PRIVACY POLICY

Data Controller of the user's personal data.

CRIPPA S.p.A. is the Data Controller of personal data transmitted and is therefore responsible for the processing of data provided in accordance with applicable data protection law.  

CRIPPA S.p.A.

Registered Office: Arosio (CO), Via Buonarroti n. 3

VAT No. and Tax Code: 02989810136

Economic and Administrative Index (REA) No.: CO - 289716

 

Data storage location.
Data collected from data subjects are kept within the European Economic Area (EEA) and will not be transferred and processed in a country outside this area.

 

Those with access to personal data.

The data are utilised by personnel and collaborators of CRIPPA S.p.A. and also by partners who handle marketing and the website www.crippa.it.

 

Rights of the data subject

  1. Right of access: the data subject is entitled at any time to request information about his/her personal data in our possession.  The data subject can contact CRIPPA S.p.A., which will provide all relevant personal data by e-mail.
  2. Right of portability: whenever CRIPPA S.p.A. processes the data subject's personal data by automated means based on his/her consent, or based on an agreement, then the data subject is entitled to receive a copy of the transferred data in a structured and electronically readable format.  This includes exclusively personal data which the data subject communicates to CRIPPA S.p.A.
  3. Right of rectification: the data subject is entitled to request the rectification of his/her personal data if they are incorrect.  He/she may also ask for full data to be provided, if they are incomplete.
  4. Right of erasure: the data subject is entitled at any time to request the erasure of any personal data processed by CRIPPA S.p.A., except in the following cases: i) the data subject has a contractual relationship with CRIPPA S.p.A.; ii) the data subject has an open debt with CRIPPA S.p.A. or is in dispute with it.

We will keep data subjects' personal data pertaining to past contracts, in conformity with applicable laws.

  1. Right of opposition based on legitimate interests: the data subject is entitled to object to data processing operations which are based on the legitimate interests of CRIPPA S.p.A. CRIPPA S.p.A. will not continue to process the personal data unless it can show that a legitimate basis exists for the data processing in question, which prevails over the data subject's rights and interests, or for legal reasons.
  2. Right to oppose direct marketing: The data subject is entitled to object to direct marketing. Note, in this context, that the data subject can choose not to accept direct marketing communications by sending an email to privacy@crippa.it or by following the instructions attached to each marketing email communication.
  3. Right to limit data processing operations: the data subject is entitled to request CRIPPA S.p.A. to limit personal data processing operations in the following circumstances: i) if the data subject opposes CRIPPA S.p.A. data processing operations based on a legitimate interest, CRIPPA S.p.A. will limit all processing of such data until such time as the legitimate interest is verified; ii) if the data subject states that the personal data are incorrect, CRIPPA S.p.A. shall limit all processing of such data until the accuracy of such data is verified and the relevant changes put in place, as necessary; iii) if the data processing operations are unlawful, the data subject will be entitled to object to their erasure and, instead, ask to have their use restricted.

 

How data subjects can exercise their rights.

CRIPPA S.p.A. employs dedicated personnel to manage requests involving the rights of data subjects listed above. CRIPPA S.p.A. may be contacted for this purpose at: privacy@crippa.it

 

Right to file a complaint with a competent supervisory authority: 

If the data subject considers that CRIPPA S.p.A. is processing personal data incorrectly, he/she may contact us at the email address above.  The data subject is also entitled to file a complaint before a competent supervisory authority.

 

Updating our Privacy Policy: 

It may be necessary to update our Privacy Policy. Users will be notified of any material changes to the Privacy Policy, e.g. concerning the scope of the personal data processing, the identity of the Data Controller or the rights of data subjects.