The Cembre Group (hereinafter “Cembre”) undertakes to protect the online privacy of its website's users. Without prejudice to any local laws and regulations that may be applicable to sites in foreign countries, this Privacy Policy has been drafted, in accordance with Articles 13 and 14 of Regulation (EU) 2016/679 (hereinafter “Regulation”), for the purpose of informing those that interact with Cembre websites (hereinafter “Site” or “Sites”), whether merely browsing or by using specific services made available on the Sites, with regard to the ways in which their personal data will be processed during the use of the same. The Privacy Policy and the Cookie Policy also provide the information necessary to allow users to give explicit and informed consent for the processing of their personal data, where applicable.
The processing of your data will be based on the principals of fairness, lawfulness, transparency, purpose limitation, data minimisation and accuracy, integrity and confidentiality, as well as the principal of accountability provided for by Article 5 of the Regulation. Your personal data will therefore be processed in accordance with the legislation of the Regulation and the duties of confidentiality provided therein.
Processing of personal data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Contents
1. DATA CONTROLLER
2. CATEGORIES AND TYPES OF PERSONAL DATA PROCESSED
a. browsing data.
b. data provided by the user voluntarily.
c. data processed on the basis of the services provided online.
d. data acquired from third parties
e. Cookies.
3. PURPOSES OF THE PROCESSING
4. LEGAL BASIS AND COMPULSORY OR OPTIONAL NATURE OF THE PROCESSING
5. RECIPIENTS OF PERSONAL DATA
6. TRANSFER OF PERSONAL DATA
7. RETENTION OF PERSONAL DATA
8. RIGHTS OF THE DATA SUBJECT
9. AMENDMENTS
10. CONTACT DETAILS
1. DATA CONTROLLER
The Data Controller is Cembre S.p.A., with registered office in Via Serenissima, 9, 25135 - Brescia (hereinafter “Data Controller” or “Cembre”), which can be contacted via the email address privacy@cembre.com.
2. CATEGORIES AND TYPES OF PERSONAL DATA PROCESSED
Please note that, by using the Site, Cembre may collect and process personal information and data concerning you, which may take the form of a name, an identification number, location data, an online identifier or one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity which may identify you or make you identifiable, depending on the type of services you require (hereinafter “Personal Data”).
The personal data processed by the Site are as follows:
a. Browsing data
The operation of the Site requires the use of computerised systems and software programmes that collect information concerning the Site’s users as part of their normal operation. Although Cembre does not collect such information for the purpose of association with specific users, it is nevertheless possible to identify such users directly by means of said information or by using other information collected - as such, this information is also deemed to be Personal Data.
This information includes various parameters relating to the user’s operating system and computer environment, such as the IP address, location (nation), computer domain names, URI (Uniform Resource Identifier) addresses of the resources requested on the Site, the time of the requests, the method used to send requests to the server, the size of the files obtained in response to a request, the numerical code indicating the status of the response given by the server (success, error, etc.) and so on.
This information is used for the sole purpose of obtaining anonymous statistical information regarding the use of the Site, in order to check it is operating correctly and to identify any malfunctions and/or abuse of the Site, in addition to identifying the perpetrators in the event of anl cybercrimes against the Site or third parties.
b. Data provided by the user voluntarily
Without prejudice to any reference to any specific policies contained in specific sections of the Site, this Privacy Policy is understood to refer to the processing of data that you provide voluntarily for the various forms that may be present on the site, such as:
- the information request for, for example in the “contact Cembre” section and the “reserved area”, for which you will be required to provide your name, surname, company position and your contact details - email address, telephone and fax number - in addition to including a specific request, which may contain further personal data. With regard to this specific request, we kindly ask that you do not include any information that could fall within the special categories of personal data pursuant to Article 9 of the Regulation (“...personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation”).
- the “work with us” form in the job opportunities section, for which you will be required to provide your name, surname, address and your contact details - email address, telephone and fax number - in addition to your CV and any other comments or notes which may contain further personal data. With regard to this specific request, we kindly ask that you do not include any information that could fall within the special categories of personal data pursuant to Article 9 of the Regulation (“...personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation”).
- the newsletter registration form for which you will be asked to provide your name, surname and contact details, including your email address and country of origin.
c. Data processed on the basis of the services provided online
Without prejudice to references to any specific policies contained in specific sections of the Site, this Privacy Policy is understood to refer to the processing of data that you provide voluntarily for the purposes of providing online services, with particular regard to the following services:
- registration and access to your personal area, for which your personal information and contact details will be processed in addition to information relating to your company such as VAT number, industry and company name.
d. Data acquired from third parties
In some cases, Cembre may also collect your data from third party sources, for example if you enter your personal information and contact details on social media forms such as LinkedIn. Even in such cases, the data you provide will be processed in accordance with this policy.
e. Cookies
The Cookie Policy is available on the website http://www.cembre.com in the “Legal / Privacy & cookie policy” area.
3. PURPOSES OF PROCESSING
Your personal data and the information you provide will be processed, with your consent where necessary, for the following purposes, where applicable:
- to enable browsing of the site and the provision of services made available by the Data Controller therein, including the management and security of the site, the contractual and administrative and accounting relationships, in addition to enabling access to and registration for a personal account on the Site, to verify the user’s identity and assist the user, in the event the user loses and/or forgets the login/password details for the personal account on the site, as well as performing any other services required and/or handling specific requests addressed to the Data Controller which are sent via the specific forms made available on the site (“Provision of Services”);
- to fulfil legal obligations that require Cembre to collect and/or carry out further processing on certain types of Personal Data (“Compliance”);
- to prevent or identify any abuse in the use of the site or any fraudulent activity and consequently to allow Cembre to protect itself in legal proceedings (“Abuse/Fraud”);
- to send marketing communications, promotions and advertising, market research and surveys by means of, including by not limited to, email, sms, mms, apps, bots, postal mail, telephone and/or through official Cembre Group accounts on social networking platforms (“Marketing”);
4. LEGAL BASIS AND COMPULSORY OR OPTIONAL NATURE OF THE PROCESSING
The legal bases used by Cembre to process your Data, in accordance with the purposes stated in Paragraph 2, are as follows:
a) Provision of Service: processing of personal data is required for these purposes in order to be able to provide the Services and, as such, to perform the contract stipulated with you. It is not mandatory to provide Cembre with your Personal Data for this purpose, however it will not be possible to provide any service if such Personal Data is not provided. In these cases, the legal basis will be Article 6, paragraph 1, point b) of Regulation (EU) 2016/679 (“GDPR”) (“...processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”), since the processing is necessary to provide the services.
b) Compliance: the processing of personal data for these purposes is required by Cembre in order to fulfil any legal obligations. When you provide Cembre with Personal Data, these must be processed in accordance with the legislation in effect, which may result in their retention or transmission to Authorities for accounting and fiscal obligations or obligations of a different nature. In these cases, the legal basis will be Article 6, paragraph 1, point c) of the Regulation (“...processing is necessary for compliance with a legal obligation to which the controller is subject”).
c) Abuse/Fraud: the information collected for this purpose will be used solely to prevent or identify any fraudulent activity or abuse in the use of the site and consequently to allow Cembre to protect itself in the appropriate forums. In these cases, the legal basis is based on the Data Controller's legitimate interests pursuant to Article 6, paragraph 1, point f) of the Regulation.
d) Marketing: the processing of personal data for this purpose is based on consent. It is not mandatory to consent to processing for marketing purposes and you are free to withdraw your consent at any time by following the instructions given in Paragraph 8 of this Privacy Policy.
5. RECIPIENTS OF PERSONAL DATA
For the purposes indicated in Section 3 of this Policy, your Personal Data may be shared with:
- Any person acting as a Data Processor on behalf of Cembre pursuant to Article 28 of the Regulation, in particular:
- Any person engaged to provide Services (for example, hosting providers or email platform suppliers);
- Any person authorised to carry out technical maintenance (included the maintenance of network equipment and electronic communication networks).
- Any person authorised by the Data Controller, in accordance with Article 29 of the Regulation, to process the personal data necessary to carry out activities strictly associated with the provision of services, that have committed to confidentiality or have an adequate legal obligation to confidentiality (for example, members of the board of directors, board of statutory auditors, executive committees, Country managers, HSE managers, finance managers, manufacturing managers, IT managers, procurement managers, sales managers and sales agents, system administrators.
- Any person, body or authority to whom there is an obligation to transmit your personal data by virtue of legislation or by order of the authorities;
- Your personal data may be accessible to other Cembre Group companies for the same purposes outlined above and/or for administrative and accounting purposes pursuant to Article 6, paragraph 1, point f) and Recitals 47 and 48 of the Regulation.
These persons are hereafter referred to collectively as “Recipients”.
6. TRANSFER OF PERSONAL DATA
Certain Personal Data could be shared with recipients that may be outside of the European Economic Area (“EEA”). Cembre ensures that the processing of Personal Data by these recipients is carried out with due regard for the applicable legislation.
7. RETENTION OF PERSONAL DATA
The personal data processed for the purposes stated in Section 2, point a) will be retained for the time strictly necessary to achieve such purposes. In any case, since this processing is carried out for the provision of services, the Data Controller will retain the personal data for the period required and allowed by Italian legislation for protecting its interests (Article 2946 et seq of the Italian Civil Code).
For the purposes provided for in point b) and c), the data will be retained as long as required by the specific obligation or rule of law that applies.
For the purposes provided for in point d), your personal data will be processed until you withdraw consent for the processing.
In general, the Data Controller reserves the right in any case to retain your data for the time necessary to fulfil any legal obligation to which it is subjected or to satisfy any defence requirements. The Data Controller’s ability to retain your personal data for the period required and allowed by Italian law for protecting its interests (Article 2947 of the Italian Civil Code) shall remain unaffected.
Further information relating to the data retention period and the criteria used to determine such period may be requested by sending a written request to the Data Controller at the addresses indicated in the “Contact Details” section of this Privacy Policy.
8. RIGHTS OF THE DATA SUBJECT
You have the right to access the Personal Data concerning you at any time, pursuant to Articles 15-22 of the Regulation. In particular, you may request rectification, erasure, restriction of processing and data portability; you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (pursuant to Article 22), as well as to withdraw any consent that you may have given.
You also have the right to object at any time and without any justification to the transmission of direct marketing through automated means (for example sms, mms, email, push notifications, fax, automated telephone call systems without an operator) and non-automated means (paper mail, telephone calls with an operator). Furthermore, with regard to direct marketing, your ability to partially exercise this right shall remain unaffected; that is, for example, only objecting to the transmission of promotional communications sent by means of automated tools.
You may also present a request to object to the processing of your Personal Data pursuant to Article 21 of the Regulation by giving evidence of the reasons that justify the objection. The Data Controller reserves the right to evaluate your request, which will not be accepted if there are legitimate binding reasons for the processing that prevail over your interests, rights and freedom.
Requests must be made in writing to the Data Controller at the addresses indicated in the “Contact Details” section of this Privacy Policy.
In any case, you are always entitled to lodge a complaint with the supervisory authority (Italian Data Protection Authority), pursuant to Article 77 of the Regulation, if you consider that the processing of personal data relating to you infringes the current legislation or to seek judicial remedy pursuant to Article 79 of the Regulation.
9. AMENDMENTS
The Data Controller reserves the right to amend or update the content of this Privacy Policy, including as a result of changes to the applicable legislation. The Data Processor therefore kindly asks that you visit this section regularly to acquaint yourself with the most recent version of the Privacy Policy in order to stay informed of the data collected and how Cembre uses such data.
10. CONTACT DETAILS
To exercise the rights outlined above or for any other request, you can write to the Data Controller at the address Via Serenissima, 9, 25135 - Brescia or at the email address privacy@cembre.com.
Follow us
Thank you, your request has been send successfully
You'll be contact soon by our commercial staff