Privacy & Cookie Policy

“PRIVACY & COOKIE POLICY” 

Provided by C.F.R. – SOCIETÀ A RESPONSABILITÀ LIMITATA, pursuant to Article 13 of EU Reg. 2016/679 and the Guidelines on cookies and other tracking tools – 10 June 2021

 

 

 

1. FOREWORD

In accordance with EU Reg. 2016/679, we hereby provide the necessary information on the purposes and methods for processing the personal data of people who visit the pages of the website of C.F.R. – SOCIETÀ A RESPONSABILITÀ LIMITATA, with its registered head office at MODENA (MO), VIA RAIMONDO DALLA COSTA No. 625, Postcode 41122, Economic Administrative Index number (REA) MO – 192317, Tax code and Business Register No. 00888490364, VAT No. 00888490364, as the data controller.

This policy should only be considered valid for this website and not for any other websites that might be consulted through links published on this website; the data controller should not be considered liable in any way for these third-party websites.

 

 

 

2. TYPES OF DATA PROCESSED

 

 

Browsing data

Purely for technical aspects and protocols, we hereby wish to inform you that: 

  • The computer systems and software procedures used to run this website might acquire certain personal data during normal use, which is transmitted using Internet communication protocols.
  • This information is not collected to be associated with identified data subjects. However, by its very nature, it might be used to identify Users by means of processing and matching with information held by third parties.
  • This data category includes IP addresses or the domain names of the computers used by Users accessing this website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the server response status (successful, error, etc.) and other parameters relating to the User’s operating system and computer set-up.
  • This data may be used to establish any liability in the event of potential cyber crimes against the website.

 

 

Cookies

Cookies are small text files which are sent to the User’s device (usually the browser) by the website they visit. They are saved on these devices so they can recognise this device when the User next visits. In fact, upon each subsequent visit, cookies are sent back to the website by the User’s device.

Each cookie generally contains: the name of the server that sent the cookie, the expiration date and a value, usually a unique number randomly generated by the computer. The server of the website that transfers the cookie uses this number to recognise the User when they return to a website or browse from one page to another.

Cookies can be installed not only by the same operator of the website visited by the user (first-party cookies), but also by a different website that installs cookies through the first website (third-party cookies) and can recognise them. This happens because there can be elements on the website visited (images, maps, sounds, links to web pages of other domains, etc.) located on different servers from the one of the website visited.

In general, cookies are categorised into different types based on their:

  A. Duration:

  • session cookies (temporary) automatically deleted when the browser is closed.
  • persistent cookies active until their expiration date or until they are deleted by the user.

  B. Source:

  • first-party cookies sent to the browser directly by the website being visited.
  • third-party cookies sent to the browser by other websites and not by the website being visited.

  C. Purpose 

  • technical cookies
  • browsing/essential/performance/process or security cookies help the website to run, for example, they let you browse pages or access protected areas. If they are disabled, the website cannot run properly.
  • functional/preference/location/session status cookies help save information that changes the behaviour or appearance of the website (preferred language, text and character size, or its geographical area). If they are disabled, the browsing experience will not work as well but it will not be compromised.
  • a) first-party or b) third-party statistical/analytics cookies with IP masking, but without data cross-referencing (similar to technical cookies in their purposes) are used to collect information and generate statistics on the use of the website to understand how visitors interact with it.
  • non-technical cookies
  • third-party statistical/analytics cookies without IP masking, but with data cross-referencing, are used to collect information and generate usage statistics, with the possible identification and tracking of the user of the website, in order to understand how visitors interact with it.
  • profiling/advertising/tracking or conversion cookies for selecting advertisements based on what is relevant to the user (targeted adverts). Profiling cookies are designed to create user profiles and are used to send advertising messages that match the preferences shown by users when browsing online.

C.F.R. – SOCIETÀ A RESPONSABILITÀ LIMITATA, has fulfilled its obligations provided for by existing legislation on personal data protection and, in particular, by the Guidelines on cookies and other tracking tools – 10 June 2021. 

We shall provide all the information below on the cookies used by this website and the instructions required on how to manage User cookie preferences. 

In particular, alongside what was previously indicated, please note that this website uses:

 

 

  • Technical cookies 

These cookies are required for our website to run properly: they are used for browsing or to provide a service requested by the User (for example, for sessions on the website to run properly, for saving specific browsing preferences and for optimising the user’s experience); they are not used for any other purposes. Without these cookies, certain operations could not be carried out or they would be more complicated and/or less secure.

 

  • Third party profiling cookies 

Users are informed that the website uses so-called “profiling” cookies. Profiling cookies are aimed at creating profiles related to the User and are used in order to improve the browsing experience on the website, in line with the preferences expressed by the User when browsing the website.

 

  • Google Maps Widget

The Google Maps Widget provides customisable interactive maps that are included on the web pages of websites that use this service. The www.cfritaly.com website includes the Google Maps Widget so the User can display the position of the C.F.R. – SOCIETÀ A RESPONSABILITÀ LIMITATA headquarters on the map. This service might involve the installation of cookies by Google (third party). However, no information is shared by the website www.cfritaly.com, where the Widget is incorporated.

More information can be found at https://www.google.it/intl/it/policies/privacy/

Therefore, the website currently uses technical cookies and, upon consent, profiling cookies: NO analytical cookies or other tracking tools are used

 

 

 

In general, in addition to the type of cookies used by this website, we would like to inform Users that, alongside the safeguards provided for by existing legislation, potential options are available for browsing without cookies, such as:

  • Blocking third-party cookies: third-party cookies are not generally essential for browsing, so you can reject them by default through the special functions on your browser.
  • Activating the Do Not Track option: the Do Not Track option can be found on most of the latest browsers. Websites designed to comply with this option should automatically stop collecting certain browsing data when this option is activated. However, as mentioned, not all websites are set up to comply with this option (at their discretion).
  • Activating “anonymous browsing”: this function lets you browse without leaving traces of your browsing data on your browser. Websites will not remember the User, the pages visited will not be saved in the history and any new cookies will be deleted. However, the anonymous browsing function does not guarantee anonymity on the Internet, because it is only used not to store browsing data on the browser, while your browsing data will still be available to website operators and connectivity providers.
  • Directly deleting cookies: there are special functions to do this on all browsers. However, you have to remember that new cookies are downloaded every time you connect to the Internet, so you need to delete them regularly. If you wish, several browsers offer automated systems for regularly deleting cookies.

If you need any more information on cookies, please see the following link: http://www.garanteprivacy.it/cookie . Furthermore, to find out how to limit, block and/or remove the cookies set on your device, we recommend visiting the following link: http://www.aboutcookies.org . As previously mentioned, Users can also manage their cookie preferences through their browser. To find out the type and version of the browser you are using, please click on “Help” at the top of your browser, where you will be able to access all the necessary information.

 

 

Data provided voluntarily by the User.

Data on identified or identifiable individuals may be processed if they consult this website. In particular, please note that this processing can be done for any personal data freely provided by Users who send the data controller their information through the addresses on the website, such as the company’s e-mail addresses, and/or by filling in the specific forms for collecting information found on the website (“Request information” form or “Work with us” form). In fact, if the user sends e-mails optionally, explicitly or voluntarily to the addresses indicated on this website, the sender’s address and any other personal data included in the message shall then be acquired in order to reply to the requests. 

Please note that, in no section of the website, or when using certain website functions, shall any “special categories of personal data” and/or “personal data relating to criminal convictions and offences” be requested, as defined by Articles 9 and 10 of EU Reg. 2016/679. If the User spontaneously sends the data controller the aforementioned type of information or more data than is strictly necessary, this processing shall be based on the data subject’s unequivocal and voluntary consent and the data controller shall process this data in accordance with existing legislation on personal data protection (EU Reg. 2016/679), solely within the limits of what is strictly necessary for the requests sent by the User concerned; otherwise, these types of data shall not be subsequently processed and shall be immediately deleted by the data controller.

In general, regarding data provided voluntarily by the User, we would like to inform Users that EU Reg. 2016/679 and Italian Legislative Decree 2003/196 et seq. (in terms of compliance with EU Reg. 2016/679) provide for the protection of individuals with regards to the processing of personal data. According to this legislation, this processing shall be based on the principles of fairness, lawfulness and transparency, protecting your privacy and rights. 

In accordance with the aforementioned Article 13 of EU Reg. 2016/679 and existing national legislation on personal data protection, we hereby provide you with the following information:

  1. Any processing which the Data Controller may carry out shall be done through an automated process and/or on paper.
  2. Users are free to provide their information by sending it to the data controller through the addresses found on the website (www.cfritaly.com) and/or by filling in specific forms for collecting information found on the website; in this case, if they do not provide certain data, it might not be possible, depending on the circumstances, to fulfil Users’ requests (for example, please see the “compulsory fields” on the information collection forms).
  3. Personal data shall be processed by people specifically appointed by the data controller as data processors (if appointed) and/or by anyone acting under their authority and/or under the data controller’s authority and who has access to personal data (Directors/partners/employees of the data controller); these persons shall only process your data if necessary in relation to the purposes for which it was provided and only within the scope of performing the tasks assigned to them by the data controller, undertaking only to process the data necessary for performing these tasks and only carrying out the operations necessary for the performance thereof. 
  1. Furthermore, personal data may be disclosed to third parties, only if this is strictly necessary and functional for providing specific services or information requested by the User. The aforementioned disclosure of data is strictly connected to normal company operations as part of handling relationships and is strictly necessary in relation to the purposes for which the data was provided. Your personal data shall not be circulated.
  2. The data controller does not currently intend to transfer personal data to a third country or international organisations. Should the data controller transfer any data abroad, this transfer shall take place exclusively in compliance with the provisions of “CHAPTER V – Transfers of personal data to third countries or international organisations” of EU Reg. 2016/679.
  3. Data shall be stored for the time necessary to fulfil the purposes for which the data was provided; data shall be stored in a form that allows the data subject to be identified for a period of time no longer than is necessary for the purposes for which it was collected or subsequently processed, after which it shall be deleted or anonymised.
  1. The personal data provided shall not be processed in order to create an automated decision-making process.
  2. If the personal data provided must be processed for other additional purposes than those mentioned above, the Data Controller shall provide you with information on this different purpose as well as any other relevant information.
  3. Data shall be processed using suitable tools and methods to ensure it is secure (Articles 24, 25 and 32 of EU Reg. 2016/679) and shall be done through an automated process and through non-automated means (paper archives), applying suitable organisational and technical measures to guarantee an appropriate level of security for the risks involved, while also permanently ensuring its confidentiality, integrity, availability and the resilience of the processing services and systems.
  4. Please note that data processing shall be based, depending on the circumstances, on specific legal grounds provided for by EU Reg. 2016/679 (the specific legal grounds for any data processing carried out shall be indicated in every information document published on the website). In general, all Users are free to provide their information by sending it to the data controller through the addresses found on the website (www.cfritaly.com) and/or by filling in specific forms for collecting data found on the website (“forms”); in this case, if they do not provide certain data, it might not be possible, depending on the circumstances, to fulfil Users’ requests (in particular, please see the “compulsory fields” on the information collection forms).
  5. The Data Controller is:

 

C.F.R. – SOCIETÀ A RESPONSABILITÀ LIMITATA

Registered head office – MODENA (MO), VIA RAIMONDO DALLA COSTA No. 625, Postcode 41122

Economic Administrative Index number (REA) MO – 192317

Tax code and Business Register No. 00888490364 – VAT No. 00888490364

Tel. +39 059250837

FAX +39 059281655

Email privacy@cfritaly.com

Certified email info@pec.cfrmotor.com

Website www.cfritaly.com

 

The data controller is based in the European Union and is not, therefore, obliged to appoint a representative.

The data controller does not currently process any data that obliges it to appoint a “Data Protection Officer”, as specified in Articles 37-38-39 and Recital 97 of EU Regulation 2016/679.

  1. The Data Controller also notes that:
  • data subjects have the right to ask the Data Controller for access to their personal data and to have it amended or deleted or to have the processing of their data restricted or to object to its processing, and they also have the right to data portability (Articles 15, 16, 17, 18 and 20 of EU Reg. 2016/679); when exercising their right of access, data subjects are entitled to obtain confirmation from the data controller of whether or not their personal data is currently being processed, while when exercising their right to portability, data subjects may obtain from the data controller their personal data in a structured, commonly used and legible format, i.e. the transfer of this data from the original data controller to another one (see WP 242 of 13/12/2016);
  • when the processing is based on Article 6(1)(a) or Article 9(2)(a), data subjects have the right to withdraw their consent at any time, without affecting the lawfulness of the processing based on consent granted before this withdrawal;
  • if data subjects believe that their personal data is being processed by the data controller in breach of the provisions of EU Reg. 2016/679, they have the right to lodge a complaint with the relevant Supervisory Authority, as provided for by Article 77 of EU Reg. 2016/679, or the right to an effective judicial remedy (Article 79 of EU Reg. 2016/679).
  • data subjects have the right to know, from the Data Controller, who must provide this information without due delay, about breaches of personal data likely to present a high risk to the rights and freedoms of individuals (Article 34 of EU Reg. 2016/679).

The full text of the Articles of EU Reg. 2016/679 on your rights (Articles 15 to 22 et seq) can be consulted at the following link found on the website of the Italian Data Protection Authority:

or, alternatively, the data controller can provide you with this information simply upon request.

Data subjects may exercise their rights at any time as provided for by existing legislation on personal data protection by contacting the data controller at the previously indicated addresses.

 

 

 

3. AMENDMENTS TO THE “PRIVACY & COOKIE POLICY” DOCUMENT

The data controller reserves the right to make amendments to this Privacy & Cookie Policy at any time, providing information about them to Users on this page. We therefore ask Users to consult this page frequently, taking the date of the latest amendment indicated at the bottom as a reference. 

If Users do not accept the amendments made to this privacy policy, they should stop using this website and ask the data controller to delete their personal data by sending a specific message to the data controller at the previously indicated addresses.

Unless specified otherwise, this Privacy & Cookie Policy shall continue to apply to personal data until it is collected. 

If Users have any questions, comments or requests regarding this privacy policy, please contact us at the following addresses:

 

EMAIL privacy@cfritaly.com

 

In any case, Users should report any difficulties encountered in displaying this Privacy & Cookie Policy, so we can potentially arrange alternative methods of providing the information.  

 

 

Document last edited

July 2022