Privacy Policy

PRIVACY POLICY STATEMENT

This Privacy Policy Statement page describes the procedures for management of the www.comarkspa.it website with regard to the processing of the personal data of the Users who visit it.
The Statement is issued to those who access the site, also pursuant to articles 13 and 14 of Regulation (EU) 2016/679 (General Data Protection Regulation).
Users are urged to read this Privacy Policy Statement carefully before providing any type of personal data and/or compiling any e-form provided on the website.

1. DATA CONTROLLER
The Data Controller is Co.Mark S.p.A., in the person of its current legal representative, with registered office in Bergamo, Via Stezzano n. 87, Parco Scientifico Tecnologico Kilometro Rosso, Postcode 24126, VAT No. and Tax Code 02608530164, email info@comarkspa.it, certified email comark@pec.net

2. TYPE OF DATA PROCESSED
The data collected by this application, independently or through third parties, are: cookies, use data (e.g. domain name of the computer used by the User, country of origin, characteristics of the browser and operating system used by the User, the time connotations of the visit, etc.) and the User’s name, home or domicile address, telephone numbers and email address. Personal data may be contributed voluntarily by the User.
Unless otherwise specified, the use of cookies or other tracking tools by this application or the proprietors of third-party services used by this application is intended to identify Users and record their preferences for purposes strictly linked to the provision of the services requested by the Users. Failure by a User to enter some personal data may prevent this application from providing its services.

3. PROCEDURES FOR PROCESSING OF THE DATA
Data are processed using IT and/or telematic tools, with organisational procedures and methods strictly correlated to the stated purposes, adopting appropriate security measures to prevent unauthorised access to, or disclosure, modification or destruction of, the personal data. The data processing procedures are relevant and not excessive in relation to the type of services provided.

4. PURPOSES AND LEGAL BASIS OF THE PROCESSING
Personal data are processed for the following purposes:
a) to enable the Data Controller to issue commercial offers, agree contracts and supply its services;
b) to contact the User to reply to requests for information relating to quotations or of any other kind indicate by the heading of the contact form;
c) to produce statistical and market studies and surveys, engage in direct and indirect marketing and profiling activities, send advertising and informative material, and send commercial information;
d) to display and interact with contents hosted on third-party platforms; if a service of this kind is installed, it may collect traffic data relating to the pages on which it is installed even if the User does not use it.
e) to use data for the selection, assessment and recruitment of staff for its organisation; the contribution of data is optional and the data subject’s consent is expressed through the completely voluntary uploading of a CV in the specific section of the website.
Data subjects’ specific, separate consent is required for the systematic processing of data for direct and indirect marketing and profiling activities, and data subjects are hereby informed that any contribution of data for these purposes is completely optional and any refusal to contribute them will not have any consequences except to prevent the processing of data for the aforesaid purposes.
For processing as per point a) the legal basis is the provision of the services requested, while for the types of processing covered by points b), c) and d) the legal basis is the data party’s consent, and for type e) processing it is the performance of precontractual measures on the candidate’s request.

5. RECIPIENTS OF THE PERSONAL DATA
With regard to the aforesaid purposes, apart from the data controller, your personal data may be processed by specific categories of designated parties involved in the organisation of the Website (administrative, sales and marketing staff, and system administrators) or external parties (such as third-party suppliers of technical services, postal couriers, hosting provides, IT companies and advertising agencies), which may be designated by the Data Controller as Data Processors, if necessary.

6. DATA STORAGE PERIOD
Personal data will be stored for the time strictly necessary for the provision of the service requested by the User, or the pursuance of the specific purposes of the processing as stated above, and in all cases for no more than 10 years.

7. RIGHTS OF THE DATA SUBJECT
The User may exercise the following rights at any time:
a. To access the personal data, obtaining confirmation as to whether or not data concerning him or her are being processed and, in this case, access to the following information: the identity of the data controller and any data processors; the purposes; the procedures; the categories of data; the recipients; the storage period; the right to lodge a complaint with a supervisory authority; the right to request the rectification or erasure of the data or the restriction of the processing, or to object to the processing; and the existence of an automated decision-making process.
b. To request the rectification or erasure of the data or the restriction of data processing concerning him or her, the anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed.
c. To object partially or completely to the processing of data relating to him or her, even if such use is relevant to the purpose for which they were collected.
d. To request the portability of data, with the right, if the processing is carried out by automated means or based on consent or the fulfilment of a contract, to receive the personal data concerning him or her in a structured, commonly used and machine-readable format.
e. To withdraw consent at any time to the processing of data for direct or indirect marketing purposes, market research and profiling; the exercise of this right is without prejudice to the lawfulness of the processing prior to the withdrawal.
f. To lodge a complaint, pursuant to art. 77 of the GDPR, with the competent supervisory authority for your habitual residence, place of work or place of the alleged infringement of your rights; for Italy, the competent authority is the Data Protection Authority, which can be contacted using the contacts provided on the website: http://www.garanteprivacy.it.
The aforesaid rights may be exercised by sending a specific request to the Data Controller using the contact channels detailed in art. 1 of this Privacy Policy Statement.

8. DISCLOSURE AND CONTRIBUTION OF DATA
Except for use data, failure to contribute which implies the non-use of the website, users are free to supply their personal data and the failure to contribute them may only lead to the inability to obtain the service requested.

9. UPDATING AND AMENDMENT OF THE PRIVACY POLICY STATEMENT
The Data Controller reserves the right to make modifications to this Privacy Policy Statement at any time, notifying users of such changes on this web page. You are therefore advised to consult this page often. Users who do not accept any amendments to this Privacy Policy Statement must cease using this application immediately and may apply to the Data Controller to have their personal data deleted. Except as otherwise specified, the previous Privacy Policy Statement shall continue to apply to personal data gathered up to that point.