DE CARDENAS is committed to protecting the security and privacy of all personal information collected from you whilst providing a personalized service that keeps you up-to-date with issues and services that meet your individual preferences and needs. We therefore conduct our business in compliance with applicable laws on data privacy protection and data security.
This policy (together with our terms of use) and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. By using our website, you indicate your consent to the collection and use of such information in accordance with the following Privacy Policy.
For the purpose of the Data Protection Act 1998 (“the Act”), the data controller is:
DE CARDENAS Srl having its registered office at Arcore, – via Lega Lombarda, 127 – Italy.
Information We May Collect From You
We may ask you to provide certain information when you use our website. You will know when we are collecting information intended to be kept for future use because the web page will contain a link to this privacy policy. The information collected may include:

  • Your name, occupation and job title;
  • Your C.V. or resume and information relating to any job application;
  • Postal and/or e-mail address;
  • Details about services or products you specifically request;
  • Details from documents you complete online;
  • Details of your visits to our website including, but not limited to, traffic data, location data, weblogs and other communication data and the resources that you access.

IP Addresses And Cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using a cookie. A cookie is a small text file which a website sends to your computer when you visit it. The Cookie is stored on your hard drive so that it can be retrieved by the website when you visit it at a later occasion. They help us to improve our site and to deliver a better and more personalised service. They enable us to:

  • Estimate our audience size and usage pattern;
  • Store information about your preferences, allowing us to customize our site according to your individual interests;
  • Speed up your searches;
  • Recognise you when you return to our site.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.

Uses Made of Your Information
We may use information held about you in the following ways:

  • To ensure that content from our website is presented in the most effective manner for you;
  • To provide you with information on products or services that you request from us or which we may feel may interest you but only where you have consented to be contacted for such purpose;
  • To carry out our obligations in respect of any contract entered into between you and us;
  • To notify you of changes to our website where appropriate.

Where We Store Your Personal Data
The information you provide us with will be held on our computers in Italy and may be accessed by or given to our staff, contractors and agents who act for us for the purposes set out in this policy or for other purposes set out in this policy or as otherwise permitted by law. This may mean that your information is sent to computers outwith Italy.

By submitting your information to us you agree that the data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for DE CARDENAS. Such staff maybe engaged in, among other things, the processing of your enquiries and the provision of services. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

This website may contain links that make it easy for users to visit other websites. If the user uses the links to leave this website and visit a website operated by a third party, we do not have any control over that website. Accordingly, we cannot be responsible for the protection and privacy of any information which you may provide while visiting such websites. In every case you should exercise caution and look at the privacy statement applicable to the website in question.
Unfortunately, the transmission of information via the internet is not completely secure. Athough we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.


Disclosure Of Your Information
We may disclose your personal information to third parties If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements or to protect the rights, property, or our safety, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction or to assist in any investigation into alleged illegal or criminal conduct.


Your Rights
You can choose to restrict the collection or use of your personal information. You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you before collecting your data if we intend to use it for such purposes. If you have previously not objected to us using your personal information for direct marketing purposes, you can change your mind at any time by writing to:

DE CARDENAS Srl– via Lega Lombarda, 127 20862 Arcore – (MB) or emailing us at info@decardenas.it


Other Sites
This privacy policy only covers this site. Other links within this site to other websites are not covered by this policy.


Changes
Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email.


Contact
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to info@decardenas.it


INFORMATION ON DATA PROCESSING

pursuant to and for the purposes of Legislative Decree 196/2003 mod. by Legislative Decree 101/2018 and EU Regulation 2016/679


DE CARDENAS FANS & SERVICE S.R.L., with registered office in Arcore (MB), Via Lega Lombarda 127, C.F. 05973120156 - P.IVA 0081170968, in the person of the Chairman of the Board of Directors Mauri Alberto (hereinafter, "Owner"), as Data Controller, informs pursuant to art. 13 EU Regulation n. 2016/679 (hereinafter, "G.D.P.R."), that the data of the interested party will be processed in the following manner and for the following purposes:

1. Subject of the Processing

The Data Controller processes the data - for example name, surname, company name, fiscal code, address of the person concerned, bank and payment references - in execution of the contract / contracts and / or orders and, more generally, for the fulfilment of contractual obligations and in compliance with tax obligations.

2. Purpose of the Processing

The data of the interested party are treated:

without your express consent [art. 6 lett. b), e) G.D.P.R.] for the following purposes:

• fulfil contractual and tax obligations deriving from existing contractual obligations;

• fulfil the obligations provided for by law, by a regulation, by EU legislation or by an order of the Authority (such as for example in the field of anti-money laundering);

• exercise the rights of the Owner, for example the right to defend in court.

3. Type of data subject to processing and categories of interested parties

The Data Controller may collect and consult the following types of personal data:

· Common personal data (identification data: name, surname, date and place of birth, gender, fiscal code, nationality);

· Contact details (residential address, country, postal code, telephone number, e-mail);

· Data on education, employment and professional activity (cv, professional background, work performed, name of employer, remuneration);

· Data relating to digital activity (cookies, number of connections, type of favorite or purchased products).

Personal data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, membership of trade unions, genetic data or data concerning life or sexual orientation will never be requested, unless this is imposed by a legal obligation.

The treatment will concern the following categories of Interested: customers, potential customers, candidates, supplier personnel, subjects representing corporate or institutional clients and their staff.

4. Processing methods

The data processing is carried out by means of the operations indicated in the art. 4 n. 2) G.D.P.R. and precisely: collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. The data is processed both on paper and electronically.

5. Data retention times

The data provided will be stored in our archives according to the following parameters:

• for administration, accounting, billing, services, management of any litigation: 10 years as established by law by the provisions of art. 2220 of the Civil Code, subject to any delayed payment of the fees justifying the extension.

6. Access to data

The data may be made accessible for the purposes referred to in art. 2 of this information to the Board of Directors, to employees and collaborators in their capacity as Data Processors in the updated list kept at the Company's registered office, as well as to the external System Administrator of the Company.

Furthermore, in the management of the data, other external subjects may become aware of the same, who will treat the data in their capacity as external designated data processors: for example the labor consultant and the accountant, appointed by the Data Controller respectively to pay and accounting services (pay slips, accounting data processing, accounting books, declaration processing, tax declarations and notices, tax settlement).

7. Communication of data

Without the need for an express consent of the interested party [ex art. 6 lett. b) and c) GDPR], the Data Controller may communicate the data for the purposes referred to in art. 2 of this disclosure to Supervisory Bodies, Judicial Authorities, as well as to those subjects to whom the communication is obligatory by law for the fulfilment of the said purposes. These subjects will treat the data in their capacity as independent data controllers.

The data of the interested party will not be disclosed.

8. Place of Processing and storage / archiving

The data processed at the Company's registered office, in Arcore (MB), Via Lega Lombarda 127, are processed in paper and electronic format and are kept and stored at the same location in paper archives and on server respectively.

The data processed at the offices of the Company's local units located in Desio (MB), Via Don Luigi Sturzo 12 and Rome (RM), Via Edoardo d’Onofrio n. 212, are also treated in paper and electronic format. Those processed on paper are processed and stored at these local units while those processed in electronic format are processed on local servers at said sites and remotely (with remote access to the server located at the Company’s registered office via VPN connection - Virtual Private Network) and are stored on the server located at the registered office.

The data are processed, on behalf of the Data Controller, by the Data Processors in the updated list kept at the aforementioned registered office of the Company.

9. Data transfer

The data is stored on servers located in Italy and within the European Union, at the Company's registered office.

The Owner reserves the right to use cloud services for data storage and for electronic invoicing requirements; in this case, the service providers will be selected from those who provide adequate guarantees, as required by art. 46 GDPR.

10. Nature of data provision and consequences of refusal to respond

Some data are indispensable for the establishment of the contractual relationship or for its execution, while others may be defined as accessories for these purposes. The provision of data is mandatory only for data for which there is a regulatory or contractual obligation.

The provision of data for the purposes referred to in art. 2 is mandatory. In their absence, we will not be able to guarantee the services of the art. 2.

11. Rights of the interested party

The interested party may exercise the rights set forth in articles 15 - 22 G.D.P.R. and precisely the rights of:

DATA ACCESS AND PORTABILITY: you can obtain confirmation of the existence or not of personal data, as well as obtain indications about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the storage period; may also request and obtain a copy of the data processed in an intelligible form;

CORRECTION: if the interested party deems that the personal data are incomplete or inaccurate, he may request that they be modified accordingly without unjustified delay;

OBLIO: may request the elimination of personal data, as far as permitted by law; if the data for which the cancellation is requested is in the public domain, it will be the responsibility of the data subject to request cancellation from each Owner;

LIMITATION: the interested party may request the limitation in the processing of personal data;

OPPOSITION: You may object, in whole or in part to the processing of personal data for reasons relating to a particular situation, also for direct marketing purposes where implemented.

In addition to the aforementioned rights, pursuant to art. 77 G.D.P.R., the interested party has the right to lodge a COMPLAINT with the Data Protection Authority of the Member State in which he has his habitual residence, where he works or where the alleged violation occurred.

12. Withdrawal of consent

The interested party can revoke any consent given at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent prior to revocation.

However, the Processing subject of this information is lawful and allowed, even in the absence of consent, as it is necessary for the execution of a contract of which the interested party is a party and without prejudice to the obligatory obligations established by the legislation in force at the time of the request for revocation.

The right of revocation can be exercised by sending to the Data Controller communication in this sense, to the addresses listed below.

13. Mode of exercise of rights

The interested party may at any time exercise his rights by sending:

a registered letter a.r. to DE CARDENAS FANS & SERVICE S.R.L., with registered office in Arcore (MB), Via Lega Lombarda 127.

or

an e-mail to the address info@decardenas.it

or

a PEC e-mail address info@pec.decardenas.ir

14. Data Controller and Data Processor

The Data Controller, to whom the interested party may refer to assert the aforementioned rights, is DE CARDENAS FANS & SERVICE S.R.L., with registered office in Arcore (MB), Via Lega Lombarda 127, C.F. 05973120156 - P.IVA 0081170968, in the person of the Chairman of the Board of Directors Mr. Mauri Alberto.

The updated list of the persons in charge of processing, figures authorised to carry out processing operations by the Data Controller, is kept at the registered office of the Data Controller. Workers, employees and collaborators who have been authorised to process personal data as Data Processors, carry out this activity on the basis of the roles and work tasks performed within the limits of their competences and in accordance with the instructions given to them by the Owner.