This document describes the management methods of the website www.capfito.com (“Site”), with reference to the processing of personal data of users (“User(s)”) who visit it.
This notice is provided pursuant to Article 13 of Legislative Decree No. 196/2003 and Article 32 of the GDPR – General Data Protection Regulation (EU/2016/679), the so-called Personal Data Protection Code (“Privacy Code”), to all those who communicate with Capfito srl (“Company”) by completing the specific online form to request information regarding the Data Controller’s services, order management, and other information available in the “Contacts” section of the Site, or by sending emails to the email addresses listed on the Site.
This notice applies only to the Site and not to other websites that may be accessed by the user via links on the Site.
1. Data controller and processor
The data controller is Capfito srl, with registered office at Piazza Innocenzo Vigliardi Paravia 9/c
10144 Turin (the “Data Controller”).
The data processor is Capfito srl. For an updated list of data processors, please contact info@capfito.com.
2. Types of data processed and purposes of processing
2.1 Personal data
The personal data provided by the User is collected and used by the Data Controller for the following purposes:
a) allowing the User to request information from the Data Controller regarding the services promoted on the Site;
b) processing User requests and providing them with any requested quotes;
c) managing orders;
d) with the express consent of Users, sending promotional communications and/or informative newsletters regarding goods and/or services offered by Capfito srl via email.
2.2 Browsing data
The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols.
This information is not collected to be associated with identified data subjects, but by its very nature, it could, through processing and association with data held by third parties, allow Users to be identified.
This category of data includes the IP addresses or domain names of the computers used by Users connecting to the Site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), and other parameters relating to the User’s operating system and IT environment.
This data is used solely to obtain anonymous statistical information on the use of the Site and to verify its proper functioning, and is deleted immediately after processing. The data may be used to ascertain liability in the event of hypothetical computer crimes against the Site. Except for this eventuality, web contact data is currently retained for no longer than seven days.
2.3 Cookie
For the processing of User data via cookies, please read the relevant policy, available at the following link: cookie policy.
2.4 Data provided voluntarily by the user
The optional, explicit, and voluntary sending of emails to the email addresses listed on the Site, or requests for information sent through the “Contacts” section of the Site, entail the subsequent acquisition of any other personal data of the Users included in such communications, which will be processed by the Data Controller in order to respond to them.
3. Methods of processing
Personal data is processed using manual, computerized, and automated systems for the time necessary to achieve the purposes for which it is collected.
The Data Controller adopts specific security measures to ensure data processing complies with the Privacy Code, with particular attention to preventing the loss of such data, illicit or incorrect use, or unauthorized access to databases.
4. Nature of the data and consequences of a possible refusal to respond
Data processing is necessary to forward information requests to the Data Controller, to allow the latter to process User requests, and to communicate any quotes requested for the use of Capfito srl’s services. Refusal to consent to such processing would therefore make it impossible for the User to communicate with the Data Controller and for the Data Controller to respond to User requests.
Data processing for the purpose of sending commercial communications and newsletters is optional. However, refusal to consent will prevent the User from receiving updates on Capfito srl’s news and/or promotions.
5. Rights of the interested party
The User has the right at any time to obtain confirmation as to whether or not personal data concerning him or her exists, even if not yet recorded, and to receive communication of such data in an intelligible form.
The User, in particular, has the right to obtain information on:
a) the source of the personal data;
b) the purposes and methods of the processing;
c) the logic applied in the event of processing carried out with the aid of electronic means;
d) the identification details of the data controllers and processors;
e) the persons or categories of persons to whom the personal data may be communicated, or who may become aware of it, in their capacity as designated representative in the territory of the State, data processors, or persons in charge of processing.
The User also has the right to obtain:
f) updating, rectification, or, where applicable, integration of the data;
g) deletion, anonymization, or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which it was collected or subsequently processed;
h) certification that the operations referred to in points a) and b) have been notified, including their content, to those to whom the data was communicated or disseminated, except where such compliance proves impossible or involves a manifestly disproportionate effort compared with the right being protected.
The User has the right to object, in whole or in part:
a) for legitimate reasons, to the processing of personal data concerning him or her, even if pertinent to the purpose of collection;
b) to the processing of personal data concerning him or her for the purpose of sending advertising materials or conducting market research or commercial communications.
To exercise the aforementioned rights, simply write to Capfito srl at the registered office indicated above or at info@capfito.com, indicating “Capfito – exercise of data subject rights” in the subject line.
6. Communication of data
The personal data collected on the Site will not be disclosed, sold, or transferred to third parties, except as required by law.
In any case, the Data may be disclosed to companies specifically appointed to perform specific services within the scope of the Data Controller’s activities and/or, more generally, on its behalf, who will act as independent data controllers and/or processors. This also applies to the disclosure and/or dissemination of data requested, in accordance with the law, by police forces, judicial authorities, intelligence and security agencies, or other public entities for the purposes of defense or state security or the prevention, detection, or suppression of crime.
7. Changes
This document constitutes the Site’s privacy policy, which may be subject to changes and/or updates over time.
8. Duration of treatment
The processing will last no longer than is necessary for the purpose for which the data was collected, in compliance with current civil, fiscal, and tax obligations.
*** *** ***
This privacy policy enters into force on February 6, 2023.