Information on the processing of personal data of website users
Articles 13 and 14 of Regulation 2016/679/EU (hereinafter also "GDPR")
Why this Notice
CMG SOLARI S.R.L. (hereinafter also "Company" or "Controller") is committed to respecting and protecting your privacy and wants you to feel safe both when simply browsing the website and when deciding to register by providing us with your personal data to take advantage of the services available to our Users and/or Customers. On this page, the Company intends to provide some information on the processing of personal data concerning users who visit or consult the website accessible online at the address www.cmgsolari.it (the "Website"). This notice is only provided for the Company's website and not for other websites that may be consulted by the user through links (for which the respective privacy notices/policies should be referred to). Reproduction or use of pages, materials, and information contained within the Website, by any means and on any medium, is not permitted without the prior written consent of the Company. Copying and/or printing is allowed for personal and non-commercial use only (for requests and clarifications, please contact the Company at the contact details below). Other uses of the content, services, and information on this website are not permitted.
Regarding the content offered and the information provided, the Company will make reasonable efforts to keep the Website's content reasonably updated and reviewed, without offering any guarantees as to the suitability, accuracy, or completeness of the information provided and explicitly disclaiming any responsibility for any errors or omissions in the information provided on the Website.
Origin - Navigation Data
The Company informs that the personal data provided by you and acquired in connection with requests for information and/or contact, registration on the website and use of services through smartphones or any other device used to access the Internet, as well as the data necessary for the provision of such services, including navigation data and data used for the eventual purchase of products and services offered by the Company but also only the so-called "navigation" data of the site by users, will be processed in compliance with applicable regulations. The computer systems and software procedures used for the operation of this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of the Internet. These are information that is not collected to be associated with identified data subjects, but which, by their very nature, could, through processing and association with data held by third parties, allow users to be identified. This category of data includes "IP addresses" or domain names of the computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the web server, the size of the file obtained in response, the numerical code indicating the status of the response given by the web server (successful, error, etc.), and other parameters relating to the operating system and the user's computer environment. These data are used only to obtain anonymous statistical information about the use of the site and to check the correct functioning of the Company's website. It should be noted that the aforementioned data may be used to ascertain responsibility in case of computer crimes against the Company's website or other sites connected or linked to it: except for this eventuality, web contact data does not persist for more than a few days.
Source - User-provided data
The company collects, stores, and processes your personal data in order to provide the products and services offered on the Website, or for legal obligations. With regard to some specific services, products, promotions, etc., the company may also process your data for commercial purposes. In such cases, specific, separate, optional and always revocable consent will be requested using the methods and contacts indicated below.
The optional, explicit and voluntary sending of email to the addresses indicated in the relevant section of the Website, as well as the completion of questionnaires (e.g. forms), communication via chat, push notifications via APP, social network, call center, etc., involves the subsequent acquisition of some of your personal data, including those collected through the use of Apps and related services, necessary to respond to requests. We also inform you that when using mobile connections to access digital content and services offered directly by the Company or by our Partners, it may be necessary to transfer your personal data to such third parties. We highlight that you may access the Website or connect to areas where you may be enabled to post information using blogs or message boards, communicate with others, for example by visiting the Company's page on Facebook ©, LinkedIn ©, YouTube ©, and other social networking sites, review products and offers, and post comments or content. Before interacting with such areas, we invite you to carefully read the Terms and Conditions of Use, considering that, in certain circumstances, the information published may be viewed by anyone with internet access, and all information included in your publications may be read, collected, and used by third parties.
Purpose of processing and legal basis
The data is processed for the following purposes:
- strictly connected and necessary for registration on the website www.cmgsolari.it, for the services and/or apps developed or made available by the Company, for the use of related information services, for managing contact requests or information, for purchasing products and services offered through the Company's website;
- ancillary activities related to the management of user/customer requests and the sending of feedback, which may include the transmission of promotional material; for the completion of the purchase order for the products and services offered, including aspects related to payment by credit card, management of shipments, any exercise of the right of withdrawal provided for distance purchases, and updates on the availability of temporarily unavailable products and services;
- related to the fulfillment of obligations provided for by European and national regulations, for the protection of public order, and for the investigation and prosecution of crimes;
- direct marketing, i.e., sending advertising material, direct sales, conducting market research, or commercial communication of products and/or services offered by the Company; this activity may also involve products and services of Group Companies and be carried out through the sending of advertising/informational/promotional material and/or invitations to participate in initiatives, events, and offers aimed at rewarding users/customers, carried out through "traditional" methods (such as postal mail and/or calls from an operator) or through "automated" contact systems (such as SMS and/or MMS, telephone calls without the operator's intervention, email, interactive applications), pursuant to Article 130, paragraphs 1 and 2 of Legislative Decree 196/03 and subsequent amendments;
Providing data for the purposes set out in points 1), 2) and 3), related to a pre-contractual and/or contractual phase or functional to a user request or provided for by specific regulatory provisions, is mandatory and, in the absence of such data, it will not be possible to receive the requested information or access the requested services. With regard to point 4) of this Policy, the user/customer's consent to the processing of data is instead voluntary and revocable at any time without consequences for the usability of products and services, except for the Company's inability to keep users/customers updated on new initiatives or particular promotions or advantages that may be available. The Company may send commercial communications relating to products and/or services similar to those already provided, in accordance with Directive 2002/58/EC, using the email or postal address provided by you on such occasions, which you may object to using the methods and contacts listed below.
Mode, processing logic, retention periods and security measures
The processing is also carried out with the aid of electronic or automated means and is performed by the Company and/or by third parties that the Company may use to store, manage and transmit the data. The processing of data will be carried out with organizational and processing logic of your personal data, also relating to the logs generated by access and use of services made available via the web, the products and services used in relation to the purposes indicated above and, in any case, in such a way as to ensure the security and confidentiality of the data. The personal data processed will be kept for the periods provided for by the applicable legislation.
With regard to data security, in the sections of the website prepared for particular services, where personal data is requested from the user, the data is encrypted using a security technology called Secure Sockets Layer, abbreviated as SSL. The SSL technology encodes information before it is exchanged over the Internet between the user's computer and the central systems of the Company, making it incomprehensible to unauthorized persons and thereby ensuring the confidentiality of the transmitted information. In addition, transactions made using electronic payment tools are carried out directly using the platform of the Payment Service Provider (PSP), and the Company retains only the minimum set of information necessary to manage any disputes. With regard to the protection of personal data, the user/customer is invited, pursuant to Art. 33 of the GDPR, to report to the Company any circumstances or events from which a potential "personal data breach" may arise, in order to allow for an immediate evaluation and the adoption of any actions aimed at countering such an event, by sending a communication to email@example.com or by contacting customer service. The measures adopted by the Company do not relieve the Customer from paying necessary attention to the use, where required, of passwords/PINs of adequate complexity, which should be periodically updated, especially if they are suspected to have been violated/known by third parties, as well as to keep them safe and make them inaccessible to third parties in order to prevent improper and unauthorized use.
The cookies stored on your terminal cannot be used to retrieve any data from your hard drive, transmit computer viruses or identify and use your e-mail address. Each cookie is unique in relation to the browser and device you use to access the Company's website or use the App. Generally, the purpose of cookies is to improve the functioning of the website and the user's experience in using it, although cookies can also be used to send advertising messages (as specified below). For more information on what cookies are and how they work, you can consult the website "All about cookies" http://www.allaboutcookies.org
Communication and data transfer areas.
In order to achieve the above-mentioned purposes, the Company may communicate and have personal data of users/clients processed, in Italy and abroad, by third parties with whom we have relationships, where these third parties provide services at our request. We will only provide these third parties with the information necessary to perform the requested services, taking all measures to protect your personal data. Data may be transferred outside the European Economic Area if necessary for the management of your contractual relationship. In this case, the recipients of the data will be required to provide protection and security measures equivalent to those guaranteed by the Controller. In the case of the use of services offered directly by Partners, we will only provide the data strictly necessary for their performance. In any case, only the data necessary to achieve the intended purposes will be communicated, and, where required, the guarantees applicable to data transfers to third countries will be applied. We may also disclose personal data to our commercial service providers for marketing purposes, who are appointed as external data processors. In addition, personal data may be communicated to competent public authorities and authorities for compliance with regulatory obligations or for the investigation of responsibilities in case of computer crimes against the website, as well as communicated to, or allocated to, third parties (as controllers or, in the case of electronic communication service providers, as autonomous controllers) who provide computer and telematic services (e.g. hosting services, website management and development services) that the Company uses to carry out technical and organizational tasks and activities instrumental to the functioning of the website. The subjects belonging to the categories listed above operate as separate Data Controllers or as Data Processors appointed by the Company for this purpose.
Rights of data subjects
You may exercise at any time the rights recognized by law, including the right:
a) to access your personal data, obtaining evidence of the purposes pursued by the Data Controller, of the categories of data involved, of the recipients to whom they may be communicated, of the applicable retention period, of the existence of automated decision-making processes;
b) to obtain without undue delay the rectification of inaccurate personal data concerning you;
c) to obtain, in the cases provided for, the erasure of your data;
d) to obtain the restriction of processing or to object to it, when possible;
e) to request the portability of the data you have provided to the Company, i.e., to receive them in a structured, commonly used, and machine-readable format, also to transmit such data to another controller, within the limits and under the constraints provided for in Article 20 of the GDPR;
In addition, you may file a complaint with the Data Protection Authority pursuant to Article 77 of the GDPR.
For the processing referred to in point 4) of the purposes, the Customer may always revoke consent and exercise the right to object to direct marketing (in "traditional" and "automated" form). The objection, in the absence of any contrary indication, will refer to both traditional and automated communications.
The Data Controller, pursuant to Article 4 of the GDPR, is CMG SOLARI S.R.L., Contrada Vore, 2.1. - 73040 MELISSANO
(LE) VAT number: 04299800757 - CF: 04299800757
The above-mentioned rights can be exercised upon request by the data subject using the methods disclosed by the Customer Service or on the Company's website, or by using the following contact details: GIANNELLI IVAN (firstname.lastname@example.org).
The use of the Website, including those intended for tablets and/or smartphones, by the Customer and/or User implies full knowledge and acceptance of the content and any indications included in this version of the notice published by the Company at the time the site is accessed. The Company informs that this notice may be modified without prior notice and therefore recommends periodic reading.
The Data Controller.
CMG SOLARI S.R.L.