Chrysos S.p.A (hereinafter referred to as the “Controller“), a limited liability company established under the laws of Italy with headquarters at Via Albertoni 10, Romano d'Ezzelino (VI) 36060 – Italy -, Tax Code and VAT n. 01917760249 enrolled at the Business Registry of Vicenza with no. 193668 R.E.A., duly complies with the rights of all who use this website in terms of privacy. Chrysos S.p.A. strictly adheres to the European Union (EU) Regulation 2016/679 (hereinafter referred to as the “GDPR”). In this regard, this document details the ways in which the Controller processes personal data collected on this website.
Type of data collected
The following data may be collected in this website (only if the user, under no obligation to do so, provides it):
Personal data provided by filling out forms;
The collection of aforementioned data (hereinafter referred to as the “Data“) is essential in order to provide the appropriate sales service, after-sales assistance and any other services that the user could benefit from while browsing this website. Refusal or failure to provide Data, or any part thereof, may result in the Controller’s impossibility to provide the services promised in the website and therefore exonerates the Controller from any responsibility related to such services in this regard.
The Data occasionally requested on the website will be strictly limited to those Data which are deemed necessary for providing the relevant service provided that the website shall specifically indicate when the collection of a certain Data is indispensable for the performance of a certain service.
Any Data processing must be based on a "justification" (or “legal basis”). Data are utilized by the Controller in the following circumstances:
The Controller has the right to share Data with its affiliated companies, and those employees, consultants and collaborators who are specifically appointed to process Data and assigned to assist the Controller in carrying out the services offered by this website. Such persons are requested to adhere to the same legal requirements guaranteed by the Controller.
The collected Data will not be transferred to other countries.
The Controller will, however, have the right to respond to any request relating to Data when requested by the law, when such communication is deemed necessary for the protection of its rights, to comply with judicial proceedings, court orders, or requests coming from any governing body, and / or in relation to any other legal action which may occur.
The Controller has adopted, and will continue to adopt, any necessary safety measure for protecting the Data in order to deal with potential risks such as: accidental or unlawful destruction, accidental loss, alteration, transmission or unauthorized access of Data. To better protect Data, devices used by the user of this website need to be protected (with updated antivirus systems) and the user's internet service provider must take appropriate measures for a secure transmission (such as firewalls and spam filters).
Data shall be retained only for the period necessary to perform the services requested by the user of this website. It should be noted, however, that it is Controller’s practice to conserve Data for a period of five years from the termination of the last interaction with the user, unless the laws specify otherwise. It is understood that the portion of Data that must be kept to meet legal obligations, or to deal with the possibility of any complaint or request, will be kept for the relevant amount of time required.
Each user of this website who confers his/her Data may exercise the following rights at any time by contacting the Controller at the address indicated in the initial paragraph of this document.
Right of access. Each user of this website is entitled to:
a) Obtain confirmation from the Controller that data concerning him / her are being processed;
b) Be informed of the existence of adequate guarantees relating to the transfer of Data to a third country or to any international organization;
c) Obtain explicit information on Data processed pertaining to him/her self.
Right of rectification. Each user of this website can request the Controller to make adjustments to incorrect Data as well as, taking into consideration the processing purposes, to update any Data by providing any additional information in order to complete missing or inaccurate Data.
Right to erasure. Each user of this website has the right to request the Controller to erase any Data for any of those reasons provided for by the GDPR. For example, if the retention of any Data is no longer necessary with respect to the purpose for which they were collected or otherwise processed, or, if the consent on which the processing of any Data is based on has been revoked and no other legitimate reason for retaining such Data exists.
Right to restriction of processing of Data. Each user of this website has the right to limit the processing of Data if one of the conditions under art. 18 of the GDPR is fulfilled. For example, in the case of a dispute regarding the accuracy of the Data or of an opposition to its processing without prejudice to any appropriate verification by the Controller with regards to the prevalence of a legitimate reason to process such Data.
Right to Data portability. Each user of this website has the right to request obtaining his own personal Data to be supplied in a structured, user-friendly, format which could be readable by an automated device or transmitted by the Controller directly to another Each user will ensure to specify the necessary details for a proper identification of the relevant Data.
Right to object. Each user of this website, at any time, has the right to object the processing of his / her Data if the processing appears to occur in a manner contrary to the principles of law or to the GDPR’s rules.
Right to submit a complaint to the Guarantor for the protection of personal data. Each user of this website, at any time, has the right to lodge a complaint to the appropriate Authorities for the Protection of personal Data, in order to assert their rights in terms of privacy and protection of personal data.