Privacy policy for the processing of personal data

Contacts

Pursuant to Art. 13 of Regulation (UE) 2016/679 the following information is provided to the customer.

Controller
The controller is CDLAN S.p.A. – via Caldera 21 Milano.
The Data Protection Officer may be contacted at the following address: rpd@cdlan.it.

Purpose and legal basis for the processing
Personal data is collected and used to fulfill your request.
The legal basis is found in Article 6 paragraph 1, letter b) of Regulation EU/679/2016.
With your consent we will process your personal data for direct marketing and promotional activities through automated communication channels (e.g. SMS email, push notifications, app or other softwares) and/or traditional channels. The legal basis is Article 6, paragraph 1, letter a) of Regulation EU/679/2016. You can withdraw your consent at any time, by sending an email to the above-mentioned address. The withdrawal of consent may also regard only one of the
communication channels. Your refusal or withdrawal of consent shall in no way affect the possibility of making a request to CDLAN.

Communication
Data will be processed by specially authorised CDLAN’s employees.
Any third parties that will process your personal data on behalf of CDLAN will be appointed as Data Processors and will receive specific instructions.

Data retention
The data related to the request are retained for two years.
The data processed on the basis of your consent are retained for two years, without prejudice to the right to withdraw the consent.

Rights of the data subjects
The data subject has the right to ask the controller to have access to his/her personal data, the rectification or the erasure of the personal data and the restriction of processing.
In some cases, he/she also has the right to object to processing of his/her personal data and the right to data portability. The rights can be exercised by contacting the Data Protection Officer at the following address rpd@cdlan.it.
The data subject has the right to lodge a complaint to the Supervisory Authority. In Italy the Supervisory Authority is the “Garante per la protezione dei dati personali”.