Privacy Policy

Last updated: 03 november 2022

Who we are

Our website address is: cesura.it

This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us on cesura.it. 

Associazione Culturale Cesuralab, with registered offices in Via Del Campo Sportivo 6, 29010, Pianello Val Tidone, PC, Italy is the data controller of any personal data you provide to us, including in relation to this website. 

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

This Privacy Notice explains the following:

  • Information we may collect
  • How we use this information
  • How we store your personal data
  • How we secure your personal data
  • Information sharing and disclosure
  • International and group company transfers 
  • Your rights
  • Our responsibility for website links
  • Updates
  • How to contact us

In the Supplementary Information section of this Privacy Notice, we explain what is meant by “personal data” and other terms used in this notice. 

1. Information we may collect 

The type of information we collect will depend on the circumstances and the service you are using. Generally speaking, we will collect information relating to you and/or your use of our services in the following ways: 

  • Information relating to your use of the website

We collect information about how you use our website. This includes information relating to the pages you visit on our website, the services or information your search

for and the links and content you choose to access. We may also use the personal information you provide through your use of our website to provide you with relevant content and to inform our marketing strategy. This type of activity is known as “profiling” – using automated means to process your personal data to analyse or predict your personal preferences, interest or behaviours. You can object to profiling (see below).

  •  Technical data 

We collect information about the device(s) you use to access our site. This includes collecting unique mobile device ID or the internet protocol (IP) address online identifiers, which are numbers that can uniquely identify a specific computer or other network device on the internet. This information is linked to a cookie ID, which we receive and process. You may find more information on the cookies we use and the purposes for which we use them on our separate Cookie Notice (available here: https://cesura1.wpengine.com/terms-and-conditions/)

  • Contact data

We collect contact details when you sign-up to subscribe to our newsletters

The personal data we collect includes your name, email address and country. 

  • Marketing and communications data 

We collect information about your preferences in receiving marketing information from us and your communication preferences. 

Children

We do not actively seek to collect information about children aged 18 or under. If you have any concerns about your child’s privacy in relation to our services, or if you believe that your child may have entered personal data onto our website, please contact us at info@cesura.it. We will delete such information from our records within a reasonable time. 

2. How we use this information

Except where required by law, we use the personal data you provide for the following purposes: 

  • to deliver the specific information or services you have requested;
  • send you newsletters and information relating to our brands and services;
  • respond to your requests and feedback; and 
  • analyse and/or improve our services. 

Under data protection law we are required to advise you on the legal basis for processing your personal data. For the most part, the processing of your personal information is based either on a) our legitimate interests related to us providing you services you have requested or otherwise your customer relationship with us, or b) your consent, where requested. 

In the table below we set out further information about the purposes for which we use your personal data and the legal basis we rely on for its use. Note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data.

Purpose/ActivityTypes of personal data that may be processedLawful basis for processing including basis of legitimate interest
To improve and develop our website:We conduct statistical analysis on your usage of the website e.g. to enable us to improve our website, offer new features and materialTechnical informationUsageNecessary for our legitimate interest (to define types of clients for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy).
To respond to any enquiries or feedback that you send usTo update you with any changes to our terms and conditions/other policiesName; Email address; Telephone number; Country
Any other information you volunteer in your enquiry or feedback
It is in our legitimate interest to respond to communications that you send to us, inform you of relevant information in relation to the services that we provide and utilise your information to improve our business.In some cases, the processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract with us.
To share information with our service providers.NameEmail addressTelephone numberUsageMarketing and communicationsTechnical informationIt is our legitimate business interest to share your data with trusted third parties who provide us with services relevant to the provision of our website.
To share information with other third parties, such as regulator and law enforcement agenciesNameEmail addressTelephone numberJob title and roleCompanyCountryUsageTechnical informationWe share your data as necessary for compliance with any legal obligation to which we are subject or in order to satisfy our legitimate business interests.

3. How long we will keep your information 

We will keep your personal data for as long as is necessary for the relevant service, in accordance with our legal obligations. After this time, your personal data will either be securely deleted or anonymised so that it can be used for analytical purposes. You may request further information via the contact details given in this Privacy Notice.

4. How we secure your information 

We maintain appropriate organisational and technological safeguards to help protect against unauthorised use, access to or accidental loss, alteration or destruction of personal data. We also seek to ensure our service providers do the same. 

5. Information Sharing and Disclosure

Information shared with our third-party service providers

We use a number of third parties to perform business functions on our behalf, such as sending our newsletters and hosting our online services and customer relationship management. We will only disclose the information necessary to enable these third parties to perform their services. Our service providers are contracted to comply with

our instructions and we require that they do not use your personal data for their own business purpose. 

Information shared with other parties 

Where required or permitted by law, personal data may be provided to others, such as regulator and law enforcement agencies, for example in response to a court order or a subpoena, or in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, prevent or take action regarding illegal activities, and as otherwise required by law. 

6. Your rights 

  • Object to our processing of your personal data where we are relying on legitimate interest (or those of a third-party), and you want to object to processing on this ground, as you feel it impacts on your fundamental rights and freedoms. You also have a right to object where we are processing your personal data for the purposes of direct marketing or profiling. You can object at any time and we shall stop processing the information you have objected to, unless we can show compelling legitimate grounds to continue that processing. 
  • Access your personal data. If you make this kind of request and we hold personal data about you. We are required to provide you with information on it, including a description and copy of the personal data and why we are processing it. We will require you to prove your identity before granting access to your personal data. We will process your request within the timeframe required under the relevant law. 
  • Request the transfer of your personal data. We will provide to you or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Please note, this right applies to the personal data you have provided to us; and if we use your personal data on the basis of consent or where we used the information to perform a contract with you. 
  • Request erasure (deletion) of your personal data.  You have a right to ask us to delete or remove your data where you have successfully exercised your right to object (see above), or where we are required to erase your personal data to comply with local law. Please note, we may be required to retain certain information by law and/or for our own legitimate business purpose. But when we do so, we will inform you.
  • Request correction or updating of your personal data. This enables you to have any incomplete or inaccurate data we hold about you corrected. 
  • Request the restriction of our processing of your personal data in some situations. If you request this, we can continue to store your personal data but are restricted from processing it while the restriction is in place.
  • Withdraw your consent. Where you have provided your consent to our processing of your personal data you can withdraw your consent at any time. If you do withdraw consent, that will not affect the lawfulness of what we have done with your personal data before you withdrew consent.
  • Make a Complaint. We will do our best to resolve any complaint. However, if you feel we have not resolved your complaint, you have a right to make a complaint to your local data protection authority. For example, in Italy the Supervisory Authority is the Garante per la protezione dei dati personali, located in Piazza Venezia n. 11, 00187 – Rome (http://www.garanteprivacy.it/).

If you exercise the rights above and there is any question about who you are, we may require you to provide information from which we can satisfy ourselves as to your identity. 

7. Our responsibility for website links

This Privacy Notice is limited to the personal data collected by Associazione Culturale Cesuralab. We do provide links within this site to other websites, including social media sites such as Facebook, You Tube, Vimeo. If you follow these links, you should use these sites in conjunction with their applicable user and privacy notices as their data practices fall outside the scope of this Privacy Notice. Further, we can have no responsibility for or control over the information collected by any third-party website and we cannot be responsible for the protection and privacy of any information which you may provide on such websites.

8. Updates

This Privacy Notice may be updated from time to time to reflect changes in law, best practice or a change in our practices regarding the treatment of personal data.  The date of the most recent revision will appear at the top of this page. If you do not agree to the changes, please do not continue to use our services and please refrain from sharing your personal data with us. You should check this notice frequently for updates. 

9. Contact us

If you have any questions about this Privacy Notice, our approach to privacy or you would like to exercise any of the rights mentioned in this Privacy Notice you can contact our Data Protection Officer in any of the following ways:

Address: Associazione Culturale Cesuralab, Via Del Campo Sportivo 6, 29010 Pianello Val Tidone (PC), Italy.

Email: info@cesura.it

SUPPLEMENTARY INFORMATION

In this Supplementary Information section, we explain some of terminology used in this Privacy Notice. 

“data controller” – the person or company that controls the purposes and means of processing personal data. 

“personal data” – any information that relates to you (or from which you can be identified). 

“processing” – means doing anything with data. For example, it includes collecting it, holding it, disclosing it and deleting it. 

“profiling” – using automated means to process personal data in order to work out certain things about people, like analysing or predicting their performance at work, reliability, economic situation, personal preferences, interests, behaviour, location or movements.

“transfer” – sending personal information outside the European Economic Area (e.g. by storing it on equipment located outside the European Economic Area), or allowing someone from outside the European Economic Area to access the personal information.

Newsletter Section 

Associazione Culturale Cesuralab, “CESURA”, with  registered office in Via Del Campo Sportivo 6, Pianello Val Tidone (PC), Italy, P. IVA 01502750332, C.F. 01502750332 (hereinafter, “Owner”), owner of the website cesura.it (hereinafter, the “Site”), as owner of the processing of personal data of the users of the Site (hereinafter, the “Users”) provides below the privacy policy pursuant to art. 13 of Legislative Decree 196/2003, as amended by Legislative Decree 101/2018 (hereinafter, the “Privacy Code”) and pursuant to art. 13 of EU Regulation 2016/679 of April 27, 2016 (hereinafter, the “Regulation”, the Regulation and the Privacy Code are together referred to as the “Applicable Legislation”).

This Site and the services that may be offered through the Site are reserved for individuals who have reached the age of eighteen years. The Owner does not collect personal data relating to persons under the age of 18. At the request of users, the owner will promptly delete all personal data collected involuntarily relating to persons under 18.

The owner takes into the utmost consideration the right to privacy and protection of personal data of its users. For any information in relation to this privacy policy, Users may contact the Controller at any time, using the following methods:

  • by sending a registered letter with return receipt to the registered office of the owner (Via Del Campo Sportivo 6, Pianello Val Tidone, PC);
  • by sending an e-mail message to info@cesura.it.

1 Purposes of the treatment

Users’ personal data will be lawfully processed by the Data Controller pursuant to art. 6 of the Regulations for the following purposes

to process the user’s request: the personal data of the users are collected and processed by the owner for the sole purpose of processing the user’s request for the sending of the newsletter. therefore, the user will receive a periodic newsletter from the owner which will contain information, updates and news regarding the owner and the triboo group. the user’s data collected by the controller for this purpose includes: first name, last name and email address. no other processing will be carried out by the controller in relation to the user’s personal data. without prejudice to what is provided elsewhere in this privacy policy, in no case will the controller make the user’s personal data accessible to other users and/or third parties.

administrative-accounting purposes, or to carry out activities of an organizational, administrative, financial and accounting, such as internal organizational activities and activities functional to the fulfillment of contractual and pre-contractual obligations;

legal obligations, i.e. in order to fulfil the obligations provided for by law, by an authority, by a regulation or by the European legislation.

The provision of personal data for the purposes of treatment above is optional but necessary, since failure to provide the same will make it impossible for the User to receive the newsletter from the Owner. In case of consent, the User may at any time revoke the same, by making a request to the Owner in the manner indicated in paragraph 2 below.

The User can easily oppose further sending of newsletters also by clicking on the appropriate link for the revocation of consent, which is present in each email containing the newsletter. Once the revocation of consent has been made, the Owner will send the User an email to confirm the revocation of consent.

The personal data that are necessary for the pursuit of the processing purposes described in this paragraph are indicated with an asterisk in the request form.

2 Modalities of Treatment and Data Retention Times

The Data Controller will process the personal data of the Users by means of manual and computerized tools, with logic strictly related to the purposes and, in any case, in such a way as to ensure the security and confidentiality of the data.

The personal data of the Users of the Website will be kept for the time strictly necessary to carry out the primary purposes described in paragraph 1 above, or in any case according to what is necessary to protect the interests of both the Users and the Data Controller in civil law.

3 Scope of communication and dissemination of data

The personal data of the Users may come to the knowledge of the employees and/or collaborators of the Owner in charge of managing the Site and the requests of the Users. These subjects, who have been instructed to do so by the Owner pursuant to art. 29 of the Regulations, will process the User’s data exclusively for the purposes indicated in this statement and in accordance with the provisions of the Applicable Regulations.

Users’ personal data may also be disclosed to third parties who may process personal data on behalf of the Data Controller as “External Data Processors”, such as, for example, suppliers of IT and logistics services functional to the operation of the Site, suppliers of outsourcing or cloud computing services, professionals and consultants.

Users have the right to obtain a list of any data processors appointed by the Data Controller, by making a request to the Data Controller in the manner indicated in paragraph 4 below.

4 Rights of the interested parties

Users may exercise the rights guaranteed to them by the Applicable Regulations by contacting the Data Controller in the following ways:

by sending a registered letter with return receipt to the registered office of the Holder: CESURA, via Del Campo Sportivo 6, 29010 Pianello Val Tidone (PC) 

by sending an e-mail message to info@cesura.it.

Pursuant to the Applicable Regulations, the Data Controller informs that the Users have the right to obtain the indication (i) of the origin of the personal data; (ii) of the purposes and methods of the processing; (iii) of the logic applied in case of processing carried out with the aid of electronic instruments; (iv) of the identification details of the data controller and of the persons in charge; (v) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity of persons in charge or delegated.

Moreover, Users have the right to obtain:

a) access, updating, rectification or, when they are interested, integration of the data;

b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;

c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

Furthermore, Users have:

(a) the right to revoke their consent at any time, if the processing is based on their consent (including through the simplified methods referred to in paragraph 1);

b) the right to data portability (the right to receive all personal data concerning them in a structured, commonly used and machine-readable format), the right to restriction of the processing of personal data and the right to erasure (“right to be forgotten”);

(c) the right to object:

(i) in whole or in part, for legitimate reasons to the processing of personal data concerning them, even if pertinent to the purpose of collection.

d) if they consider that the processing of their data is in breach of the Regulation, the right to lodge a complaint with a supervisory authority (in the member state in which they have their habitual residence, in the member state in which they work or in the member state in which the alleged breach has occurred). The Italian supervisory authority is the Guarantor for the protection of personal data, based in Piazza di Monte Citorio n. 121, 00186 – Rome (http://www.garanteprivacy.it/).

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.