GUARANTEE OF DATA PROTECTION AND CONFIDENTIALITY
Personal Data Protection Notice pursuant to Art. 12 e ss. Regolamento UE 679/2016
Under the new Regulation 679/2016, in accordance with the principle of accountability, any processing of personal data must be lawful, fair and transparent. These principles imply that the data subject must be informed of the existence of the data, its purposes and the rights he/she can exercise.
With this in mind, the data controller provides the data subject with the necessary information to ensure proper use in accordance with the principle of accountability. With this in mind, please take note of the following information notice.
CARBONSINKGROUP s.r.l. with registered office in LaSpezia (SP) Piazza Giulio Baverni,4 in its capacity as Data Controller, in the person of its legal representative, pursuant to and for the purposes of EU Regulation 2016/679, hereby informs the interested party that the personal data taken on that person, acquired by the Data Controller or subsequently requested and/or communicated by third parties, are necessary and will be used for the purposes indicated below. The personal data processed will be, generically, personal data or company names or email addresses or telephone numbers.
PURPOSE OF PROCESSING
The personal data collected, also through the website, will be used for purposes related to pre-contractual, contractual, legal, fiscal and accounting fulfilments, for service communications, and for handling complaints. The personal data collected will not be disclosed to third parties.
The personal data processed do not require your consent. In fact, the processing of personal data collected is related to pre-contractual and contractual aspects or purely commercial aspects.
MODALITIES OF THE PROCESSING AND OBLIGATION OF CONFIDENTIALITY
Data processing is carried out using IT tools and/or paper media, by persons committed to confidentiality, with logic related to the purposes and in any case in such a way as to guarantee the security and confidentiality of the data. The data collected will not be disclosed or disseminated to third parties in accordance with the law.
NOTICE TO THIRD PARTIES
Your personal data will not be disclosed to third parties known to us.
STORAGE TIMES
The personal data of the persons concerned will be stored for as long as is necessary for the performance of the relations existing between the parties and for the fulfilment of their obligations, subject to the storage of the same in accordance with the law in force, after which they will be deleted.
RIGHTS OF THE INTERESTED PARTY
Pursuant to current legislation, the data subject may assert his or her rights vis-à-vis the Data Controller, as expressed in Regulation 679/2016, namely:
– Right of access (Art. 15);
– Right of rectification (Art. 16);
– Right to erasure (Art. 17);
– Right to restriction of processing (Art. 18);
– Right to data portability (Art. 20);
– Right to object to processing (Art. 21);
– Right to withdraw consent;
– Right to lodge a complaint with the Supervisory Authority.
Below, in detail, are the individual rights granted to the data subject:
RIGHT OF ACCESS – art. 15
The data subject has the right to obtain from the controller confirmation as to whether or not personal data relating to him are being processed and, if so, to obtain access to the personal data and the following information:
(a) the purposes of the processing;
(b) the categories of personal data concerned
(c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if they are recipients in third countries or international organisations
(d) where possible, the proposed period of retention of the personal data or, if this is not possible, the criteria used to determine that period
(e) the existence of the right of the data subject to request from the controller the rectification or erasure of personal data concerning him/her or to object to the processing of personal data concerning him/her
(f) the right to lodge a complaint with a supervisory authority;
(g) where the data are not collected from the data subject, all available information as to their source
(h) the existence of an automated decision making process, including profiling as referred to in Article 22(1) and (4), and, at least in such cases, meaningful information on the logic used, as well as the importance and the envisaged consequences of such processing for the data subject.
1. Where personal data are transferred to a third country or an international organisation, the data subject shall have the right to be informed of the existence of appropriate safeguards within the meaning of Article 46 relating to the transfer.
2. The controller shall provide a copy of the personal data undergoing processing. Where further copies are requested by the data subject, the controller may charge a reasonable fee based on administrative costs. If the data subject makes the request by electronic means, and unless otherwise specified by the data subject, the information shall be provided in a commonly used electronic format.
The right to obtain a copy must not infringe the rights and freedoms of others.
RIGHT OF RECTIFICATION – art. 16
The data subject shall have the right to obtain from the controller the rectification of inaccurate personal data concerning him/her without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, also by providing a supplementary declaration.
RIGHT TO CANCELLATION – Article 17
1. The data subject shall have the right to obtain from the controller the erasure of personal data concerning him/her without undue delay, and the controller shall be obliged to erase the personal data without undue delay if one of the following grounds applies
(a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed
(b) the data subject withdraws the consent on which the processing is based pursuant to Article 6(1)(a) or Article 9(2)(a) and there is no other legal basis for the processing
(c) the data subject objects to the processing pursuant to Article 21(1) and there is no overriding legitimate ground for the processing, or objects to the processing pursuant to Article 21(2);
(d) the personal data have been unlawfully processed;
(e) the personal data must be erased in order to comply with a legal obligation laid down by Union or Member State law to which the controller is subject;
(f) the personal data have been collected in connection with the offering of information society services referred to in Article 8(1).
2. Where the controller has made personal data public and is obliged under paragraph 1 to erase them, the controller shall, taking into account available technology and the costs of implementation, take reasonable steps, including technical measures, to inform the controllers who are processing the personal data of the data subject’s request to erase any link, copy or reproduction of his or her personal data.
3. Paragraphs 1 and 2 shall not apply to the extent that the processing is necessary
(a) for the exercise of the right to freedom of expression and information;
(b) for compliance with a legal obligation to which the processing is subject under Union or Member State law or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
(c) for reasons of public interest in the area of public health in accordance with Article 9(2)(h) and (i) and Article 9(3)
(d) for archiving purposes in the public interest or for scientific or historical research or statistical purposes in accordance with Article 89(1), in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the purposes of such processing
(e) for the establishment, exercise or defence of legal claims.
RIGHT TO LIMIT TREATMENT – art-18
1. The data subject shall have the right to obtain from the controller the restriction of processing when one of the following cases occurs
(a) the data subject contests the accuracy of the personal data, for the period necessary for the controller to verify the accuracy of the personal data
(b) the processing is unlawful and the data subject objects to the erasure of the personal data and requests instead that their use be restricted
(c) although the controller no longer needs the personal data for processing purposes, the personal data are necessary for the establishment, exercise or defence of legal claims by the data subject
(d) the data subject has objected to the processing pursuant to Article 21(1), pending verification as to whether the legitimate reasons of the controller prevail over those of the data subject.
2. Where processing is restricted pursuant to paragraph 1, such personal data shall, except for storage, only be processed with the consent of the data subject or for the establishment, exercise or defence of legal claims or the protection of the rights of another natural or legal person or for reasons of substantial public interest of the Union or a Member State.
3. A data subject who has obtained a restriction of processing pursuant to paragraph 1 shall be informed by the controller before that restriction is lifted.
1. The data subject shall have the right to receive in a structured, commonly used and machine-readable format the personal data concerning him/her that he/she has provided to a data controller and shall have the right to transmit those data to another data controller without hindrance by the data controller to whom he/she has provided them where: (a) the processing is based on consent within the meaning of Article 6(1)(a) or Article 9(2)(a) or on a contract within the meaning of Article 6(1)(b); and
(b) the processing is carried out by automated means.
2. When exercising his/her rights with regard to data portability pursuant to paragraph 1, the data subject shall have the right to obtain the direct transmission of personal data from one controller to another, if technically feasible.
3. The exercise of the right referred to in paragraph 1 of this Article shall be without prejudice to Article 17. This right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller.
4. The right referred to in paragraph 1 shall not affect the rights and freedoms of others
RIGHT TO OPPOSE TO TREATMENT – Art. 21
1. The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her pursuant to points (e) or (f) of Article 6(1), including profiling on the basis of those provisions. The controller shall refrain from further processing the personal data unless he can demonstrate compelling legitimate grounds for processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
2. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning him/her carried out for such purposes, including profiling insofar as it is related to such direct marketing.
3. If the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
4. The right referred to in paragraphs 1 and 2 shall be explicitly brought to the attention of the data subject and shall be presented clearly and separately from any other information at the latest at the time of the first communication with the data subject.
5. In the context of the use of information society services and without prejudice to Directive 2002/58/EC, the data subject may exercise his/her right to object by automated means using specific techniques.
6. Where personal data are processed for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1), the data subject shall have the right, on grounds relating to his or her particular situation, to object to the processing of personal data relating to him or her, except where the processing is necessary for the performance of a task carried out in the public interest.
In addition to the aforementioned rights, the data subject has the right to lodge a complaint with the supervisory authority if the law so provides.
DATA CONTROLLER for PRIVACY NOTIFICATIONS
Company name: CARBONSINKGROUP s.r.l.
VAT No.: 01336740111
Registered office and Headquarters: Piazza Giulio Baverni, 4 – LaSpezia (SP)
Contacts: Tel.: +39 018 7733398 – FAX: +39 018 7733398; Mail: info@carbonsink.it
Cookie
What is a cookie and what is it used for?
A cookie is a small text string that a site sends to your browser and saves on your computer when you visit websites. Cookies are used to make websites work more efficiently, to improve their performance, but also to provide information to website owners.
What type of cookies does carbonsink.co.uk use and for what purpose?
Our site uses different types of cookies each of which has a specific function, as shown in the table below:
TYPES OF COOKIES FUNCTION
Navigation cookies
These cookies enable the site to function properly are used to collect information about how visitors use the site. This information is used to compile reports and help us improve the site. The cookies collect information anonymously, including the number of visitors to the site, where visitors have come from and the pages they visited.
Analytical Cookies
These cookies are used, for instance, by Google Analytics to process statistical analyses of how users navigate the site via computers or mobile applications, the number of pages visited, or the number of clicks made on a page while browsing a site. Click Here
Third-party cookies
These cookies are used by third party companies. The use of these cookies does not normally imply the processing of personal data. Third party cookies are derived from advertisements from other sites, e.g. advertisements, on the displayed website. They can be used to record the use of the website for marketing purposes.
How can I disable cookies?
Most browsers (Internet Explorer, Firefox, etc.) are configured to accept cookies. However, most browsers allow you to control and even disable cookies through your browser settings. Please note, however, that disabling navigation or functional cookies may cause the site to malfunction and/or limit the service offered.
To change the settings, follow the procedure indicated by the various browsers under ‘Options’ or ‘Preferences’.
USE OF COOKIES BY CARBONSINKGROUP s.r.l.
When you visit https://www.carbonsink.it we collect standard login information and details of visitor behaviour patterns to obtain information such as the number of visitors to different sections of the site. We collect this information in a way that does not allow the individual to be identified. We make no attempt to discover the identity of visitors to our website and do not associate any data collected through the site with any information from any source that could identify an individual. If we need to acquire personally identifiable information through our website, we specify this in the “contact us” section of the website, clearly stating how we collect personally identifiable information and the purposes for which it is collected.
The following lists illustrate the cookies we use and their purpose.
GOOGLE ANALYTICS
Google Analytics is a web analytics tool provided by Google Inc. (“Google”) that helps Carbonsinkgroup s.r.l. understand how our website is used. Information about your use of our website, including your IP address, may be transmitted to and stored on Google’s servers. We use this information to compile reports and to improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come from and the pages they visited. Google Analytics collects the original cookies, device/browser data, IP address and site/app activity to measure and generate statistics about user interactions on websites and/or apps using Google Analytics.
Google Analytics mainly uses original cookies to generate reports on the interactions of visitors (users) with the websites of Google Analytics clients. Users can deactivate cookies or delete them individually.
In addition, Google Analytics supports an optional browser add-on that, once installed and activated, disables measurement by Google Analytics for any site visited by a user. Please note that this add-on only deactivates measurement by Google Analytics.
If a site or app uses Google Analytics for apps or Google Analytics SDKs for Firebase, Google Analytics collects an app instance identifier, which is a randomly generated number that identifies a unique app installation. Each time a user resets their ad identifier (Ad ID on Android and ID for Advertisers on iOS), the app instance identifier is also reset.
If sites or apps have implemented Google Analytics with other Google advertising products, such as Google Ads, additional advertising identifiers may be collected. Users can deactivate this function and manage the settings for this cookie with Ads Settings.
Google Analytics also collects Internet Protocol (IP) addresses to ensure the security of the service and to tell website owners from which country, state or city in the world their users come (also known as ‘IP geolocation’). Google Analytics provides a method for masking the IPs that are collected (described below), but please note that website owners have access to their users’ IP addresses even if they do not use Google Analytics.
