WHO IS THE RESPONSIBLE FOR PROCESSING YOUR DATA?
In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, General Data Protection (GDPR) and with the rest of the applicable legislation on the protection of personal data, we hereby inform you that the personal data provided within the scope of your relationship with Coges S.p.A. (IT 00527790240) by means of this website will be processed by the aforementioned company as the Data Controller.
FOR WHAT PURPOSE AND ON WHAT LEGITIMATE BASIS DO WE PROCESS YOUR DATA?
- Handling enquiries related to general corporate information and to our products and services. Legitimate basis: Consent of the interested party (Art. 6.1 a) GDPR).
- Management of CVs, including the possibility of checking the references included in them. Legitimate basis: Consent of the interested party (Art. 6.1 a) GDPR).
- Fulfilment of contractual obligations.
Legal basis for legitimacy: Execution of contract (Art. 6.1 b) GDPR).
- The fulfilment of legal obligations in tax, accounting and administrative matters arising from the contractual relationship established, where applicable.
Legal basis for legitimacy: Fulfilment of legal obligation (Art. 6.1 c) GDPR).
- Management of the complaints channel within the framework of applying the criminal compliance programme.
Legitimate basis: Legitimate interest (Art. 6.1 f) GDPR) in relation to Article 31 bis 1b) of the Penal Code.
- Sending of Azkoyen, SA marketing information to its own customers, by any means (including electronic communications) about products and/or services similar to those previously purchased. Legal basis: Legitimate interest (Art. 6.1.f) GDPR.
- In the event of consent, the sending of marketing information, by any means, including electronic, by other companies of the Azkoyen Group and, where applicable, by third parties who have signed a business partnership agreement with Coges S.p.A.
Legal basis for legitimacy: Consent of the interested party (Art. 6.1 a) GDPR).
- In the event of consent, interaction with social networks in which Coges S.p.A has a user profile (Linkedin, Facebook and Twitter).
Legal basis for legitimacy:
Consent of the data subject given through the use of the “social buttons or plugins” (Art. 6.1 a) GDPR).
TO WHOM WILL WE COMMUNICATE YOUR PERSONAL DATA?
Your personal data may be provided to external ancillary service providers contracted by Coges S.p.A such as technical maintenance companies, environmental management companies, IT service providers with access to personal data, consultancy firms, management companies, personnel selection companies, advertising and marketing companies and other similar companies that will act as data processors under the instructions of Coges S.p.A.
If you purchase our products and services, your personal data will be transferred to the official distributor closest to your home, as well as to the transport or courier companies hired to carry out the delivery.
If you give your consent, your data may be transferred for marketing purposes to the other companies of the Azkoyen Group and to organisations that have signed a marketing partnership agreement with Coges S.p.A.
When legally required, your data may also be transferred to public administration bodies and law enforcement agencies in the exercise of their duties.
HOW LONG WILL WE KEEP YOUR DATA?
Coges S.p.A will only keep your data for as long as is necessary to fulfil the purpose for which it was obtained. When your data is no longer needed for the purpose for which it was collected, it will be deleted whenever legally permitted; otherwise, it will be either blocked or made available to judges and courts, or to the competent public administrations, in particular the Spanish Data Protection Agency, to address possible liabilities arising from the processing of personal data.
- The personal data obtained through the contact form will be kept only for the time necessary to deal with the request for information.
- The personal data obtained through the registration form during personnel selection processes will be kept while these processes are open and for a maximum period of three years after the end of the process.
They will then be deleted, except in the case of candidates ultimately recruited, where their CVs will be included in the employment file.
- Personal data obtained through the complaints channel will be kept in the system of that channel for a maximum period of three months, after which the data will be deleted or made anonymous, without prejudice to the fact that in the event of an investigation the data may be processed in the information system of those assigned the functions of control and compliance.
- Personal data relating to business transactions with customers and suppliers operating as self-employed persons, as well as data relating to the legal and commercial representatives of customers and suppliers will in all cases be kept for the duration of the contractual relationship and for six years after its termination, and this period may be extended for as long as the limitation period for legal proceedings is applicable.
- Personal data of a professional nature that has been included in databases for business purposes will be kept for as long as we remain unaware of any opposition or when the data has become outdated.
WHAT SECURITY MEASURES WILL BE APPLIED TO YOUR PERSONAL DATA?
The processing of the personal data provided will be carried out applying the necessary physical, logical and organisational security measures to prevent the loss, improper use, alteration and unauthorised access to the data, taking into account the state of technology, the nature of the data and the risk analysis carried out.
HOW CAN YOU EXERCISE YOUR RIGHTS WITH REGARD TO YOUR PERSONAL DATA?
To revoke the consents granted, as well as to exercise the rights of access, rectification, suppression, opposition, limitation, portability and non-submission to automated decisions, you may address a written request to:
Via Luigi Dalla Via, 10 – 36015 SCHIO (VI) Italia
If the interested party considers that the above rights have not been respected in accordance with current legislation, he or she may submit the appropriate request for the protection of his or her rights to the Spanish Data Protection Agency.
HOW CAN YOU CONTACT OUR DATA PROTECTION OFFICER (DPO)?
You can contact our DPO via the following email address:
OBLIGATORY OR OPTIONAL NATURE OF THE DATA REQUESTED
The obligatory data in each form are identified as such by means of an asterisk (*).
The refusal to provide such information will prevent communication with the user and, if applicable, the impossibility to provide the requested information and/or service.