Following access to and consultation of this Website, data relating to identified or identifiable persons may be processed. The Controller for the processing of the collected personal data is CRIF S.p.A., with registered office located at Via della Beverara 21, 40131 Bologna (BO), Italy (“CRIF”). You can contact the Controller at the above mailing address or via the following e-mail address: firstname.lastname@example.org.
The processing of data collected with reference to those who access the website is carried out at the CRIF head office, as communicated to the Italian Data Protection Authority and in accordance with the provisions of the GDPR and all other applicable laws. Personal data is processed only by specially trained employees or contractors with appropriate technical skills, and who are appointed and authorized to perform the processing.
The data will be processed lawfully and fairly, guaranteeing its security and confidentiality, according to the provisions of the GDPR and all other applicable laws. Personal data will be processed using electronic and, in any case, automated equipment.
User data may be processed for:
On the website pages where your personal data is explicitly collected, you will find, where necessary, any additional privacy specifications, as well as the methods for acquiring your consent and/or identifying any further basis for the legitimacy of the processing pursuant to Article 6 of the GDPR.
The data may be communicated to different categories of recipients, according to the service/initiative requested by the CRIF client. For each service/initiative requested by the CRIF client, a special information notice will be provided with the details of the recipients of the personal data.
Generally, the data provided by CRIF clients will not be transferred outside the European Union. However, this transfer may occur according to the individual service provided by CRIF. For each service requested by the CRIF client, a special information notice will be provided with the details of the countries to which the data will be transferred. However, should personal data be transferred outside the European Union, the transfer will be carried out in accordance with the provisions of the GDPR and all other applicable laws (as will be indicated in the information notice).
With reference to browsing data, the computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit to the use of Internet communication protocols. This information is not collected in association with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This data category includes the IP addresses or domain names of computers used by users who connect to the Website, Uniform Resource Identifier (URI) addresses of the requested resources, the time of the request, the method used to submit the request to the server, and other parameters related to the user’s operating system and computing environment. The optional and voluntary sending of e-mails to the addresses indicated on the website involves the acquisition of the user’s personal data which is necessary to respond to user requests.
The user is free to provide the personal data necessary to allow CRIF to provide services or to participate in the requested initiatives. Failure to provide the data may result in the inability of the company to provide the requested information or services.
CRIF retains the navigation data for a period not exceeding 18 months from the last interaction with the Website. For each service or initiative requested by the CRIF client, a special information notice will be provided with details of the data retention period or the criteria used to determine this period.
We hereby inform you that, pursuant to the GDPR, the user can exercise the following rights: the right to access his or her personal data, ask for the amendment or deletion of the data, or restriction of the processing. Users also have the right to oppose the processing, as well as the right to portability. In addition, users can withdraw their consent at any time, it being understood that the withdrawal of consent does not affect the lawfulness of the processing carried out up to the point of withdrawal. In any case, for each service requested by the CRIF client, a special information notice will be provided with details of the rights that can be exercised and the ways in which to exercise them. In such cases, you can exercise your rights by contacting the Controller using the following contact details: CRIF S.p.A., via della Beverara 21, 40131 Bologna (BO), Italy or writing to the following e-mail address email@example.com. The data subject can also submit a complaint to the Italian Data Protection Authority, following the instructions through the link: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524. For any questions regarding the processing of your personal data, you can contact the Data Protection Officer by e-mailing: firstname.lastname@example.org; certified e-mail: email@example.com.