Camino de migas

Reglamento Europeo sobre la Protección de los Datos Personales (RGPD)

El Reglamento Europeo sobre la Protección de los Datos Personales (RGPD) sustituye la directiva europea 95/46/CE. El objetivo del Reglamento es proporcionar un marco moderno, uniforme y sólido para la protección de los datos en Europa basado en el principio de responsabilización. Las nuevas previsiones tienen impacto por lo que se refiere a la organización, el funcionamiento y la tecnología, y, al mismo tiempo, establecen un sistema de sanciones más estricto respecto del anterior.
El cambio más importante en el panorama normativo sobre la protección de los datos concierne a la jurisdicción extendido del RGPD, ya que este último se aplica al tratamiento de los datos personales efectuado en el ámbito de las actividades de un establecimiento por parte de un titular del tratamiento o de un responsable del tratamiento en la Unión, independientemente del hecho de que el tratamiento se efectúe o no en la Unión. Asimismo, el Reglamento se aplica al tratamiento de los datos personales de interesados que se encuentran en la Unión, efectuado por un titular del tratamiento o de un responsable del tratamiento que no esté establecido en la Unión, cuando las actividades de tratamiento conciernen: a la oferta de bienes o a la prestación de servicios a dichos interesados de la Unión, independientemente de la obligatoriedad de un pago del interesado; o bien, al control de su comportamiento en la medida en que dicho comportamiento tiene lugar en el seno de la Unión. 
El Reglamento se aplica asimismo al tratamiento de los datos personales efectuado por un titular del tratamiento que no esté establecido en la Unión, sino en un lugar sujeto al derecho de un Estado miembro en virtud del derecho internacional público.
El RGPD exige a las empresas adoptar medidas técnicas y organizativas adecuadas para aplicar los principios sobre la protección de los datos y proteger los derechos individuales: se trata de la denominada  “Protección de datos desde el diseño y por defecto” (Data Protection by Design and by Default”).
La “Protección de datos desde el diseño” (Data Protection by Design) garantiza que la empresa considera los problemas concernientes a la privacidad y a la protección de los datos en la fase de diseño de cualquier sistema, servicio, producto o proceso y, por tanto, durante el propio ciclo de vida.
La “protección de datos por defecto” (Data Protection by Default) exige a CLIVET SPA garantizar que la Sociedad elabore solo los datos necesarios para lograr un objetivo específico y durante un periodo de tiempo no superior al tiempo necesario para la finalidad para la que los datos han sido recogidos y posteriormente tratados.
CLIVET SPA ha adoptado un Modelo de Gestión de la Protección de los Datos Personales en virtud del RGPD, teniendo en cuenta, además, cuanto establece el D. L. 196/2003, con las modificaciones aportadas por el D. L. 101/2018, definiendo normas y procedimientos vinculantes para la Empresa y para cada uno de los empleados. CLIVET SPA revisa y actualiza cuando es necesario con periodicidad sus Políticas sobre la Protección de los Datos y sobre la Seguridad de las informaciones, y define directrices evolutivas que se traducen en un plan de implementación de las actualizaciones. En los diferentes documentos presentes en la sección “Privacy” (Privacidad), CLIVET SPA proporciona, en conformidad con el art. 13 del RGPD, toda la información exigida por la norma, diferente según la finalidad para la que han sido tratados los Datos Personales de los Interesados. Para cualquier otra aclaración en relación con los apartados tratados en las Notas Informativas, invitamos al usuario a ponerse en contacto con nuestra persona de referencia en la materia escribiendo a la dirección de correo electrónico: privacy@clivet.com

PRIVACY

CIRCULAR LETTER ON PERSONAL DATA PROCESSING PURSUANT TO ART. 13 GDPR 2016/679

Dear Mme /Dear Sir,
We wish to inform you that European Regulation No. 2016/679 (“GDPR”) states that the entity processing personal data should inform the data subject (i.e., the subject to whom the data refers) about the qualifying elements of the processing, which should be performed correctly, lawfully and transparently, thus protecting the confidentiality and rights of the data subjects themselves. In compliance with Art. 13 of said Regulation we are hereby communicating to you the following information: 

 

Main processing principles

The processing of your personal data (hereinafter referred to as “data”) shall be performed through collection, registration, organization, conservation, consultation, elaboration, modification, selection, extraction, comparison, use, interconnection, block, communication, cancellation and destruction, by the assigned data processors and those entrusted with data processing. 
The data will be processed in a lawful, correct and transparent manner; it will be gathered for determined, explicit and legitimate purposes and processed in a way that is not incompatible with such purposes, and will be adequate, pertinent, limited to what is needed with respect to the purposes for which it is processed, extracted and updated; the data will be processed with utmost privacy, mainly with electronic and IT instruments and memorised on both IT and paper supports, and also on other types of suitable supports, in conformity with the principles of the EU Regulation on matters of personal data protection, prescriptions imposed by the Supervisory Authority, and however in such a way as to guarantee adequate security, including protection, with suitable technical and organisational measures against unauthorised or unlawful processing or also the accidental loss of such. The data will be kept in a form that allows the identification of the data subject for the time necessary to fulfil the purposes for which they were processed.

 

1. Data Controller
The Data Controller is Clivet SpA registered in Via Camp Lonc 25, Z.I. Villapaiera, Feltre (BL), VAT CODE: 00708410253.
For the purpose of exercising the rights provided by the Regulation and for any other request relating to your personal data, you may address the Data Controller, with a notice sent to the e-mail: privacy@clivet.it

 

2. Identity and contact data of the Data Protection Officer (DPO)
Clivet SpA has appointed as its DPO, Atty. Susanna Greggio, e-mail: dpo@clivet.it, tel. 0444.547317


3. Processing methods
The data gathered is processed exclusively by authorised persons, using automated and non-automated instruments, with methods suitable to guarantee the security and privacy of the data and for the time necessary to fulfill the objectives for which it was gathered. The submission of data for the purposes cited in point 4 is optional. The eventual refusal to submit, all or part of your personal data or your consent to processing would imply the impossibility for Clivet SpA to supply the services indicated under the “Objectives” clause.


4. Purpose and lawful basis of the processing
The lawful basis for the processing provided by this circular is that cited in Art 6, lett. a) of the European Regulation: “the data subject has given consent to the processing of his or her personal data for one or more specific purposes.”
The preordained purposes of the processing are:

 
a) Clivet University Section:
The personal data you furnish is processed by Clivet SpA in the measure in which it is needed to allow your participation in the “Clivet University” formative services organised by the Company and to handle the activities implied in the organization of the event. 
The data gathered in such scope may likewise be used to send informative and promotional material and/or commercial announcements regarding new products or updates and novelties on Clivet products through the dispatch of newsletters.

b) Newsletter Section: 
The data is gathered and processed for the dispatch of informative and promotional material and/or commercial announcements regarding new products or updates and novelties on existing products through the dispatch of newsletters.

c) Creation of a personal account on the site www.clivet.com
The data gathered through the online form in the section “create an account” is gathered for the purpose of allowing the user access to documents or information related to a specific service or product of Clivet SpA.
The data gathered in such scope may likewise be used for the dispatch of informative and promotional material and/or commercial announcements regarding new products and updates and novelties on Clivet products through the dispatch of newsletters.

d) Telephone or e-mail assistance for presale or post-sales service
The data collected through these channels are processed in order to provide assistance to the customer in relation to the questions asked at the time of contact.


5. Categories of personal data processed
In the scope of the different objectives referred to earlier, the data categories to be processed are listed below:
a) Clivet University: name, surname, country, telephone and e-mail address; 
b) Newsletter: name, surname, country, telephone and e-mail, name of the company you are part of;
c) Creation of an account on the site www.clivet.com: name, surname, country, telephone and e-mail address; corporate information (name of company you belong to) and user address (street, zip, town and country).
d) Telephone or e-mail assistance for presale or after-sales service: name, surname, e-mail, possible residential address.

6. Possible recipients or categories of recipients of the personal data
The personal data which Clivet SpA will come to acquire are not subject to diffusion. The same may be object of communication within the Company and be disclosed to the authorized persons and data processors assigned by Clivet SpA. 
In relation to the Newsletter service, the data may be disclosed also to the:
a) Companies of the Midea group;

In relation to participation in the Clivet University courses the data may be disclosed to:

a) Category associations 
b) Area agencies, distributors 
c) Professional orders
d) Service providers for food, lodging, transport 

In relation to the gathering of data through the “create an account” form on the site www.clivet.com, the data can be likewise communicated to:
a) Area agencies

In relation to data collection through the pre or post sales service, the data may be communicated
a) Technical assistance centers
b) Area agencies

7. Transfer of personal data to third countries
The Company may transfer your personal data to companies belonging to the Midea Group, as also to the Parent Company located in China, ensuring an adequate level of personal data protection and therefore on the basis of and in conformity with the provisions of Articles 45, 46, 47 and 49 GDPR, in particular through data protection clauses.

 

8. Personal data retention period

Clivet University: the personal data furnished will be retained for the entire duration of the chosen course and however up to the end of the essential procedures. 
In the event the data subject has consented to the sending of informative and promotional material and/or commercial announcements regarding new products or updates, the personal data shall be retained until the data subject’s express withdrawal of consent to the processing. The company will provide for the request for renewal of the consent every 5 years. 

Newsletter:  The data is gathered and processed for the dispatch of informative and promotional material and/or commercial announcements regarding new products or updates and novelties on existing products through the dispatch of newsletters. 

Creation of a personal account on the site www.clivet.com: the personal data furnished in the registration phase shall be retained until the data subject requests cancellation of the account. If the data subject consents to the dispatch of informative or promotional material and/or commercial announcements regarding new products or updates, the personal data will be retained until the data subject’s withdrawal of consent to processing. The Company will request renewal of consent every 5 years.  
In every case, the data shall be retained for the time necessary to achieve the purposes for which it is processed and/or however in conformity with the provisions of the law in force in civil, fiscal and administrative matters regarding data retention.

A longer retention period for the personal data may possibly be determined by requests from the Public Administration or other judicial, governmental or regulatory Bodies or by the participation of this Company in court proceedings that involve the processing of the personal data you have furnished.

Data collection through the pre or post sales service: personal data provided during registration will be kept until the request for cancellation by the interested party.
 

9. Recognized rights of the data subject
The data subject is entitled to obtain from the Data Controller access to his or her personal data. In particular, the data subject has the right to obtain: a) indication of the origin of his or her personal data, objectives and processing 
methods, and the logic applied in cases where the processing is performed with the use of electronic instruments; b) the update or rectification; c) erasure or limitation of the processing of his or her personal data (transformation into anonymous form, blocking of data processed in breach of laws, including those for which storage is not necessary in relation to the scopes for which the data was gathered or subsequently processed); d) portability of data processed in a structured manner.
The data subject has however the right to withdraw the consent given for the processing of personal data. - where this treatment is based on the consent itself. - In any case, the withdrawal of consent to the processing does not jeopardise the lawfulness of the processing based on the consent given before its withdrawal. 
The data subject residing in Italy has the right to lodge a complaint with the Supervisory Authorities, represented in Italy by the Data Protection Authority with headquarters in Rome, Piazza Monte Citorio, 121. The data subject residing abroad may lodge complaints with the designated Supervisory Authorities in the country of residence.  
In any case, we wish to inform you that pursuant to Art. 21 of the European Regulation 2016/679, should the data be processed for direct marketing objectives (dispatch of newsletters), you are entitled to oppose any time the processing of your data for such purposes.


        
10. Existence of an automated decision-making process
The processing referred to in this Circular is not subjected by Clivet SpA to automated decision-making procedures.