DATA CONTROLLER

The Data Controller is the company COS.PEL. S.r.l. (VAT No.: IT02145810046), with registered office in Via Venezia, 58 – 12084 Mondovì, ITALY.

E-mail: cospel@cospel.it; Legal mail: cospelsrl@legalmail.it; Tel: +39 0174 69 85 02.

CATEGORIES OF DATA, PURPOSES AND LEGAL BASIS

Navigation data

In order to allow navigation on the website and enjoyment of the contents, the Data Controller performs the processing of some personal data whose transmission is implicit in the use of Internet protocols, such as the IP address of the device, the address of the requested resource, the date and time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), as well as a series of parameters relating to the user’s device (operating system, browser, etc.).

This data is also processed to obtain anonymous statistical information on the use of the website and to check its correct functioning.

The legal basis for the treatments listed above is represented by the legitimate interest of the Data Controller (art. 6.1.f GDPR), consisting in making the website accessible to the public and checking its correct functioning.

Data communicated by the user

The optional, explicit and voluntary sending of messages to the contact addresses of the Data Controller, private messages sent by users to profiles/pages on any social media (where this possibility is envisaged), as well as the filling in and forwarding of forms on the website, involve the acquisition of the sender’s contact data, necessary to reply, as well as all personal data included in the communications.

Specific information will be published on the pages prepared for the provision of these services.

DATA RECIPIENTS

The recipients of the personal data are the suppliers of the Data Controller’s IT services, who act as Data Processors, as well as the personnel in charge of data processing, on the basis of specific instructions given by the Data Controller.

TRANSFER OF DATA OUTSIDE THE EEA

The Data Controller does not intend to transfer the personal data collected abroad, however, should this prove necessary, such data may be processed by entities operating outside the European Economic Area only on the basis of an adequacy decision of the European Commission or other condition provided for in Chapter V of the GDPR.

RETENTION PERIOD

The storage of cookies in terminals or browsers is under your control.

Any navigation data recorded in the server logs will be stored for a period not exceeding 10 days.

RIGHTS OF DATA SUBJECTS

Interested parties have the right to:

1. access to their own data held by the Data Controller,
2. request their correction and/or deletion, if the conditions are met,
3. request the restriction of processing, if the conditions are met,
4. oppose the processing, if the conditions are met,

with direct request to the Data Controller at the above-mentioned addresses.

In the event that they believe that the processing of personal data is in violation of the European Regulation 2016/679, the interested parties also have the right to lodge a complaint to the Control Authority in which they usually reside or work (for taly: Garante per la Protezione dei Dati Personali), or to refer the matter to the competent Judicial Authority.