WEBSITE POLICY PURSUANT TO THE PROVISIONS OF ART. 13 AND 14 OF EUROPEAN REGULATION 2016/679 (GDPR)
Privacy Policy
Specific summary information will progressively be indicated or displayed on website pages dedicated to particular services on request requiring the submission of data collection forms. We also inform you that, to provide a complete service, our website may contain links to other websites, not managed by CISALPINA TOURS SPA. CISALPINA TOURS SPA is not responsible for errors, contents, cookies, publication of illegal moral content, advertising, banners or files that do not comply with the laws in force and the respect of Privacy laws by sites not managed by the Controller.
CISALPINA TOURS SPA, in its capacity as Data Controller of your personal data, pursuant to and in accordance with articles 13 and 14 of European Regulation 2016/679, hereby informs you that the aforementioned regulation establishes the protection of data subjects as regards personal data processing and that said processing shall be grounded in the principles of propriety, lawfulness, transparency and shall ensure the protection of your confidentiality and rights. Personal data and information submitted by you or otherwise acquired while using the website shall be processed in compliance with provisions set forth in the aforementioned legislation and confidentiality requirements established therein.
DATA SUBJECTS AND STORAGE TIME
users (navigators) of cisalpinatours.it website
Type of data processed
- Navigation Data: IP addresses or domain names of computers and other devices used by users who connect to the site; URI (Uniform Resource Identifier) addresses of requested resources and any time indications thereof; parameters relating to the user’s operating system and IT environment; start and finish pages; Navigation index and identification behaviour during display of website pages.
- Personal data provided voluntarily by the user: the optional, explicit, voluntary sending of emails to the addresses provided on this website and the compilation of forms it contains implies the subsequent acquisition of the sender’s personal data (for example, name, surname and e-mail address). Specific, summarised information is provided on the pages where forms are available.
Purpose of processing: your data collected during browsing will be processed for the following purposes.
- performance of operations closely related and instrumental to the management of relations with users or with visitors of the website;
- collection, storage and processing of your data for statistical analyses, also in anonymous and/or aggregate form; statistical analyses aimed at verifying the quality of the services offered by the site;
- sharing with social network managers the interaction achieved and the Usage Data relating to the pages where cookies are installed which integrate software functions or products
- improving browsing experiences in order to send advertising messages and services in line with the preferences expressed during browsing.
Data processing for fulfilling purposes stated in point 1 is necessary in order to fulfil your request and any refusal may limit and/or prevent full use of functionalities and services available on the website. The provision of data specified in purpose 2, 3 and 4 is optional on the legal basis of consent, and any objection to processing shall not affect the functionality and services on the website. Consent is provided in the brief policy by clicking on the word “ALLOW ALL COOKIES” inside it. With regard to the optional provision of data, more information is provided on the cookies present on the site in the cookie policy document, which can also be accessed from the brief policy. You can change your consent at any time by accessing the “Review your cookie choices” area in the footer of the website.
The navigation data are stored for the time frames specified in the cookie policy, which is available on the site.
COOKIES AND OTHER TRACKING SYSTEMS
Your data are also acquired by means of tools and services provided by third parties and stored by the same. For further information, please read the cookie policy.
Please note that CISALPINA TOURS SPA is merely an intermediary for the links indicated in the cookie policy and cannot be held in any way responsible in the event of any modifications.
C) “Information request” contact us user section
By filling out the forms accessible in the “contact us” section, your personal data (name, surname, e-mail address, country, etc.) will be used to respond to your information request. Provision of data for this purpose is the fulfilment of your request. The legal basis for the processing is Article 6.1.b) of the GDPR.
Your data will be stored for the time frames necessary to provide the service you have requested.
D) Staff recruitment purposes – “work with us”
By filling out the forms accessible in the “work with us” section, your personal data for the management of a possible employment relationship. The provision of data for these purposes is optional, but your refusal to provide them will prevent the Controller to accept your CV. The Curriculum must contain only data of an identifying nature, which will be processed within the limits strictly pertinent to the obligations, tasks and purposes indicated. Please remember that unless strictly necessary, please do not communicate any special type of data Art. 9 of the GDPR (e.g. health status, racial and/or ethnic origins, trade union membership, religious beliefs). If communicated, it will be up to the Data Controller which ones to keep and which ones to delete. Your data will be kept for the time required to provide the service you have requested. Your data will be kept for a period not exceeding 2 years.
PERSONAL DATA PROCESSING METHODS
Your personal data will be processed manually, electronically and/or telematically, through the use of cookies (as indicated in the cookie policy available on the site), and through automated contact methods (e.g. automated campaigns involving sending e-mails. Phone calling, social etc), in compliance with the procedures indicated as per articles 6, 32 of the GDPR and through the adoption of the appropriate security measures provided.
In order to compare and possibly improve the results of communications, the Data Controller uses systems for the sending of newsletters and promotional notifications with reports. By means of said reports, the Controller can find out, for example: the number of readers, openings, one-time “clickers” and clicks, devices (iPhone, Blackberry, Nokia …) and operating systems (Windows, Apple, Linux, Android …) used to read the communication; details on the activity of individual users; details of e-mails sent according to date/time/minute; details of emails delivered and otherwise, of forwarded e-mails; the list of those who unsubscribed from the newsletter; who opened an e-mail or clicked on a single link; users who experienced problems in viewing the message; link tracking (i.e. the number of clicks on the links in the message); click tracking (which links were clicked and by whom). All these data are used for the purpose of comparing, and possibly improving, the results of communications.
MEDIA PLATFORM
CISALPINA TOURS SPA may also provide links to other social media platforms which lead to servers installed by individuals or organisations over which it has no control. CISALPINA TOURS SPA provides no representation, nor does it take any responsibility for the accuracy or any other aspect of the information available on such sites. The link to a third-party website cannot be understood as validation, on behalf of CISALPINA TOURS SPA, nor on behalf of the said third party, of the products and services of others or of the said third party. CISALPINA TOURS SPA does not issue declarations or guarantees as to the use or filing of the user’s data with third-party sites. We invite our users to examine the privacy policy that governs the third-party sites linked to our website carefully to have a complete view of the possible use of your personal data.
RECIPIENTS OF PERSONAL DATA AND DATA DISSEMINATION
Your data will be processed by duly authorised staff and will be disclosed to companies acting in their capacity as autonomous Controller or Data processor:
- external entities providing in-cloud services;
- Supplier providing IT service management services, including server hosting and backup services;
within the scope of public and/or private entities to which data disclosure is compulsory for the fulfilment of legal requirements, or functional for relations administration purposes.
You may request the full list by writing to the Controller Your data will not be distributed.
TRANSFER OF PERSONAL DATA
Your data is stored in countries belonging to the European Union. For data processed by cookies only, your data will be transferred to countries outside the European Union as indicated in the cookie policy of the companies providing the third-party cookie services. For more information, contact rpdcis@cisalpinatours.it.
You also have the right to lodge a complaint with the Supervisory Authority
MINORS
The Website is not intended for use by minors and no data from minors is collected by the Controller. In the event that the Data Controller is aware of the collection of such data (e.g. via the contact form) it will delete it immediately. The Controller will respond to requests for information in accordance with applicable laws. Please note that the person exercising parental responsibility is obliged, in the case of requests for information, to provide us with consent to the collection of the minor’s personal data.
TRANSFER OF PERSONAL DATA
Your data is stored in countries belonging to the European Union. For data processed by cookies only, your data will be transferred to countries outside the European Union as indicated in the cookie policy of the companies providing the third-party cookie services. For more information, contact rpdcis@cisalpinatours.it.
You also have the right to lodge a complaint with the Supervisory Authority
DATA CONTROLLER
The Data Controller is CISALPINA TOURS SPA, con sede legale in C.so Moncenesio 41 , 10090 Rosta (TO); P. IVA: 00637950015) ) in the person of its pro tempore Legal Representative You have the right to obtain from the Data Controller the erasure (right to be forgotten),
limitation, updating, rectification, portability, objection to the processing of personal data concerning you, and in general rpdcis@cisalpinatours.it you can exercise all the rights provided for in Articles 15, 16, 17, 18, 19, 20, 21, 22 of European Regulation 2016/679 by sending an e-mail to rpdcis@cisalpinatours.it You also have the right to lodge a complaint with the Supervisory Authority
APPLICATION OF THE POLICY HEREIN
If you have any doubts regarding this Policy, please contact CISALPINA SPA by sending an e-mail to rpdcis@cisalpinatours.it
AMENDMENTS TO THIS POLICY
CISALPINA TOURS SPA reserves the right to update this policy in order to adapt it to any changes in the law and with due consideration of any suggestions submitted by employees, customers, associates and users. In the event of amendments on the part of CISALPINA TOURS SPA, the Privacy Policy on the main page of privacy and on the Homepage of Cisalpinatours.it website will promptly be updated.
RIGHTS OF DATA SUBJECTS
EU Reg. 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22 – Rights of the data subject
- The data subject is entitled to obtain confirmation as to the existence or otherwise of personal data concerning them, even if said data is yet to be recorded, and the disclosure of said data in an intelligible form, as well as to lodge a complaint with the Supervisory Authority.
- The data subject has the right to receive the following information:
- the source of personal data;
- the purposes and processing methods;
- the logic applied in the event processing is carried out by electronic instruments;
- the identification details of the data controller, of the processors and of the appointed representative according to art. 5, para. 2;
- the subjects and categories of subjects to whom the personal data may be disclosed or who may become aware of said data in their capacity as designated representative in the country, as data processors or personnel authorised to process personal data.
- The data subject is entitled to obtain:
- the updating, rectification or, if interested, the integration of data;
- the erasure and transformation into anonymous form of any unlawfully processed data or data blocks, including those whose retention is not required in relation to purposes for which data were collected or successively processed;
- certification that operations specified in letters a) and b) have been disclosed, together with their content, to the people to which data has been disclosed or provided, unless this proves impossible or requires the use of means clearly disproportionate to the right being protected;
- data portability.
- The data subject is entitled to raise a total or partial objection:
- for legitimate reasons, to the processing of the personal data concerning them, even if pertaining to the purpose of collection;
- to the processing of personal data for the purpose of sending advertising materials or making direct sales or for carrying out market surveys or sales communications