education or professional situation.
HOW WE COLLECT YOUR PERSONAL
The Company collects and processes
your personal data in the following circumstances:
if you contact us in order to request a course;
if you respond to one of our marketing
campaigns, for example by filling out a response form or entering your details
on one of our websites.
If you provide personal data on
behalf of somebody else, you must ensure that the person/persons in question
Please help us keep your personal data up to date by
informing us of any changes to it.
THE WAYS IN WHICH YOUR
PERSONAL DATA MAY BE USED
Personal data must only be processed on legitimate
grounds in accordance with current personal data regulations, as described
Fulfilment of contractual obligations and
related training course and event management activities.
The Company collects and processes
your data to fulfil its obligations under the contract and to allow you to
participate in training courses and/or training events.
Reason for data processing: fulfilment of contractual obligation.
Provision of data is compulsory so that we are able to respond to
your requests; if you do not provide your data, we are unable to allow you to
Marketing activities designed to respond
to your needs and provide you with promotional offers in line with your
The Company may process your contact details for
marketing and advertising purposes with the aim of informing you about
promotional initiatives related to training courses carried out using automated
contact methods (e.g. email) and traditional contact methods (e.g. telephone
The Company may also process your contact details,
interests and other personal data in order to send you commercial
communications in line with your preferences, based on a specific customer
profile, in the event that you grant your further consent for this and always within
the limits described in the relevant consent form.
Reason for data processing: consent.
Failure to provide consent will have
no effect on contractual relationships. You can withdraw your consent by
sending an email to the following address: email@example.com
Compliance with binding legal requests
and obligations, regulations and measures taken by the judicial authorities,
and to defend a right in a legal setting
The Company collects your contact
details in order to fulfil a legal obligation and/or defend one of its rights
in a legal setting.
Reason for treatment: legal obligations to which the
Company is bound to adhere.
HOW WE KEEP YOUR PERSONAL DATA SAFE
The Company employs a vast range of security measures in
order to optimise the protection, security, integrity and accessibility of your
All of your personal data is stored on our secure
servers (or as secure hard copies) or on secure servers belonging to our
suppliers or commercial partners. The data is accessible and usable in
accordance with our security standards and policies (or the equivalent
standards of our suppliers or commercial partners).
HOW LONG WE STORE YOUR DATA FOR
We only store your personal data for
the time necessary to pursue the purposes for which it was collected and for
any other legitimate related purpose. Therefore, if your personal data has been
processed for two different purposes, we will store your data until both
purposes have been fulfilled. However, once one of those purposes has been
achieved, we will no longer process your personal data for that purpose.
Only those people who need to use
your personal data for relevant purposes shall have access to it.
Where personal data is no longer necessary, or there are
no longer legal grounds for storing it, it shall be made anonymous in an
irreversible manner (and stored in this manner) or securely destroyed.
Below are the storage periods relating to the above
Fulfilment of contractual obligations: data processed in order to comply with any type of contractual
obligation may be stored for the full duration of the contract and for no
longer than ten years after the duration of the contract, in order to allow us
to deal with any outstanding matters, such as accounting documentation (e.g.
Marketing activities, including profiled
marketing, designed to respond to your needs and provide you with promotional
offers in line with your preferences: data processed for this reason may be stored for 24 months from the
date we receive your most recent consent for this purpose; for the purpose of
profiled marketing, it will be stored for 12 months.
In the event of a dispute: in the event that we are forced to defend ourselves, take action
or bring a claim against you or a third party, we may store personal data we
consider to be reasonably necessary for such data processing purposes for the
period in which such a claim may be pursued.
WHO WE CAN SHARE YOUR PERSONAL DATA WITH
Persons who may have access to your personal data
include authorised employees and external suppliers who have - if necessary -
been named parties responsible for data processing where these provide service
Please contact us by writing to firstname.lastname@example.org if you would like to see a list of parties responsible for data
processing and other individuals or companies to whom we pass your data.
The following email address can be used to contact the
Company for questions regarding personal data processing: email@example.com
For requests relating to training courses that we
provide and/or other information relating to our services, please contact us on
the following email address firstname.lastname@example.org
YOUR RIGHTS ON PERSONAL DATA PROTECTION AND
YOUR RIGHT TO MAKE A COMPLAINT TO THE AUTHORITIES
Under certain circumstances, you
have the right to ask us:
for access to your personal data;
for a copy of the personal data you have
supplied us with (data portability);
to amend data in our possession;
to delete any data where we no longer have any
legal grounds to process this;
to oppose data processing where application
regulations allow for this;
to revoke your consent, where data processing
depends on consent;
to limit the way we process your personal data,
to the extent set out by personal data privacy regulations.
These rights are subject to a number of exceptions
designed to protect the public interest (e.g. preventing or identifying crime)
and our own interests (e.g. maintaining professional secrecy). In the event
that you exercise one of the aforementioned rights, it shall be our
responsibility to verify whether you are legitimately entitled to exercise that
right. We will inform you of the outcome of this within one month.
We will make every effort to deal with your concerns
should you make any complaints or remarks regarding the way we process your
data. However, if you wish, you may take complaints or remarks to the authority
responsible for data protection at the following address: Garante per la
protezione dei dati personali - Piazza di Monte Citorio n. 121 - 00186 ROME -
Fax: (+39) 06.69677.3785 - Telephone: (+39) 06.696771 - E-mail: email@example.com - Certified e-mail: firstname.lastname@example.org.