CHIORINO Technology S.p.A. | fibercuir | microtech | dermahtech

Privacy Policy

Dear Firm,
the document you are reading is our privacy information notice, prepared with respect for the new European Union general rules on data protection EU 2016-679 (otherwise known as GDPR) and relative provisions for fulfilment at national level.
This regulation has been established to harmonise and reinforce individuals’ right to privacy and constitutes the guideline in our daily commitment to provide quality, transparency and security with particular attention to methods of processing of your personal data which, with you consent, we have obtained in order to provide you with our services.


  1. Who will undertake the processing as set out in the regulation?

Chiorino Technology spa with registered offices in in via F.lli Gabba, 1/A, Milan, VAT registration and tax code 02181730025 is the Data Controller (henceforth the Controller) of your personal data and therefore holds the power to take decisions, give instructions and undertaken controls in relation to the actual purpose of the processing.


The Controller will employ Data Processers (henceforth Processors) who can be individuals, corporations, government bodies or any other organisation, body or association employed by the Controller to achieve their data processing goals.


This document will allow you to share your personal data or specific purposes. The regulations will indicate that you are Interested, which grants you new and specific rights.



  1. What personal data do we collect and how do we use it (purpose)

In order to fulfil legal obligations and manage contractual relationships, as well as for any communications form the Controller, you accept that our firm collects some of your common (and not individual) personal data, such as, for example (not a complete list):


  • Business name, name (s) and surname(s) of business contacts, address, VAT registration and tax code, land line and/or mobile, fax, email address, IBAN and bank/postal account details (not including credit card numbers) and other data required for the processing described below;

Individuals under the age of 16 cannot provide us with personal data and, in any event, we take not responsibility for any false declarations supplied to us. If we were to become aware of false declarations, we would proceed with immediate cancellation immediate all personal data obtained.


Moreover, if you provide personal data for third parties, such as your family members or friends you must be sure that these individuals have been adequately informed and have consented to the relative processing according to the methods described by the information note.


The aforementioned data is obligatory exclusively for the processing necessary for purpose A and B. Any refusal makes management of the commercial relationship impossible. For purposes C and D, any refusal to provide consent will not have negative consequences for maintenance of the commercial relationship, although it may limit some of its parts. Therefore please evaluate your choices, point by point.


#

Purpose of the processing

Period of holding

Legal basis

A

Registration of data and management of requests for contact and/or information material, in particular:

processing of the interested party’s personal data to commence preliminary activity and activity arising from the data registration request, management of requests of information and of contact and/or sending information material, as well as fulfilment of all other associated obligations.

5 years of inactivity unless previous consent is revoked

Fulfilment of services rendered, based on the established relationship, the respect of legal obligations and the Controller’s legitimate interest.

B

Management of the contractual relationship, in particular: processing of the interested party’s personal occurs to commence preliminary activity following purchase of a service and/or product, management of the relative order, providing the service itself and/or production and/or shipping of the product purchased, relative invoicing and payment management, processing of complaints and/or comments to the assistance service and providing the actual assistance, prevention of fraud, as well as fulfilment of every other obligation deriving from the contract.

10 years or more in case of legal dispute

Fulfilment of services rendered, based on the established relationship, the respect of legal obligations and the Controller’s legitimate interest.

C

Promotional activity for services/products similar to those purchased by the Interested party (considering GDPR 47), in particular: even without your explicit consent, the Data Controller can use the contact data provided by the interested party, for direct sales of their services/products, as long as these are services/products similar to those originally sold, unless the interested party explicitly denies their consent.

5 years of inactivity unless previous consent is revoked

Controller’s legitimate interest.

D

Commercial promotion of services/products different from those purchased by the interested party, in particular: the personal data of the interested party can also be processed for commercial promotion purposes, surveys and market research concerning the services/products offered by the Controller only if the interested party has authorised the processing and does not object to this. If the processing is undertaken through contact with a telephone operator, the Interested party cannot be on the register of objectors as set out in Presidential Decree n. 178/ 2010;

5 years of inactivity unless previous consent is revoked

Controller’s legitimate interest.

E

Within the limits strictly necessary for execution of the contractual relationship, our personal data could be requested by third parties (such as for example our commercial agents, suppliers of products and/or services, …) also located outside the European Union. Any transfer to these parties outside the EU is regulated by specific contracts which oblige the recipient to respect adequate guarantees as set out in current regulations which however require your consent to be shared.

5 years of inactivity unless previous consent is revoked

Controller’s legitimate interest.

The aforementioned activity shall involve processing of your personal data that may consist in not only data collection, but also registration, holding, modification, sharing, cancellation and holding in hard and/or soft copy with manual and/or electronic instruments.


Your personal data will also be protected by adequate security measures, as set out in current regulations, with particular attention to security measures set out in the GDPR (art.32) for processing through electronic, manual and automatic instruments and held for the amount of time strictly necessary to satisfy the aforementioned purpose.



  1. Recipients of personal information

Your personal information may be communicated, insofar as it is within their specific competence, internally to the Controller and to the Authorized subjects, and externally to Third parties appointed as Supervisors of the processing, on whom the Controller imposes the respect of security measures equal to those adopted in relation to the person concerned, narrowing the perimeter of action of the Supervisor to the processing connected with the service required.
Within the limits strictly necessary for the execution of the contractual relationship, your personal information may be required by third parties (such as, by way of example, the suppliers of products and/or services) located both in the European Union and outside it. Any transfer to subjects outside the EU is regulated by specific contracts to impose on the recipient the respect of the adequate guarantees covered by the legislation currently in force.


  1. Further information required to ensure correct and transparent processing


  • You have the right, at any time, to ask us to see the personal data we have collected about you, ask us to correct it and/or cancel it (in conformity with the period of holding indicated at point 2) and limit any processing by fully or partially revoking the consent you have provided to us. You can also request data portability (if applicable). You can exercise your rights by making a request to the Data Controller with an email sent to: privacy@chiorinotechnology.com or, alternatively, a letter sent to the Data Controller at our operational headquarters in via Padre Greggio, 12 - 13900 Biella. We will reply to you without delay in a clear and comprehensible fashion.


  • You also have the right to bring a complaint to the Italian Data Protection Regulator.


  1. Website

Our website can collect user data, such as:

  • Navigation data: data such as the user’s IP address, time of the request for access to the site, the method used to subject the request to the server, the results of the same, data inherent to the user’s environment (operating system, browser, language, original geographical area...)

  • Data provided voluntarily by the user: the optional sending of data through email addresses, forms or other similar services present on the site involves the subsequent acquisition of all this data by the recipient.

  • Specific data: the European Regulation (Art. 9) on the protection of personal data defines as specific categories of personal data those which reveal racial or ethnic origin, political opinions, religious or philosophical convictions or union membership, as well as genetic data, biometric data which can unequivocally identify the individual, data relative to health or sexual activity or an individual’s sexual orientation. The site does not process these kinds of data. Users are requested not to provide such data, not even voluntarily.

The purpose and method of processing such data can be summarised as follows:

  • execution of any pre-contractual, contractual and post-contractual obligations;

  • fulfilment of legal obligations;

  • fulfilment of managerial, administrative, accounting and tax obligations;

  • preparation of statistics which cannot be used for identification purposes.

The aforementioned data will be processed with electronic instruments, mainly automated, for the amount of time strictly necessary to achieve the objectives for which they are collected. Specific security measures are observed to prevent loss of data, illicit or incorrect use and un-authorised access.

The mechanisms used for the acquisition of such data are:

  • Forms and other instruments for collecting content form the user

The purpose of such instruments is to allow the user to contact the site managers (or even other users) or to make use of the content of the site itself and the services it offers. Provision of the data is optional but any refusal to provide data will make it impossible to enjoy the functions of the site requesting it.

  • Cookies

A cookie is a file saved on the user’s terminal in order to memorise preferences, data and information relative to navigation and use of the website and to save such information for subsequent visits to the website. The page allows the user to refuse use of the cookie. This refusal can determine a different level or different quality of use of the site and its services. With the exception of cookie profiles, if present, notification will be made that continued navigation (for example, access to another area of the site or choosing an image or link) requires consent to use of the cookie. The following cookies are used on the site:

Technical cookies

The technical cookies are those used only to send notifications on an electronic communication network, or in so far as strictly necessary for the provider of a company service to provide the information explicitly requested by the user, in order to grant the said service. They are not used for further purposes and are normally installed directly by the website controller or manager. They can be divided into the following categories:

  • navigation or session cookies, which guarantee normal navigation and enjoyment of the website (for example, allowing a purchase to be made, or access to reserved areas);

  • cookie analytics, similar to technical cookies when used directly by the site manager to collect aggregate information regarding the number of users and how they visit the site;

  • functional cookies, which allow the user to navigate according to a series of criteria chosen (for example, language, products chosen for purchase) to improve the service provided to them.

Cookie profiles

Cookie profiles are used to create user profiles and used in order to send advertising messages according to the preferences indicated by the user in the context of navigation on line. Due to the specific invasive nature that such systems can have in the user’s private sphere, European and Italian law provides that the user must be adequately informed regarding use of cookie profiles and thereby express their valid consent.

Third party cookies

Some services provided by third parties (Google, Zopim, service providers...) allow third parties to install cookies on the user’s terminal. The purpose of such cookies can vary from ensuring access or the best enjoyment of the services to collecting user data. Data collected through cookies is not processed by the site controller. All cookies used by the website are indicated below.

Technical cookies used:
  • PHP session cookies (PHPSESSID) are memorized temporarily and will be cancelled when the user closes the browser. If the user is registered on the site, Chiorino Technology spa can use cookies which collect personal data in order to identify the user on subsequent visits and facilitate access (for example, site log in, saving the user’s username and password) and navigation on the site.

  • Cookies for viewing banners (re-visited) assist with user’s navigation and avoid the banner indicating the presence of cookies on the site to re-appear. Activated by clicking “accept” on the banner or navigating on the site.

Cookie profiles used:
  • The site does not use cookie profiles.

Third party cookies used:

The site uses third party services that can require installation of cookies on the user’s terminal. Moreover, the third parties providing such services and choose to send the user on line advertising with the information collected through such cookies. Please refer to the privacy and cookie policies of the following third parties.

  • Google Analytics

The site uses Google Analytics to collect data related to visits and attractiveness of the pages and information provided (pages most/least viewed, elements most/least clicked, number of visitors, most often searched words, etc.). The service is provided free of charge by Google Inc. These cookies are used to memorise information about visitors, such as when the site was visited, the previous visit, and what domain leads visitors to the portal.

This information, generated simply through the access to the portal, is then sent to Google which archives it on its own servers.

This page https://www.google.com/analytics/learn/privacy.html?hl=it provides further information about the Google Analytics service.

However, in general Google’s Privacy Policy, http://www.google.com/intl/it/policies/privacy/ , governs their usage of personal data belonging to users of Google products and the services Google.

By using the additional component found at this link, https://tools.google.com/dlpage/gaoptout?hl=it ) you can choose the method for Google Analytics to collect data.

The list of cookies used by Google Analytics can be found at the following address: https://mustlopers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage .

De-activation and elimination of the cookie

In order to proceed with de-activation of the cookie and/or choose the level for cookie blocking, the user can modify the settings of their own browser functions. The link below explains how to proceed with this operation using the principal web browsers:

Furthermore, we note that the user can always manually remove cookies already installed on their own fixed or mobile device using browser functions such as “empty cache”, “eliminate navigation data” or similar. Information about this can be found by following the following links:

For mobile terminals, please consult the following we page and look for your device model: http://www.allaboutcookies.org/mobile/index.html .


For more information on cookies and management of cookie preferences (first and/or third party) users are also invited to visit the platforms: www.youronlinechoices.com and www.aboutcookies.org


Information indicated may be subject to modification. In particular, if Chiorino Technology intends to process your personal data for purposes different from those indicated in the information note, we shall provide you with new information on the topic, modifying this document and requesting that it be signed again.