Request Support Partner

Privacy Policy

General part - information common to all processing of personal data

Premise

This information illustrates which "Personal Data of natural persons" (henceforth the latter also referred to as interested) are collected and which treatments are carried out concerning all the Services provided by CoreTech Srl, also through this websit www.coretech.it , in compliance with regulation (EU) 2016/679 and related legislation.

Owner Of the Treatment

Unless otherwise indicated, for all the Services indicated below, the owner of the processing of personal data, i.e. the one who decides the purposes and means of the processing of personal data, is the company:

CoreTech s.r.l., Tax Code and VAT number: 03815480961, based in Viale Ortles 13, 20139 Milan, Tel: +39 02 55 23 08 93, email privacy@coretech.it

It is possible to contact the data controller to receive all further clarifications on the policies adopted by our company regarding the protection of personal data.



DPO – Data Protection Officer

Coretech Srl has appointed the DPO - Data Protection Officer as Personal Data Protection Officer, who can be contacted at the following address: privacy@coretech.it



Limits of applicability of this information

Unless otherwise specified, this policy only concerns the processing of personal data of natural persons, and does not concern the processing of data relating to companies. However, in the latter case, this policy applies to the processing of personal data relating to individuals who are their collaborators and who must use the services provided by the data controller and always to the minimum necessary to allow their use. It is the specific responsibility of companies to communicate the personal data of their collaborators, giving the indications to be able to view this policy.



Principles applied to the processing of Personal Data

The data controller adopts personal data processing policies in compliance with regulation (EU) 2016/679 and related legislation, applying the principles established on the processing of personal data such as the principle of confidentiality, lawfulness, transparency, correctness, accuracy, integrity, relevance, to the minimum necessary and through adequate security measures, in order to guarantee the rights and freedoms of the data subjects.



Methods of processing Personal Data

The processing of personal data will take place either in paper form or with other analogical forms, or in whole or in part electronic, telematic or in any case automated, in compliance with the principles indicated above. The data will not be disclosed. Further details may be indicated, if necessary, concerning the single service provided by the data controller, as specified later in this information.



Recipients of Personal Data

The recipients of the personal data to which the data controller can transmit the personal data of the interested parties are identified below, concerning the treatments covered by this information, unless further specifications are made about the type of service provided.

The personal data of the interested party will be disclosed to authorized internal staff and other external parties, only if indispensable for the purposes being processed. In particular, the recipients will be included in these categories:

The names of the persons appointed as data processors will be available at the headquarters of the data controller.



Transfer of Personal Data abroad

Always in compliance with the privacy legislation, the data controller may transfer personal data, if technically possible through encryption systems according to internationally recognized technical standards, even outside the European Economic Area (EEA) or from a country that does not have a adequacy decision by the European Commission according to art. 45 of the GDPR, respecting one of the following conditions:



Exercise of rights by the interested party

Concerning their personal data, the interested party, according to articles 12 ff. Regulation (EU) GDPR, has the following rights, which it can exercise towards the data controller, in the way indicated below:

Rights of the interested party

The rights recognized to the data subject by the GDPR include those of:

Right to lodge a complaint

In the event of disputes, the interested party has the right to lodge a complaint with the supervisory authority and specifically with the Guarantor Authority for the protection of personal data - www.garanteprivacy.it.

Form for the exercise of rights

To exercise your rights, please fill out the form that can be downloaded at this link, and send it to CoreTech s.r.l. by: email to privacy@coretech.it or by post to Viale Ortles 13, 20139 Milan. For any further clarification, please contact Coretech S.r.l. at Tel number: +39 02 55 23 08 93 and ask to speak with the privacy contact.

More information

Further information on the rights of data subjects can be found on the website: www.garanteprivacy.it.



Changes and additions

The data controller will take care to update and integrate this information every time this becomes necessary and in any case in the event of regulatory and organizational changes that may affect the processing of personal data of the interested parties. Any changes will always be reported on this web page: www.coretech.it/privacy , which contains the most updated information. We therefore invite you to consult this page regularly.

Specific information to individual Services provided by the Data Controller

List of the types of Services performed and related information on treatments

List of the type of processing carried out as data controller concerning the services performed:



Specific policy relating to clients for Cloud services and other IT services

This section contains information on the processing of personal data carried out by the data controller, concerning the data of its customers as individuals and their collaborators, for the provision of cloud services and other IT services.

THE INFORMATION IS ALSO COMPOSED OF THE GENERAL SECTION, REPORTED ABOVE, CLICK HERE.

Service provided

Provision of cloud services and other IT services provided by the data controller, indicated on this website and related pre-contractual requests for information on the services themselves

Types of data processed

The types of data processed are:

Purpose of the processing

The personal data of the interested party will be used for:

Legal basis of the processing

The legal bases for the processing of personal data have a legal basis as they are necessary:

Retention period

The personal data of the interested party will be stored:

Consequences in case of failure to provide personal data

In case of failure to communicate personal data for the aforementioned purposes, it will be impossible to execute the contract for the supply of the requested services or to provide the information requested during the pre-contractual phase.



Specific information relating to suppliers

This section contains information on the processing of personal data carried out by the data controller, about the personal data of their suppliers, as natural persons or concerning their collaborators.

THE INFORMATION IS ALSO COMPOSED OF THE GENERAL SECTION, REPORTED ABOVE, CLICK HERE.

Personal supplier data

Personal data relating to suppliers and their collaborators in the context of supply relationships managed by the data controller

Types of data processed

The types of data processed are:

Purpose of the processing

The personal data of the interested party will be used for:

Legal basis of the processing

The legal bases for the processing of personal data have a legal basis as they are necessary:

Retention period

The personal data of the interested party will be stored:

Consequences in case of failure to provide personal data

In case of failure to communicate personal data for the aforementioned purposes, it will be impossible to execute the supply contract or in any case to follow up on the pre-contractual phase



Specific policy regarding webinars

This section contains information on the processing of personal data carried out by the data controller, in relation to personal data processed as part of participation in webinars managed by the data controller.

THE INFORMATION IS ALSO COMPOSED OF THE GENERAL SECTION, REPORTED ABOVE, CLICK HERE.

Service provided

Personal data processing of webinar participants managed by the data controller

Type of data processed:

Purpose of the processing

The personal data of the interested party will be used for:

Legal basis of the processing

The legal bases for the processing of personal data have a legal basis as they are necessary:

Retention period

The personal data of the interested party will be stored:

Recipients

In addition to what is indicated in the general section of this information relating to recipients, we inform you that personal data are also communicated to third-party IT platforms, data processors, which provide the IT tools necessary for the provision of the service indicated above and always in compliance with the privacy legislation to guarantee the rights and freedoms of the interested parties. The names of the persons appointed as data processors will be available at the headquarters of the data controller.

Consequences in case of failure to provide personal data

In case of failure to communicate personal data for the aforementioned purposes, it will be impossible to execute the service described above or in any case to follow up on the pre-contractual phase.


Specific information relating to online training courses

This section contains information on the processing of personal data carried out by the data controller, in relation to personal data processed in the context of participation in training courses offered by the data controller.

THE INFORMATION IS ALSO COMPOSED OF THE GENERAL SECTION, REPORTED ABOVE, CLICK HERE.

Service provided

Personal data processing of participants in training courses offered by the data controller

Type of data processed:

Purpose of the processing

The personal data of the interested party will be used for:

Legal basis of the processing

The legal bases for the processing of personal data have a legal basis as they are necessary:

Retention period

The personal data of the interested party will be stored:

Recipients

In addition to what is indicated in the general section of this information relating to recipients, we inform you that personal data are also communicated to third-party IT platforms, data processors, which provide the IT tools necessary for the provision of the service indicated above and always in compliance with the privacy legislation to guarantee the rights and freedoms of the interested parties. The names of the persons appointed as data processors will be available at the headquarters of the data controller.

Consequences in case of failure to provide personal data

In case of failure to communicate personal data for the aforementioned purposes, it will be impossible to execute the service described above or in any case to follow up on the pre-contractual phase


Specific policy relating to video surveillance at the CoreTech headquarters

This section contains information on the processing of personal data, acquired and processed through the video surveillance systems operating at the CoreTech headquarters, in compliance with the applicable legislation on the protection of personal data.
The video surveillance areas are marked with special signs, clearly visible in all environmental lighting conditions, where the aims pursued are also recalled. The information signs are before the range of the cameras.

Type of data processed:

The types of data processed are:

Purpose of the processing

The personal data of the interested party will be used for:

Legal basis of the processing

Retention period

The images of the interested party will be kept


Specific policy relating to the electronic signature of contracts

This section contains information on the processing of personal data carried out by the data controller, in relation to the electronic signature generated to sign contracts by its customers, suppliers and collaborators.
As part of the initiatives aimed at innovating and improving the efficiency of its processes, we have introduced a method of signing contracts based on a process that allows you to sign documents in electronic format through the Sigillo platform, with the aim of reducing and, where possible, eliminate the use of the card over time.
The contracts, once electronically signed, will be sealed by a qualified signature compliant with the European Regulation 910/2014 (eIDAS)

Service provided

Advanced electronic signature of documents and contracts for the provision of cloud services, distribution and other IT services.

Type of data processed:

The types of data processed are:

Purpose of the processing

The personal data of the interested party will be used for:

Legal basis of the processing

The legal bases for the processing of personal data have a legal basis as they are necessary:

Retention period

The images of the interested party will be kept

Consequences in case of failure to provide personal data

In case of failure to communicate personal data for the aforementioned purposes, it will be impossible to execute the contract for the supply of the requested services or to provide the information requested during the pre-contractual phase.

Exercise of rights by the interested parties

According to art. 13.2 of Regulation (EU) 2016/679, the interested party may at any time exercise the following rights: ask the data controller for access to Personal Data, rectification, cancellation, limitation, opposition to processing, portability of the same, as well as lodge a complaint with the supervisory authority. The request must be made by email to privacy@coretech.it attaching the document CoreTech interested rights module e Carta d'identità

Collection of evidence and assistance to the rights of interested parties

If the customer needs to collect evidence or request assistance, he can send the request to the email address supporto@coretech.it, in case the requested assistance is not within the competence of the support or for other reasons he can contact the Privacy contact at email privacy@coretech.it.

Breach of personal data

"CoreTech reports any incidents impacting personal information to the manager or owner via email provided as a Privacy email contact when activating the service. For more information, please visit the page https://www.coretech.it/en/service/chi_siamo/dpa.php

Interested Rights Form can be filled in

Document information

Document title: Privacy
Document version: V.2.2
Date of last adjustment: 25/05/2021
Ripe Ncc Member
vmware
CloudLinux
Plesk
HP
Microsoft