Data Controller and Reference Legislation

Privacy Policy

The Data Controller is CMS Srl, located at Via Bizzozzero 93 – 20032 Cormano MI – Tax ID 13439340152 – Certified Email: coiver@gigapec.it, hereinafter referred to as “CMS” for short. CMS processes personal data in compliance with the European legislation on the Protection of Personal Data (hereinafter "GDPR" for short). In accordance with Articles 12, 13, and 14 of the GDPR, the Data Controller provides this information on the processing of personal data carried out by it.

Scope of Application

This policy applies to CMS and its website and the personal data relating to individuals. CMS cannot be and is not in any way responsible for the processing by independent third parties and for third-party websites that may be accessed through any links present on the CMS website.

Purposes of Processing Without Express Consent

All personal information that you provide without expressing explicit consent, whether via web, email, or other means, is optional and the result of your free choice. This information will be processed solely by CMS for the purposes of: (a) responding to and fulfilling your requests, (b) meeting any contractual obligations of mine, (c) pursuing legitimate interests of the Data Controller [example: legal defense], (d) complying with legal and fiscal obligations.

Purposes of Processing With Express Consent

Only upon explicit consent from the data subject, CMS will process the personal data of individuals for promotional and commercial purposes: for example, to inform you about new product or service offerings.

Data Retention Period

CMS will retain personal data for the period necessary and sufficient for the declared purposes or as provided by legal and fiscal regulations, or until the data subject requests their deletion (see also Data Subject Rights).

Data Subject Rights

The natural person to whom the data refers ("data subject") has the following rights:

  • To revoke consent from the Data Controller at any time*
  • To file a complaint with the Supervisory Authority (guarantor),
  • To request the Data Controller to access the data to verify its accuracy and, if necessary, request its correction,
  • To ask the Data Controller for the portability of their data in an intelligible format (.csv),
  • To request the Data Controller the deletion** of your personal data

* this does not affect the lawfulness of the processing before the withdrawal

** the request for deletion will be satisfied unless there are other legal grounds that require retaining the data: for example, data necessary for the fulfillment of our contractual or regulatory obligations.

Categories of Personal Data

Unless otherwise freely provided by the data subject, CMS processes only "ordinary" personal data. The systematic and continuous processing of "special categories" of data (i.e., sensitive, medical, judicial, etc.) is excluded.

Sources of Personal Data

CMS may receive your personal data directly from you by your free choice (via email, website, telephone, fax, etc.) or from public sources (public registers, social media, etc.). Regardless of the source, CMS will not process the personal data of individuals for promotional or commercial purposes without their explicit consent.

Contacts / Questions

Contact the Data Controller to exercise your rights or to request clarifications.

it_IT