Privacy Policy
CERTIAUDITOR © by Certi W ® Privacy Policy
- GENERAL CONDITIONS
Use of the site
The site is “designed” exclusively to pursue the purpose of Certi W ® * (hereinafter also referred to as the “Controller”), or an Independent Body operating in the sector of certification (of management systems, products, processes and services), inspection and voluntary and regulatory training (standardization and qualification assessor / inspectors).
General rules
All contents (for example trademarks, icons, texts, software images) of this site are the property of the Controller or of connected subjects and are governed and protected by international and local copyright laws.
Copyright
No part of this site may be reproduced, transmitted or copied in any form without prior written authorization from the Controller. All rights reserved. Printing or copying of content for personal and non-commercial use is permitted. Quotations are also allowed for news, study, criticism or review, provided that they are accompanied by an indication of the source (www.certiw.com) and the author’s name if it is an article.
External links
The user of the site accepts the sites accessible from the www.certiw.com site through links, they can be third parties and independent from the Certi W ® site and therefore no guarantee or liability can be assumed regarding the existence or content of said linked sites.
Security of user data
Certi W ® protects the user’s privacy regarding the information communicated, for details we recommend consulting the specific Section below. Unauthorized activities or the use of this site for purposes other than those defined above is prohibited and legally punishable. If the control of the Controller should ascertain a possible violation of the law or criminal activity, immediate notification will be given to the competent bodies of the country where it took place.
Disclaimer of warranty and liability
Certi W ® is committed to ensuring that the materials and content published on this site are processed with the utmost care and promptly updated. However, any errors, inaccuracies, omissions or temporary malfunctions of some areas of the site are possible. We therefore decline any responsibility for errors, inaccuracies, omissions or malfunctions that may be present on the site. Certi W ® assumes no responsibility for the accuracy, completeness of any information or content.
Regulatory law and modification of the general conditions
The General Conditions are governed by the local law of each country where Certi W ® operates. Certi W ® reserves the right to modify the site and these General Conditions at any time.
- WEBSITE USERS INFORMATION
Premise
With this information we intend to inform users of this site about how it is managed with regard to the processing of their personal data, as required by articles 13 and 14 of EU Reg. 2016/679 (General Data Protection Regulation – GDPR).
We therefore inform you that by consulting this site, data relating to identified or identifiable persons may be processed. It is also specified that when necessary (for example for contact activities and filling in “forms”) the consent mechanisms will be evident and easily understandable.
Personal data will not be disclosed and the exercise of the rights referred to in articles 11 to 20 of the aforementioned Regulation is recognized simply by writing to the Data Controller Certi W ® at the email privacy@certiw.com.
The treatments connected to the web services of this site take place at the Certi W ® headquarters and at the headquarters of the site service providers and are only handled by the company staff, or by any appropriately appointed persons in charge.
All data acquired through Certi W ® online services can only be communicated to the supervisory bodies required by law, in no case will they be communicated or disclosed to other subjects except with the consent of the interested party. The personal data provided by users who request dispatch of informative material (for example requests for information) are used only to perform the service or provision requested and are communicated to third parties only if this is necessary for this purpose. In the event of specific requests, the data may be transferred outside the European Union, in compliance with the provisions of the law, to companies that are in any case connected to Certi W ®, exclusively to respond to the aforementioned requests.
Newsletter service
Certi W ® newsletters are tools of free professional information to interested parties, to inform them about news and changes, in particular regulatory and legislative issues related to Certi W ® activities.
The activity is carried out via e-mail and is carried out exclusively with professional tools that allow the personalization of information and their complete management also by the user. The recipient’s address was collected through all Certi W ® activities, such as: registration on websites, events or seminars, training courses, inspections, audits, certifications and attestations. This address is used exclusively for the aforementioned mailings and is not for any reason transferred to third parties and is treated exclusively with the IT media necessary for sending the newsletter itself in compliance with the Privacy Policy of Certi W ®, this service always provides the function “Unsubscribe” with registration of this event.
Types of data that can be acquired
Navigation data. During their normal operation, our IT systems and software procedures used to operate and manage this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols. The above information is not collected specifically to be associated with specific users, but given their nature they could, through processing and association with data held by third parties, allow users to be identified. This category of data includes, for example, the IP addresses or domain names of the computers that connect to the site, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (for example, successful end or error) and other parameters relating to the operating system and the user’s IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site and may be presented to the local judicial authority, if this explicitly requests it.
Data voluntarily provided by the user. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the communication, as well as for the data collected through the “forms”. Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. However, they are kept for a maximum of 10 years.
- PRIVACY INFORMATION PURSUANT TO ART. 13 OF REG. EU 2016/679
Premise
In compliance with the General Data Protection Regulation we are to provide the necessary information regarding the processing of personal data provided for the provision of Certi W ® services in each country where it operates.
Data controller, responsible for data protection and contact data
The data Controller is the local Certi W ® company.
The Data Protection Officer can be contacted at the address: privacy@certiw.com.
Methods of data processing
In relation to the purposes described, the processing of personal data takes place through manual or electronic or automated processing, according to logic strictly related to the purposes themselves and in any case in order to guarantee the confidentiality and security of personal data (with particular regard to the case of use of remote communication techniques).
Nature of data provision and legal basis for processing
The provision of common personal identification and contact data is strictly necessary for the purposes of carrying out the purposes mentioned in this statement.
In such cases, the provision of data is mandatory. In their absence, the conclusion or execution of the contractually defined commitments cannot be guaranteed.
Communication and dissemination of data
All personal data provided to Certi W ® will not be disclosed or communicated to third parties, except in the cases provided for by law. Communication is required to the third party who has requested or must provide each Certi W ® service, which acts as an independent data controller.
The data are processed by the persons in charge, specifically appointed in writing, within the scope of their respective functions and in accordance with the instructions received, always and only for the achievement of those specific purposes indicated in this statement.
The data may also be processed, on behalf of Certi W ® by external subjects designated as managers, to whom adequate operating instructions are given. These subjects are essentially included in the following categories:
- companies offering software maintenance services for the processing of personal data;
- companies offering website maintenance services;
- other subjects to whom the right to access personal data is recognized by legal provisions or by secondary or community legislation (such as Public Authorities).
The subjects belonging to the aforementioned categories will use the data as “Controllers” pursuant to the law, and in full autonomy, being unrelated to the original treatment carried out by Certi W ®, or as Managers. The data will not be disclosed.
Certi W ® performs data transfers to third countries with respect to the country of data acquisition and to associated companies with which agreements have been established in compliance with the standard contractual clauses for the transfer of data defined by the European authorities.
Retention period
The data will be processed for the entire duration of the contractual relationship established and also subsequently for the fulfillment of all legal obligations (10 years). For all purposes other than the execution of the contract or the fulfillment of a legal obligation, the data will be processed for the duration necessary for the pursuit of the specific purposes and in any case until the interested party revokes consent to the processing of their given or subject to your opposition.
There are no automated decision-making processes.
Rights of the interested party
We inform you that the legislation on the protection of personal data gives the interested parties the opportunity to exercise specific rights. In particular, each interested party has:
- a) the right of access, expressly provided for by art. 15 of EU Reg. 2016/679, i.e. the possibility of accessing all personal information concerning him;
- b) the right of rectification, expressly provided for by art. 16 of EU Reg. 2016/679, i.e. the possibility of obtaining the update of inaccurate personal data concerning him without justified delay;
- c) the right to be forgotten, expressly provided for by art. 17 of EU Reg. 2016/679, consisting of the right to erase personal data concerning the person concerned;
- d) the right to limitation of treatment when one of the hypotheses provided for by art. 18 of EU Reg. 2016/679;
- e) the right to data portability, expressly provided for by art. 20 of EU Reg. 2016/679, i.e. the right to obtain their data in an interoperable format and / or the right to have their personal data transmitted to another data controller without impediments by Certi W ®;
- f) the right to withdraw consent at any time, expressly provided for in art. 7 of EU Reg. 2016/679;
- g) the right to lodge a complaint with the Guarantor in the event of a breach in the processing of data pursuant to art. 77 of EU Reg. 2016/679;
- h) the right to bring a judicial appeal in the event of unlawful processing of data, also against the acts taken by the local Guarantor of the country where such treatment deemed illegal would have occurred pursuant to art. 78 of EU Reg. 2016/679.
How to exercise your rights
The interested party may at any time exercise his rights by sending a written communication to be sent to Certi W ® to the email address privacy@certiw.com.
- PRIVACY NOTICE TO SUPPLIERS (INCLUDING CONTRACTORS) (PROTECTION AND TRANSFER OF PERSONAL DATA)
Pursuant to articles 13 and 14 of EU Reg. 2016/679, the Supplier has the right to be informed about the purposes and methods with which the data provided by them will be processed.
The personal and sensitive data provided directly or in any case acquired will be processed and stored in the Certi W ® paper and electronic archives, in compliance with the provisions of the law (in particular with EU Reg. 2016/679), in particular for the security measures adopted .
The processing of personal data will take place in respect of the rights, fundamental freedoms and dignity of people, according to the principles of loyalty, fairness, impartiality, lawfulness and transparency and will be aimed at the sole and exclusive fulfillment of administrative, social security and insurance obligations, tax and contract management, in particular also for the legal aspects relating to health and safety at work and relating to the presence of the supplier at Certi W ® offices.
It should be noted that the data processing may be carried out without consent, as well as in the judicial sphere, pursuant to article 6 paragraph 1 of the aforementioned EU Reg. 2016/679 in the following cases:
- a) processing is necessary for the execution of a contract of which the interested party is a part or for the execution of pre-contractual measures adopted at the request of the same;
- b) processing is necessary to fulfill a legal obligation to which the data controller is subject;
- c) the processing is necessary for the protection of the vital interests of the data subject or of another natural person;
- d) the processing is necessary for the execution of a task of public interest or connected to the exercise of public powers with which the data controller is invested;
- e) the processing is necessary for the pursuit of the legitimate interest of the data controller or of third parties, provided that the interests or fundamental rights and freedoms of the data subject that require the protection of personal data do not prevail, in particular if the data subject he is a minor.
We also inform you that Certi W ® will also be required to register and process “special data”, meaning that, according to the provisions of article 9 of the aforementioned EU Reg. 2016/679, the personal data suitable for disclosing racial and ethnic origin, religious, philosophical or other convictions, political opinions, membership of parties, unions, associations or organizations of a religious, philosophical, political or trade union nature, personal data suitable for disclosing the state health and sex life, genetic and biometric data. It should be noted that the aforementioned data may only be processed with written consent or for the above conditions.
The data controller (meaning the natural, legal person, or any other body or association to which decisions pertain to the purposes, methods of processing personal data and the tools used), pursuant to article 13 of the aforementioned EU Reg. 2016/679 is Certi W ® in the figure of its local legal representative. The data will be kept for 10 years from the termination of the contractual relationship, without prejudice to different legal obligations.
Pursuant to articles 15 to 22 of the aforementioned EU Reg. 2016/679, the following rights may be exercised:
– Right of access to data
– Right to rectification
– Right to cancellation
– Right of limitation
– Right to portability
– Right to object
– Right to be informed of treatments carried out through automated decision-making processes relating to natural persons, including profiling.
For any information you can contact the following address: privacy@certiw.com.
Note: Certi W ® refers to the local company Certi W ® of the single country where Certi W ® is present and provides its services.
Document Code: F28 Rev. 08.03.2020