GENERAL DATA PROTECTION REGULATION APPLIED BY CORDON BLEU FLORENCE
This section illustrates how personal data is collected, processed and used by Mari and Blasi Snc.(GEN PTP). Personal data is what you provide when you purchase services and products from Mari and Blasi Snc.(GEN PTP), or when you visit Mari and Blasi websites ((www.cordonbleu-it.com and other company websites), complete a registration form or send e-mail messages.
Mari and Blasi Snc (GEN PTP) is committed to high standards of information security, privacy and transparency to comply with the requirements of the General Data Protection Regulation (EU) 2016/679.
2. Data Controller
Mari and Blasi Snc (GEN PTP) is the data Controller, in the person of its pro-tempore legal representative, located in Via Giusti, 7 – 50121 Firenze (FI). e-mail: email@example.com
3. Type of data Collected and use purposes
3.1 Data provided by user
Personal data such as first names, surnames, email addresses, phone numbers and information queries are required when filling and sending online forms to Mari and Blasi Snc (GEN PTP) websites in order to reply and meet users’ request by email or phone.
Sending emails to our website addresses implies the acquisition of the sender’s address, and other personal information included in the message or attachments (name, surname, company and job position, CV attached with collaboration proposals). Subscribing to service contracts implies the registration of all personal information needed to provide such services (name, surname, address, phone, email address, company and job position, regarding the contract holder as well as any other company contacts interested in service allocation and management.
All the above- mentioned personal data is used only to meet information queries, ensure supplies, and in the management and invoicing of contracted services. Personal data is also used to contact potential clients, and send newsletters.
All the above-mentioned personal data will not be disclosed or used by third parties.
3.2 Surfing data
The computer systems and software procedures used to operate the website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but by their very nature could, through processing and association with data held by third parties, allow user identification. This category of data includes IP addresses or domain names of the devices used by users in order to connect to the website, the addresses in the Uniform Resource Identifier (URI) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code reporting the status of the reply given by the server (success, error, etc.) and other parameters relating to the operating system and user device system. The data is used for the sole purpose of obtaining anonymous statistical information on the use of the website, and to check its correct functioning, and is deleted immediately after processing. The data could also be used, solely upon judicial authority request and in accordance with the law, to ascertain computer-related offences.
4. Place and personal data processing
All personal data acquired by using the website is processed and retained by the server or in eLogic data centres, which are located in Italy. The processing of personal data is under the responsibility of the company’s technical staff.
Personal data should not be transferred either to third parties or outside Italy.
Specific safety measures are taken to prevent the loss or breach of personal data, and information accessed by hackers.
5. Personal data storage period
All personal data provided by the web user are, in accordance with what stated in 3.1 above, stored, for service updating notifications or marketing news, until the user makes a request for data erasure
All data associated with clients are stored for a maximum period of 10 years after contract end. All web data collected are retained for six months, and are afterwards elaborated for statistical purposes in a way that the user can no longer be identified. Personal data storage may, by law, be kept for a longer period of time for security purposes and criminal verification.
Mari e Blasi Snc is not targeted to children under the age of 16, and does not store minor personal data. Should you feel that any personal data related to minors have been provided, contact us at the addresses below to exercise your right to erasure of the minor’s personal data. .
7. What are your rights and how they can be exercised
You may, at any time, request to verify, access, rectify, and object to the use of your data, as well as request the limitation of the use of your data. You may also request to have your data erased, provided they are not in use for an ongoing contract, or all or specific objectives (e.g. marketing) are suspended. To exercise your rights you can contact the data Controller by mail or e-mail at the address firstname.lastname@example.org, detailing your request, providing your e-mail address and phone number, and attaching an ID. You can use the same contacts for any complaints; our data protection officer will look into the matter and work with you towards a solution.