privacy policy visitors
Articles 13-14, EU Regulation April 27, 2016 No. 679 “General Data Protection Regulation” VIS
Rev. 00
Dear Visitor,
This privacy policy on personal data processing (“Privacy Policy”) will allow you to clearly and fully understand how your personal data (Data) are processed.
1. WHO IS THE DATA CONTROLLER?
The data controller is CHIGGIATO S.p.A., with its legal headquarters at 35017 Piombino Dese (PD), Via Primo Targato n. 4 (Tax ID and VAT no. 03289390282). For information about data processing, you can write to the following email address: privacy@chiggiatospa.com.
2. WHAT PERSONAL DATA DO WE COLLECT AND PROCESS?
The following personal data may be processed:
- Image;
- Personal details and data related to access to the company (entry and exit time);
- Identity document details.
3. FOR WHAT PURPOSES DO WE PROCESS PERSONAL DATA AND WHAT IS THE LEGAL BASIS?
a) Video surveillance. The data related to video recordings will be processed exclusively to protect company assets and to ensure the safety of people. Specific signs inform those concerned that they are about to access or are in a video-surveilled area. The legal basis for processing is the legitimate interest of the Data Controller.
b) Visitor registration. The communication of personal data is required for the registration of presence in the company, to ensure the protection of company assets and the safety of people accessing it. The legal basis for processing is the legitimate interest of the Data Controller.
4. DATA RETENTION PERIOD
Recorded images are stored for 7 days from their detection, except for periods of closure or specific investigative requests from the Judicial Authority in case of a criminal event. At the end of the retention period, the images will be automatically deleted from the system.
Data related to access to the company will be stored for the period necessary to pursue the above purposes.
5. TO WHOM MAY THE DATA BE DISCLOSED?
Viewing of recorded images and their extraction is reserved for the Management and specifically authorized personnel. In the event of damages and criminal events, the transfer of recorded images to a digital medium to be delivered to the competent authorities will be carried out.
Personal data related to the processing in question, for the purposes of security of company assets and safety of people, may be communicated to legal professionals and the Judicial Authority and/or law enforcement agencies.
6. YOUR RIGHTS
European data protection law (“GDPR”) provides a series of rights that can be exercised to maintain control of your data. To exercise your rights, you can write to privacy@chiggiatospa.com.
We are obliged to respond within 30 days of receiving the request, and we will try to be as quick as possible.
Right of access: the right to obtain information about the processing of personal data, gain access to them, and copy them even via common electronic means. We commit to providing a report of the data we possess, such as personal and contact data, or the requests received via contact forms or email.
Right to rectification: the right to get data updated, supplemented, or corrected. If you believe that the data are in some way incorrect or outdated, we will do our best to resolve the issue.
Right to data portability: you can request the portability of data processed on the basis of contract execution or your consent, even directly to other data controllers.
Right to erasure: the right to request the deletion of stored data. In some cases, direct deletion can be requested, and we will take care to proceed as quickly as possible. However, not all data can be deleted upon request, as they may be necessary to fulfill legal obligations or because they are still in use.
Right to restriction and opposition: the right to request the limitation of processing or to oppose, in whole or in part, the processing of personal data. In case of a request for limitation of processing, we are obliged to suspend, for a determined time, any operation on the data.
If you believe that one or more processing activities carried out by us may violate the regulations, or you feel that your rights have not been protected, you can file a complaint with the Control Authority of the place where you usually reside or where the alleged violation occurred. In Italy, you can contact the Authority for the Protection of Personal Data.