The information regarding data processing is provided only for the Website and for processing carried out by the Company and it does not extend to processing carried out by third parties on other websites that may be consulted by Users via links. With respect to that additional processing, the Company does not accept any liability; the User must refer to the individual Privacy Policies of the third-party websites.
1. Controller and place of processing
The Controller is the Company COIMA SGR S.p.A., based in Milan (Italy), Piazza Gae Aulenti no. 12, 20154. The data are mainly processed at the Controller’s office, by technical personnel of the Company appointed as processing officers, within the territory of the European Union.
2. Data processing methods
The Company processes the User’s data adopting all appropriate security measures to prevent unauthorised accesses, as well as the unauthorised disclosure, modification or destruction of the data. The processing is carried out using both manual and/or electronic tools, with organisational methods and logics strictly related and limited to the indicated purposes.
3. Purpose of data processing and legal basis of processing
The Company, through the Website, may process the User’s data for the following purposes:
(a) Sending of the periodic COIMA newsletter, if the User has expressly asked, by completing the specific form present on the Website, to receive the periodic COIMA newsletter via e-mail, to keep updated on the initiatives and activities of the Company. The legal basis of processing is the consent of the User, who may freely choose whether or not to register to the COIMA newsletter: the provision of consent, in fact, is entirely optional and will not preclude in any way the possibility of continuing to browse on the Website.
In any case, the User may ask at any time no longer to receive the COIMA newsletter and to withdraw consent (i) by contacting the Company by email at the address firstname.lastname@example.org; or (ii) by way of the specific unsubscribe link found in every communication sent.
(b) Sending of communication via email containing invitations to events, conventions, initiatives of COIMA or sponsored by COIMA. The legal basis of processing is the specific consent of the User, who may freely choose whether or not to provide it; the provision of consent to receive invitations to events is entirely optional and separate from the registration to the Newsletter and therefore any failure to provide such consent will not preclude in any way the possibility of continuing to browse on the Website or of choosing to register for the newsletter service.
In any case, the User may ask at any time no longer to receive invitations to events or other initiatives of COIMA or sponsored by COIMA and to withdraw consent (i) by contacting the Company by email at the address email@example.com; or (ii) by way of the specific unsubscribe link found in every communication sent.
(c) Pursuit of the legitimate interests of the Company and/or third parties. The User’s data may also be used to exercise the rights and legitimate interests of the Company and/or third parties, for example, the right of defence in court, the handling of claims and litigation, credit recovery, fraud prevention and/or prevention of unlawful activities. In these cases, although the provision of the User’s personal data is not mandatory, it is, however, necessary as those data are closely connected and instrumental to the pursuit of those legitimate interests, which do not prevail over the rights and fundamental freedoms of the User, and any refusal to provide them could involve the impossibility of carrying out the requested services (e.g. requesting information from the Company).
(d) Fulfilment of legal obligations and/or applicable obligations. The Company may also use the personal data provided by the User or otherwise acquired during the User’s interaction with the Website for purposes related to the execution of obligations of law, regulations, national and Community legislation, as well as deriving from provisions imparted by authorities legitimated to do so by law, which represent the legal basis of processing, without the need to obtain the User’s prior consent.
(e) Performance of aggregate statistical analyses on an anonymous basis in order to improve the performances and services offered by the Company via the Website. In this case, no consent will be requested from the User, as the processing will only be carried out on anonymous data.
5. Disclosure of data to third parties
- companies, collaborators, consultants or freelancers used by the Company to perform activities preparatory to the pursuit of the indicated purposes, or with which the Company collaborates (including other COIMA Companies) for the purposes of the provision and functioning of its services or for any communication activities;
- persons, companies or professional firms that provide assistance and consultancy activity to the Company, with particular but not exclusive reference to administrative and legal issues;
- entities to which the right to access the data is recognised by legal provisions or orders of the authorities.
The entities belonging to the categories indicated above will use the data in the capacity of autonomous controllers in accordance with the law or processors duly appointed by the Company.
The list of entities to which the data are or may be disclosed, can be requested from the Company by using the details indicated in the “Rights of Users and Contact Details” section.
6. Data retention
User data collected and processed for sending COIMA’s newsletter to a voluntarily provided email address, and any data processed for sending invitations to COIMA events, will be kept for that purpose until the consent is opposed or withdrawn. Communications are sent exclusively by email, which contain an unsubscribe link. This allows the User to easily oppose further emails and ensure their will is registered in a timely manner.
7. Rights of Users and Contact Details
The User may exercise, in the cases expressly envisaged by law and where applicable, the rights provided by the Regulation. In particular, the User has the right to:
- obtain confirmation of whether or not the processing of his/her personal data is in progress and, in that case, to request from the controller access to information relating to that processing (e.g. purposes, categories of data processed, recipients or categories of recipients of data, retention period, etc.);
- request the rectification of inaccurate or incomplete data;
- request from the Controller the erasure of the data (e.g. if the personal data are no longer necessary with respect to the purposes for which they were collected, in the case of withdrawal of consent on which the processing is based, etc.);
- request the restriction of processing (e.g. in the event of a dispute by the User on the accuracy of the data; if the processing is unlawful and the same objects to the erasure of personal data; if the data are necessary to exercise or defend in court a right of the User, even where the Controller no longer requires them; in the case of exercising the right of objection, for the time necessary to verify the existence of the legitimate reasons);
- receive in a commonly-used and machine-readable format (e.g. pdf) the personal data relating to him/her and to send them to another controller, or to obtain the direct transmission from one controller to the other, if technically feasible (known as data portability).
The User also has the right to object, in whole or in part, for legitimate reasons, to the processing of personal data relating to him/her.
Those rights may be exercised directly by sending a communication to the following email address: firstname.lastname@example.org
Finally, if the User believes that the processing of the data provided violates the personal data protection regulation, he/she has the right to lodge a complaint with the Data Protection Supervisory Authority (www.garanteprivacy.it).
Milan, July 20th, 2020