CEZA srl has always committed itself to protect the personal data of its customers, ensuring
high security standards and the respect of the rights provided by the rules on the protection
of personal data.
The attention and professionalism with which we process your data, through our website,
consulting services, hardware / software supply and technical assistance, are illustrated with
complete transparency by the following information, in line with the new Regulation European
n. 679/2016 ("GDPR") on the protection of personal data.
Data Controller
CEZA srl - Registered office: Via Lisbona n ° 9, PONTASSIEVE (FI) ITALY
VAT number / tax code: 01944700481
Email address of the Owner: ceza@ceza.it
Types of Data collected
Personal Data is all information useful to identify a natural person. They can be freely
provided by the User or collected from external sources.
In particular, the data collected are all those required in the contracting phase and supplying
goods or providing our services, such as personal data, telephone, email, bank details,
geolocation information provided in the use of the App, navigation data, data of the devices
used for the use of our software and any other information necessary or provided voluntarily
to use the services requested.
Regarding the collection of technical, third-party or profiling cookies, you can consult the
cookie policy on our website.
Unless otherwise specified, all data required during the course of the business relationship
are mandatory; it follows that the failure to indicate these could prevent the correct execution
of contractual relationships. Where data is specified as optional, the user may also refrain
from providing it.
The User assumes responsibility for the sharing of Personal Data of third parties and
guarantees to have the right to share them, freeing the Owner from any responsibility
towards third parties.
External Links
Our website and our software products may contain links to external sites of third parties.
CEZA srl is not responsible in any way for the methods of collection and processing of data
and privacy policy adopted by the aforesaid subjects.
Purpose of the treatment
Personal data are collected only if necessary to perform the required services. In this case
the collection and treatment purposes can be:
• The stipulation of contracts, all pre-contractual activities, administrative and accounting activities;
• Sending notifications, payment notices, regulatory updates and all the necessary communications for
the management of the business relationship;
• Interaction with social networks and external platforms;
• The creation of statistics;
• Technical assistance, training, product configuration and consultancy;
• Custom software development and all test and demo activities;
• The fulfillment of legal obligations and compliance with current regulations, the protection of our
corporate assets and the defense of our rights;
• fulfillment of the request for contact, sending of newsletters and registration on the mailing list;
• Personnel selection and HR management;
• Communicate and / or transfer certain data to third-party companies supplying services, products and
technologies necessary for the realization and supply of our products / services. These subjects will be
responsible for the treatment as autonomous owners.
• Communicate and / or transfer certain data to third-party companies to which they are bound by
contractual obligations:
• Marketing activities for the continuous innovation of the technologies offered and the direct
promotion of our products / services. In this case, the specific consent to the aforementioned
processing will always be requested and it will always be possible to object to receiving such
communications by writing an email to ceza@ceza.it
In any case, we undertake to ensure that the collection and processing of data always
comply with the purposes described and that the personal sphere of the users involved is
never infringed in any way.
Method of treatment
The processing is carried out through IT, telematic and paper means, with methodologies
and strategies aimed solely at the purposes indicated above. The Data Controller, in order to
protect the confidentiality of data, has implemented security measures, adapted to the level
of risk, aimed at preventing unauthorized access, sharing, alteration or destruction.
In addition to the Data Controller, internal administrative, technical, commercial and legal
staff may also have access to the Data. They may also have access to data for third party
companies supplying services / products, appointed as Data Processors by the Data
Controller.
However, it is at any time possible to request the Owner to clarify the modalities and the legal
nature of each treatment.
Place of data processing
The server-farm of the Owner and the Server-farm of which the Data Controller relies on third
parties are all located in Italy or in countries belonging to the European Economic Area.
The Data are processed at the operational headquarters of the Data Controller, the User's
offices where the Data Controller performs consulting activities and in any other place where
the parties involved in the processing work.
Data are not transferred to subjects located outside the European Economic Area. Should
this need arise, we will take care to verify that the Data are protected by suitable security
measures.
Retention period
The Data are processed and stored for a different time depending on the purpose for which
they were collected:
• For purposes related to the execution of a contract will be retained until the execution of the
contract is completed. After the termination of the contract, we will retain the Data for 11
years, in order to comply with legal obligations and the possible defense of our rights;
• for purposes related to our legitimate interest and the fulfillment of legal obligations will be
retained until this interest is met. In this case the User can request in-depth information on
the legitimate interest exercised by the Owner
• for purposes granted by explicit consent of the User, the Data Controller may retain the
Personal Data until the consent is revoked.
At the end of the period provided for the specific case, the data will be deleted and the User's
right of access, cancellation, modification and portability will be lost.
Rights of the Subjects concerned
The User has the right to ask the Owner:
• Access to your data and confirmation of the existence of the same
• Information on how to process your data
• Data correction, if they are inaccurate
• The cancellation (so-called "right to be forgotten") of the data, provided they are not indispensable
for contractual or legal purposes
• Limitation of treatment, provided it is not indispensable for contractual or legal purposes
• The portability of data, ie the ability to receive your data in a structured format of common use in
order to transfer them to another owner
• Opposition to data processing
• Withdrawal of consent to treatment
The User also has the right to make a complaint to the competent Supervisory Authority, if he
considers that the processing of his data violates his dignity or his rights.
These rights may be exercised by sending an email to ceza@ceza.it
If the cancellation of your data is requested, the User's right of access, cancellation,
modification and portability will be less.
Changes to the privacy policy
CEZA srl, as Data Controller, reserves the right to make changes at any time to this privacy
policy.
In this case, the modification will be notified on its website www.ceza.it