Back
Casatiflock
Italiano English

Privacy Policy

Information document pursuant to and for the purposes of Article 13 of Regulation (EU) 2016/679 (GDPR)

WHY THIS INFORMATION

Pursuant to Regulation (EU) 2016/679 (hereinafter "GDPR"), this page describes the methods of personal data processing. This is an information notice provided pursuant to Art. 13 GDPR. This information is not to be considered valid for other third-party websites, which may be consulted via links on this website, for which no responsibility is assumed.

Processable personal data

Personal data: any information relating to an identified or identifiable natural person («data subject»); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (C26, C27, C30 GDPR).

Data of contractors/users.

Browsing data

The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment.

Data communicated voluntarily

The optional, explicit and voluntary sending of messages to the contact addresses indicated on this site and/or the compilation of data collection forms entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data entered.

Information on the processing of personal data carried out through Social Media platforms

Regarding the processing of personal data carried out by the managers of the Social Media platforms used by the Data Controller, please refer to the information provided by them through their respective privacy policies. The Data Controller processes the personal data provided by users through the pages of the dedicated Social Media platforms, to manage interactions with users (comments, public posts, etc.) and in compliance with current legislation.

Specific information notices

Specific information notices may be present on the Site pages in relation to particular services or data processing provided.

Cookies and other tracking systems. What are they? What are they for?

For Cookies and other tracking systems, please refer to the cookie policy in the footer of the site and at the following link.


1. WHO IS THE DATA CONTROLLER? HOW TO CONTACT THEM?

The Data Controller is CASATI FLOCK S.R.L., with registered office in via C. Battisti n. 8, 20838 Renate (MB), in the person of its pro-tempore Legal Representative, who can be contacted for any information via e-mail info@casatiflock.it


2. PURPOSE OF PROCESSING, LEGAL BASIS, DATA RETENTION PERIOD AND NATURE OF PROVISION

PURPOSE OF PROCESSING

LEGAL BASIS

RETENTION PERIOD

NATURE OF PROVISION

Browsing on this website. The data necessary for the use of web services are also processed for the purpose of: •obtaining statistical information on the use of services (most visited pages, number of visitors per hour or day, geographical areas of origin, etc.); •checking the correct functioning of the services offered.

Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, taking into account the reasonable expectations of the data subject and the activities strictly necessary for the functioning of the site and browsing itself (Art. 6, par. 1 lett. f and C47 of the GDPR)

Browsing data will be retained for the duration of the browsing session.

The provision of data is necessary for browsing the website.

Use of cookies and similar technologies. See the cookie policy in the footer of the site

For non-technical cookies and similar technologies, processing is based on consent to the processing of personal data (Art. 6 par. 1 lett. a and C42, C43 of the GDPR). Consent is given through the banner and the cookie policy of the site

See the cookie policy in the footer of the site

See the cookie policy in the footer of the site

In addition to browsing, personal data will be processed for:

PURPOSE OF PROCESSING

LEGAL BASIS

RETENTION PERIOD

NATURE OF PROVISION

A) CONTACTS, sending contact requests, information

processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; (C44) Art. 6 par. 1 lett. b) of the GDPR

Maximum 12 months

Provision is necessary. Failure to provide the necessary data will make it impossible to be contacted and receive information

B) MANAGEMENT OF YOUR REQUESTS and requests from other data subjects, pursuant to Art. 15 et seq. of the GDPR (data subject rights)

Processing is necessary for compliance with a legal obligation to which the controller is subject (C45) Art. 6 par. 1 lett. c) of the GDPR

5 years from the closure of the request, unless disputes

The provision of personal data is mandatory, as it is indispensable for being able to fulfill legal obligations.


3. TO WHOM WILL PERSONAL DATA BE COMMUNICATED? RECIPIENTS OF DATA

Personal data will be communicated, also based on the purposes provided in specific areas, to subjects who will process the data as autonomous Data Controllers, or Data Processors (Art. 28 GDPR) and processed by natural persons (Art. 29 GDPR) acting under the authority of the Data Controller and Data Processors on the basis of specific instructions provided regarding the purposes and methods of processing, for specific purposes based on the reference area. The data will be communicated to recipients belonging to the following categories:

  • Subjects who provide services for the website and communication networks, including e-mail, hosting and website management;

  • Competent authorities for fulfilling legal obligations and/or provisions of public bodies, upon request

The list of Data Processors is available by writing to info@casatiflock.it or to the other contacts indicated above.


4. WILL THE DATA BE TRANSFERRED TO NON-SEE COUNTRIES?

Personal data will not be transferred to Non-SEE Countries.


5. IS THERE AN AUTOMATED PROCESS?

Personal data will be subjected to traditional manual, electronic and automated processing. It is specified that fully automated decision-making processes are not carried out.


6. WHAT ARE YOUR RIGHTS? HOW CAN YOU EXERCISE THEM?

You may exercise the rights set forth in Articles 15 et seq. of the GDPR by contacting the Data Controller at info@casatiflock.it, or using the contact details above. You have the right, at any time, to request access to your personal data (Article 15), rectification (Article 16), erasure (Article 17), and restriction of processing (Article 18). The Data Controller shall communicate (Article 19) any rectification, erasure, or restriction of processing to each recipient to whom the personal data has been disclosed. The Data Controller shall inform the data subject of these recipients upon request. In the cases provided for, you have the right to data portability (Article 20), and in such cases, your data will be provided to you in a structured, commonly used, and machine-readable format. You have the right to object (Article 21) at any time to data processing based on legitimate interest. If you believe that the processing of your personal data by the Data Controller violates Regulation (EU) 2016/679, you have the right to lodge a complaint with the supervisory authority, in particular in the Member State in which you habitually reside or work, or in the place where the alleged violation of the regulation occurred (Italian Data Protection Authority https://www.garanteprivacy.it/), or to take appropriate legal action.


7. CHANGES TO THE POLICY
The Data Controller reserves the right to modify, update, add, or remove portions of this policy. To facilitate review and modification of the text, the policy will contain the date of update.


Update date: 29/07/2025