Privacy policy – European General Data Protection Regulation 679/2016

Data controller
Pursuant to the applicable Law and the European General Data Protection Regulation, the Data Controller is

Central Shipping Agency S.p.A. via Ludovico Breme, 25/27 – Milano -; phone number: +3902334111; VAT: 09982260151

acting through its pro tempore Legal Representative.

We inform you that the aforementioned Regulation provides for the protection of data subjects regarding the processing of personal data and that this processing activity will be based on principles of fairness, lawfulness, transparency and protection of your privacy and your rights in compliance with the provisions of Reg. 679/2016.

Purposes of processing
Your data will be processed for the following purposes related to legislative or contractual obligations, in particular:

  • purposes necessary to ascertain, exercise or defend a right in court or whenever the jurisdictional authorities exercise their duties;
  • advanced navigation purposes or personalized content management;
  • purposes related to the execution of a contract of which you are a part or to the execution of pre-contractual measures taken on your request (eg: contact request through contact form);
  • purposes of statistical research / analysis on aggregated or anonymous data, without the possibility of identifying the user, aimed at measuring the functioning of the Website, measuring traffic and evaluating usability and interest.

The processing of functional data for the fulfillment of these obligations is necessary for a proper management of the contractual relationship and their provision is mandatory to implement the abovementioned purposes. The Data Controller also states that any non-communication, or incorrect communication, of one of the mandatory information, may cause the Data Controller’s inability to guarantee the adequacy of the processing.

Methods of processing
Your personal data may be processed manually or with electronic means. Each processing activity takes place by adopting the appropriate security measures.

Disclosure of personal data:
Your personal data, given voluntarily in the services available on the present website, will be processed and managed for the purposes necessary for the correct management of the requested relationship, with guarantee of protection of the data subject’s rights. Your data will be processed only by personnel expressly authorized by the Data Controller.

In the event that personal data require the performance of a service that involves the sending of promotional notices, in accordance with the conditions and authorizations issued by the data subject, the company may use external services of third parties specialized in management of these services. In this case it will be the responsibility of the data controller to specify exactly the terms of the service and to request consent under the terms of this regulation.

Transmission of personal data:
Your personal data will not be disclosed in any way.

Storage period
Please note that, in compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 of the GDPR, the storage period of your personal data is:

  • Established for a period of time not exceeding the completion of the services provided.
  • Compliant to the terms of the law provided for by the specific processing.

Cookie management:
For more details see the extensive information on cookie management in the footer on the homepage:

In the event that you have any doubts or concerns regarding the use of cookies, you can always choose to prevent them from being set and read, for example by changing the privacy settings in your browser in order to block them.

Data subject’s rights:
You have the right to obtain from the Data Controller the erasure (right to be forgotten), limitation, updating, correction, portability, object to the processing of personal data concerning you, as well as in general can exercise all the rights provided from the articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR.

  1. The data subject has the right to obtain confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in intelligible form.
  2. The data subject has the right to obtain information about:
    1. the origin of personal data;
    2. the purposes and methods of processing;
    3. the logic applied in case of processing activity carried out with the aid of electronic means;
    4. the contact details of the Data Controller, of the Data processor and of the designated representative according to article 5, paragraph 2;
    5. subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, processors or in charge of.
  3. The data subject has the right to obtain:
    1. the update, rectification or, when interested, to have incomplete personal data completed;
    2. the erasure, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
    3. the proof that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment proves impossible or would involve a disproportionate effort;
    4. data portability.
  4. The data subject has the right to object, in whole or in part:
    1. for legitimate reasons, to the processing of personal data concerning him, even if pertinent to the purpose of the collection;
    2. to the processing of personal data concerning him for the purpose of sending advertising or direct sales or for carrying out market research or commercial communication

Right to lodge a complaint:
The data subject has the right to lodge a complaint with the competent supervisory authority and to appeal to the competent national courts of the Member States in accordance with Article 79 – Competent Authority www.garanteprivacy.it

Profiling
For the purposes and types of data collected from this website, the absence of an automated decision-making process, including the profiling referred to in Article 22, paragraphs 1 and 4, is confirmed.

Further information
For any further need, request for information or clarification, please contact our office at the telephone numbers and / or email listed below (area footer).
Tel +390233411468
Mail: privacy@csaspa.com