PRIVACY POLICY
This Privacy Policy is intended to describe the management of the website, the
newsletters and the services (hereafter "Services") owned and managed by the
company PISTELLA, with reference to the processing of personal data of users /
visitors who they consult it and / or they are registered.
CIR S.r.l. treats all personal data of users / visitors of the services offered, in full
compliance with the provisions of the European Regulation 679/2016.
The protection of your personal data is very important to us. We would
therefore like to inform you in the following pages about the data collected
during your visit and the purposes it is used for.
The ongoing further development of technology, changes in our services or
the legal situation as well as other reasons can require adjustments of our
data protection notice. We therefore reserve the right to change this data
protection declaration at any time and ask you to regularly inform yourself
about the current status.
1 BASIC INFORMATION ON DATA HANDLING
1.1 Extent of the personal data processing
We fundamentally collect and use the personal data of our users only
insofar as this is required for the provision of a functional website and of
our contents and services as well as for the implementation of our business
purpose. As a rule we collect and use the personal data of our users only
after the user has given his/her consent. Exceptions apply in such cases
where it was not possible to obtain prior consent for factual reasons and
where the processing of the data is permitted because of statutory
requirements.
1.2 Purposes and legal basis for the processing of personal data
We process personal data only to fulfil our contractual obligations or to
preserve our overriding legitimate interests. Our legitimate interests are the
implementation of our business purpose.
Insofar as we obtain consent from the data subject for processing
operations of personal data, Article 6, paragraph 1, sentence 1 lit. a EU
General Data Protection Regulation (EU-GDPR) serves as the legal basis for
the processing of personal data.
In the processing of personal data required to perform a contract of which
the contractual party is the data subject, Art. 6 paragraph 1 sentence 1 lit. b
GDPR serves as the legal basis. This also applies to processing operations
that are necessary to carry out pre-contractual measures.
Insofar as processing of personal data is required to fulfil a legal
requirement that our company is subject to, Art. 6 paragraph 1 sentence 1
lit. c GDPR serves as the legal basis.
In the case that vital interests of the data subject or another natural person
make the processing of personal data necessary, Art. 6 paragraph 1
sentence 1 lit. d GDPR serves as the legal basis.
If processing is required to protect a legitimate interest of our company or
of a third party and the interests do not override the interests, fundamental
rights and freedoms of the data subject of the first-named interest, Art. 6
paragraph 1 sentence 1 lit. f GDPR serves as the legal basis for the
processing.
1.3 Categories of recipients and personal data, origin of the same; data
transmission
Insofar as nothing to the contrary is stated in the following sections, no
forwarding of your data to third parties takes place, unless we are legally
obliged to do so, or the data transmission is required to perform the
contractual relationship or you have previously given your explicit consent
to the forwarding of your data. External service providers and partner
companies, such as, for example, online payment providers or the shipping
company tasked with the delivery, only receive your data insofar as it is
necessary for the execution of your order. However, in these cases the
extent of the transmitted data is restricted to the minimum required.
Insofar as our service providers come into contact with your personal data,
we assure that the regulations of the data protection laws are observed in
the same manner. Please also observe the data protection notices of the
individual providers. The individual service provider is responsible for the
contents of third party services, whereby we verify as far as can be
reasonably expected that the services observe statutory requirements.
1.4 Transmission to third countries
Essentially we do not forward personal data to recipients in third countries
(i.e. countries outside of the EU). Should data be forwarded to recipients in
third countries, we assure not only that we will obtain the permission
required for the forwarding, but that the third country recipient also assures
an adequate level of data protection (or derogations for specific situations
pursuant to Art 49 paragraph 1 GDPR applies).
1.5 Data security
We have taken extensive technical and organisational precautions to protect
your data from accidental or intentional manipulation, loss, destruction or
access by unauthorised persons. Our security procedures are regularly
checked and revised to take into account technological progress.
1.6 Data deletion and storage periods
The personal data of the data subject is deleted or blocked, as soon as the
purpose for which it was stored no longer applies. Storage can also be
effected if this was required by the European or national legislators in
European Union regulations, laws or other stipulations that the person
responsible is subject to. The data is also blocked or deleted if a statutory
storage period prescribed by the cited standards expires, unless there is a
need for continued data storage for the purposes of a conclusion or
performance of a contract.
1.7 Legal basis for data processing
The legal basis for the temporary storage of the data and the logfiles is Art.
6, paragraph 1, sentence1 lit. f GDPR.
2 Contact
First-Party Cookies
This type of cookie is set by the website that the user visits. Only this website is
permitted to read the cookie information.
