This document has been written with the intention of informing Users of our Site as to the ways in which we handle data, and in particular to answer the five fundamental questions asked under the GDPR:
1) Which data do we collect?
2) Where and how are they stored?
3) How do we handle them?
4) How long do we store them for?
5) Which data do we pass on to third parties and to whom do we pass them on?
THE DATA CONTROLLER
Pursuant to the consultation of the Site the data of legally identified and identifiable persons may be handled. The data controller to this effect is Cris-Thin owned by Cristina Fossati Via Mondovì 20, 15121 Alessandria (AL), Italy.
TYPES OF DATA HANDLED
The computer systems and software procedures used for the correct functioning of this website acquire, in the course of their normal functions, some personal data, the transmission of which is implicit during the use of Internet communications protocols. These data are not gathered with the purpose of identifying the persons affected, but by their very nature, particularly if coupled with analyses and associations with data held by third parties, might enable the personal identification of the User. Under this category can be found IP addresses or domain names from the computers used by the User when he or she connects to the site, addresses noted under the URI (Uniform Resource Identifier) of the resources requested, the time of the request, the method by which the request was advanced to the server, the size of any files obtained, the numerical code indicating the response given by the server (request granted, error code etc) and other parameters pertaining to the operational system and information technology used by the user. These data are only used for gathering anonymous statistical information regarding the use of the site and to check that it is running well; such data could be used for the purposes of ascertaining responsibility in the case of online criminal offences and it is for this reason that they are stored for the time period prescribed by the law.
Data supplied voluntarily by the User
Sending data via forms or via email to the addresses displayed on this site, explicitly and of your own free will, will automatically lead to the acquisition of the sender’s address, required so as to be able to reply to requests, along with any other personal data contained within the message. Specific summary documents will be available for your perusal as and when required on the pages of the website dedicated to the specific requested services.
WHERE DATA ARE HANDLED
Data connected to the the web services of this site is handled at the abovementioned headquarters and only by the data controller or by the commercial manager of the company responsible for responding to those who have filled out the form or written to the e-mail address indicated on the site. No data deriving from web services will for any reason be communicated or otherwise given to third parties.
HOW DATA ARE STORED
The data collected are stored in two encrypted databases, access to which is password protected. The data are stored until the User activates the procedure for their cancellation, or indicates via e-mail his or her wish to have them cancelled.
ELIMINATION OF PERSONAL DATA PREVIOUSLY SUPPLIED
You may cancel data previously supplied by using the site cancellation procedure, accessible by clicking on this link.
No personal data of users is purposely acquired by the Site. Cookies are not used for the transmission of information of a personal nature, nor are persistent cookies of any kind used, ie systems for tracking users. The use of session cookies (which are not memorised in a permanent way on the computer and disappear as soon as the browser is closed) is strictly limited to the transmission of session identifiers (made up of random numbers generated by the server) which are necessary for the safe and efficient exploration of the Site. Session cookies used on this Site negate the need for other online techniques which may be more harmful for the privacy during Internet use of the User, and do not allow the acquisition of personal identification data from the User.
OPTIONAL NATURE OF DATA SUPPLY
Apart from the above regarding online data, the User is free to supply personal data via the request forms or the other contact methods indicated on the Site in order to be sent information or other communications. Failure to supply such data may result in it being impossible to meet requests.
WAYS IN WHICH DATA ARE HANDLED
Specific security measures are observed to prevent data from being lost, misused or illegally used, and unauthorized access.