Privacy policy
PRIVACY POLICY – WEB SITE
Information notice pursuant to Art. 13 of EU Regulation 2016/679 (“GDPR”) and art. 130 of national Privacy Code
WHY THIS INFORMATION?
According to Regulation (EU) 2016/679 (General Data Protection Regulation) we provide you the due information concerning the processing of collected personal data. This notice is not to be considered valid for other websites attainable trough links and data processor shall not be held responsible for third parties web pages.
This notice is provided pursuant to art. 13 of the Regulation (EU) 2016/679 (General Data Protection Regulation) and according to the provisions of the Directive 2002/58/CE, as amended by Directive 2009/136/CE on Cookies, as well as according to the Provision of the Data Protection Authority dated 08.05.2014 on cookies.
Personal data we may collect and process
Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can directly or indirectly be identified, in particular by reference to an identifier such as a name, an identification number, a location data, an online identifier or to one or more specific factors to the physical, physiological, genetic, mental, economic, cultural or social identity (C26, C27, C30).
Navigation data: IP addresses, domain name, URI/URL addresses, time and methot of the request, response code from server and a few information regarding the useragent (OS version, resolution, devise type).
Voluntarily provided data: The optional, explicit and voluntary transmission of messages to contact addresses or forms, entails the subsequent acquisition of sender's address; the latter, along with any other personal information provided, will be necessary for us to reply.
Social media: For more information regarding the processing of personal data carried out by any Social Media platforms deployed on this website, please refer to their respective privacy policies. The Data Controller processes the personal data through the pages of the dedicated Social Media platforms, to manage interactions with users (comments, public posts, etc.) and in compliance with current legislation.
Specific privacy statement: Specific privacy statement may be furnished with regards to specific processings or services offered by the website.
COOKIES AND OTHER TRACKING SYSTEMS. WHAT ARE THEY? WHAT ARE THEY FOR?
For cookies and other tracking systems, please refer to the cookie policy in the footer of the website and at the following link.
1.WHO IS THE DATA CONTROLLER? HOW CAN I CONTACT HIM?
DATA CONTROLLER pursuant to art. 4 and 24 of the Reg. (EU) 2016/679, is CMC CONVERTING MACHINERY SRL – with registered office in via Passerini 2, 20900 Monza (MB), represented by the legal representative pro tempore whom you may contact for any information via: info@cmccevenini.it
2. PURPOSE OF PROCESSING, LEGAL GROUND, DATA RETENTION, NATURE OF CONFERRAL
|
PURPOSE OF PROCESSING |
LEGAL GROUND |
DATA RETENTION |
NATURE OF CONFERRAL |
|
Website browsing Activities strictly related to site operations and to platform browsing service provision.The data required to avail yourself of this website, will be processed as well in order to:
The data will be used to establish liability in the event of any cybercrimes committed against the website. |
Data controller’s legitimate interest, provided that interests or fundamental rights and freedoms of data subjects are not prevailing (C47-C50) Art. 6 PAR. 1 lett. f) GDPR |
Necessary in order to guarantee the navigation. In any case, such data are not retained for more than seven days (unless the judicial authorities require them for the investigation of criminal offences). |
Necessary in order to guarantee the navigation |
|
Website Analytics By means of cookies and similar technologies More information available in the cookie policy |
Cookies other than technical ones (or similar) require users’ consent in order to be deployed (art. 6.a GDPR) Whether required, the consent will be requested by means of our cookie policy and its banner |
More information available in the cookie policy |
More information available in the cookie policy |
Oltre che per la navigazione, i dati personali saranno trattati per:
|
PURPOSE OF PROCESSING |
LEGAL GROUND |
DATA RETENTION |
NATURE OF CONFERRAL |
|
A) CONTACTS, sending contact requests, information. |
Contract Art. 6(1)(b) and recital 44 GDPR: processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; |
Up to 12 months. |
Necessary for the legitimate interest of data controller with due regard to user’s rights and fundamental freedoms |
|
B) Handling of data subjects’ requests, pursuant to art. 15 and following GDPR (data subjects’ rights) |
The processing is necessary to comply with a legal obligation the data controller is liable to (C45) Art. 6 par. 1 lett. c) GDPR |
5 years after closure, except from lawsuits |
Data conferral is mandatory, being indispensable to grant the fulfilment of any legal obligations |
3. DATA RECIPIENTS
Personal data will not be disseminated. All the personal data may be disclosed to recipients acting as autonomous Data controllers or Data Processors (art. 28 GDPR) and processed by persons appointed to, pursuant to art. 29 GDPR and acting under the authority of the controller or the processor, upon written letter of authorizations relating to purposes and means of processing. Personal data may be disclosed to recipients belonging to the following categories:
• Entities based in Italy that provide services for the website and communication networks, including e-mail, hosting and website management (including Group companies, affiliates and subsidiaries);
• Entities based in Italy with which the Data Controller has entered into agreements and with prior consent, where required;
• Competent authorities for the fulfilment of legal obligations and/or provisions of public bodies, upon request.
The list of Data Processors pursuant to Article 28 is available by writing to the other contact details indicated above.
4. INTERNATIONAL DATA TRANSFERS
Personal data will not be transferred to countries outside the EEA. In particular, it should be noted that the data will be stored in Italy for the purposes of hosting, managing, developing and maintaining the website. All third parties to whom the data may be disclosed are based in Italy. In the event of consent for marketing activities/the release of certain categories of cookies, transfer outside the European Union may be possible. In this case, this will be carried out in accordance with Articles 44 et seq. of EU Regulation 2016/679.
5. AUTOMATED-MEAN PROCESSING
Personal data will be subjected to traditional and manual, electronic or automated processing. Fully automated decision-making processes are not carried out.
6. DATA SUBJECTS’ RIGHTS
Data subjects may assert their rights as expressed in Articles 15 GDPR and following contacting the Data Controller at: info@cmccevenini.it or writing to the contact details provided above. The Data Controller ensures data subjects the possibility to request, at any time, access to their personal data (Article 15), rectification (Article 16), erasure of the same (Article 17), and restriction of processing (Article 18). The Data Controller communicates (Article 19) any rectifications, erasures, or restrictions of processing to each recipient to whom the personal data has been disclosed. The Data Controller informs the data subjects upon their request about such recipients.
The Data Controller ensures the right to data portability (Article 20) and, in the event of requests under Article 20, will provide data subjects with the data in a structured, commonly used, and machine-readable format.
Data subjects are entitled the right to object (Article 21) at any time to the processing of data based on legitimate interest of the data controller, by writing to the above contacts with the subject 'objection.' In the case of exercising the right to object to processing based on legitimate interest, the Data Controller acknowledges the data subjects to obtain, upon request, information about the balancing test performed.
If data subjects believe that the processing of personal data by the Data Controller violates any provision of UE Regulation 2016/679, they are free to lodge a complaint with the national supervisory authority, especially in the Member State where they habitually reside or work, or where the violation occurred (Italian Data Protection Authority - https://www.garanteprivacy.it/), or to take appropriate legal action
7. UPDATES
The Data Controller retains the right to modify, update, add or remove some parts of this notice at any time.
Last review: 24/03/2026
