Privacy Policy

Foreword

Pursuant to and for the purposes of (EU) Regulation 2016/679 containing the “General Data Protection Regulation – GDPR” (“Regulation”), of Legislative Decree 196/2003 as amended by Legislative Decree 101/2018 (“Privacy Code”), as well as any other provision and/or legal regulation, national and/or EC, regarding the protection of personal data, the Cart-One S.r.l. company (“Cart-One” or “Company”) has drafted this Privacy Policy in order to allow all users of  the website https://www.cart-one.com/ (“Website”) to understand the purposes and the ways in which Cart-One, as data controller (“Controller”), collects and processes the personal data (“Data”) obtained while browsing the Website. 

This Privacy Policy is aimed to those who access the Website, as well as to those who communicate with Cart-One by sending emails to the addresses specified in the Website (“Users”). 

The Privacy Policy is relevant only to the Website https://www.cart-one.com/ and not for other websites that may be accessed by the User through connected links and which from time to time offer specific information prepared for the services requested. 

The use of the social media functions in this Website (LinkedIn plug-in) does not imply the automatic acquisition by the Company of the User’s personal data. However, if the User logs into his personal account when activating the social plug-in, the social network may associate the User’s access to our web pages with the user account. Data transmissions between the social network and the user’s system and interactions on the platform comply exclusively to the data protection regulations of the specific social network. Therefore, the User is invited to check the privacy policies of the social network before using the plug-in. The social plug-in remains active until the User disables it or deletes the related cookies. 

Data Controller and Processor 

The data controller is Cart-One, with headquarters in Via del Lavoro 2, Torrile, Parma, tel.: 0521.317011, fax 0521.317003, email address info@cart-one.com, PEC (Certified email) amministrazione@pec.cart-one.com. The management of the Website is carried out by the Sada Partecipazioni S.r.l. company, as data processor pursuant to art. 28 GDPR, with registered office in Via Pacinotti snc, 84098 Pontecagnano Faiano (SA), tel.: +39 089 38 666 11, fax: +39 089 38 666 74, email: gruppo.sada@sadaspa.it, PEC sada.partecipazioni@telecompost.it. Sada Partecipazioni can be contacted by phone and fax at +39 081.5747282, email: privacy.grupposada@sadaspa.it, PEC: privacy.grupposada@pec.it

Data spontaneously provided by the User and related purposes 

The optional, explicit and spontaneous sending of email messages to the email addresses on this Website entails the subsequent acquisition, by the Controller, of the sender’s address, necessary to reply to the User’s messages and requests, as well as any other personal data included in the message, pursuant to art. 6, par. 1, let. b), of the Regulation. These data are processed exclusively for the period necessary to respond to the aforementioned requests. 

Should Cart-One collect personal offline data (e.g. paper forms), Cart-One will provide contextual information on data processing pursuant to art. 13 of the Regulation and will obtain, if necessary, the consent of the party involved (this also applies if the data collection takes place through forms downloaded from the Website). 

Data communication methods and dissemination 

The management and storage of personal data connected with the use of this Website take place on the server of the third party company in charge of the hosting service, located within the European Union at Flamenetworks S.r.l. in San Giorgio a Cremano (NA) 80046. 

Data processing is handled by technical personnel duly appointed to carry out this tasks, constantly identified and/or authorized, suitably instructed and made aware of the compliance with the Regulation, the Privacy Code and with any other provision and/or regulation, European and/or national, regarding the protection of personal data, as well as through the use of adequate technical and organizational measures to guarantee data protection and to avoid the risks of loss or destruction, unauthorized access, processing unauthorized or noncompliant with the above purposes. Technical and organizational measures are constantly improved according to technological development. No Data deriving from the web service is disclosed by the Controller. Exceptions to this include the communication of Data to companies expressly appointed to carry out specific services in the context of the activity carried out by the Controller and/or, in general, in his favor, which will operate as independent data controllers, joint data controllers and/or co-controllers, including of communication and/or dissemination of the Data requested, in accordance with the law, police forces, legal authorities, information and security bodies or other public entities for purposes of defense or state security or prevention, detection or prosecution of crimes. 

Browsing data 

The computer systems and software procedures used to operate the Website acquire, during their ordinary operation, a few Data whose transmission is implicit when using Internet communication protocols. This is information that is not collected to be associated with identified interested parties (i.e. Users), but which by their very nature could, through processing and association with data held by third parties, allow Users to be identified. This category of data includes the IP addresses or domain names of the computers used by Users who connect to the Website, the addresses in URI (Uniform Resource Identifier) form of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the code number indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the User’s IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Website and to check its correct functioning, and are deleted immediately after processing. The Data could be used to ascertain responsibility in the event of cybercrimes against the Website. Except for this case, the Data regarding web contacts does not currently persist for more than 7 days. 

Cookies 

For more information on cookies placed by the Website, please read the Cookie Policy

Duration of processing and withholding of personal data 

The User’s data will be processed by the Data Controller only for the period of time necessary to achieve the aforementioned purposes. At the end of this short period, those Data will be kept only in execution of the legal obligations in force on the matter, for administrative purposes and/or to assert or defend rights in the event of judicial disputes and pre-disputes. 

Browsing without registration 

Browsing on the Website is unrestricted, free and does not require User registration. Browsing is not monitored, either with reference to the websites of origin or with reference to the pages visited. 

Rights of parties involved (pursuant to articles 15 and following of the Regulation) 

The User, as a party involved, has the right to obtain: 

  • confirmation of the existence or not of personal data concerning him, even if not registered yet, and their communication in an intelligible form and/or access to them; 
  • a copy of his personal data; 
  • rectification/updating of any inaccurate personal data; 
  • the deletion of his personal data; 
  • limitation of the processing of his personal data; 
  • blocking of data processed in case of violation of the law 

Furthermore, the User has the right to object, in whole or in part for legitimate reasons, to the processing of data concerning him, even if they are pertinent to the purpose of collection. 

Finally, if the User has granted the processing of data concerning him for the purpose of being sent advertising material or for direct sales or being involved in market research or commercial communication, he has the right to revoke said consent at any moment. 

Requests should be addressed to the Data Processor at email address privacy.grupposada@sadaspa.it, PEC: privacy.grupposada@pec.it  

If the User believes that the processing of data carried out through the Website is in violation of the provisions of the Regulation, the User has the right to lodge a complaint with the Data Protection Authority, as provided for by art. 77 of the Regulation itself (link to the page of the Guarantor), or to take the appropriate legal action (art. 79 of the Regulation). 

Changes to this document 

Granted that Cart-One does not proceed with processing operations other than those expressly authorized and/or requested by each User, this Privacy Policy may be modified to comply with new legal provisions or with changes in Cart-One’s data processing policies. 

Each updated version of this Privacy Policy will be made available on the Website in the relevant section. 

Cart-One therefore invites all Users to regularly check the Website for updates. 

Latest update: 12/12/2022