INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ART. 13 OF REGULATION (EU) 2016/679 RELATING TO THE WEBSITE WWW.CUBISRL.COM
With this information Cubi S.r.l. (VAT number: 01402610230), with registered office in Sommacampagna (37066 – VR), in Via dell’Artigianato n. 92, as Data Controller of personal data (hereinafter simply “Controller”) – wishes to inform you about the processing of personal data that you will provide by browsing this Website www.cubisrl.com, hereinafter simply “Website”.
For clarification, exercise of the rights listed in this information, please contact the Data Controller at the following addresses:
- e-mail: firstname.lastname@example.org
- postal address: CUBI SRL, via dell’Artigianato n. 92, Sommacampagna (37066 – VR)
EU Reg. 2016/679 and Legislative Decree 196/2003, as amended by Legislative Decree 101/2018, establish the rules to protect and safeguard the personal data of individuals.
This information is prepared in accordance with the new legislative decree. The information may undergo changes following the introduction of new rules or in the event of changes to the activities of the owner that could affect the processing of personal data. We therefore invite you to visit this section for updating.
If you are under the age of 16, your consent is consistent only if given or authorized by the person of parental responsibility in your comparisons with the provisions of art. 8 EU Reg. 2016/679. For interested parties who are on Italian territory, consent is reached, under the same conditions as above, also for the person who has reached the age of 14.
1. Data Controller The Data Controller is the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data and also deals with safety profiles.
With regard to this Website, the Data Controller is CUBI S.R.L., as specified above, and for any clarification or exercise of your rights, you can contact him at the following e-mail address: email@example.com
2. Types of personal data processed By “personal data” we mean all information that could directly or indirectly allow users to be identified. In particular:
a) Navigation data The computer systems and software procedures used to operate this Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses or domain names of computers and terminals used by users, URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request, the method used in submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.
These data, necessary for the use of web services, are also processed for the purpose of:
- obtain statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);
- check the correct functioning of the services offered.
b) Data communicated by the user The optional, explicit and voluntary sending of messages to the e-mail address of the Data Controller and the compilation and forwarding of the contact form on the Website, involves the acquisition of the sender’s contact data, necessary to respond, as well as all personal data included in communications.
Also filling out the registration form for the Newsletter service, with the user’s contact details, involves the acquisition of said data for sending information and commercial communications (newsletters)
The release of the requested data does not depend on a legal or contractual obligation. Their release is therefore optional, however the omission of the data to be entered in the mandatory fields does not allow the Owner to find the request sent.
The data retention period ends with the completion of the requested service, unless the stipulation of a contract derives from this. In this case, the data will be kept for ten years from the signing of the contract for judicial protection in the event of disputes arising from the contract itself.
3. Purpose of the processing Except as provided for the individual processing activities of personal data present within the Site, in general the purposes of the processing pursued are the following:
- respond to requests for information and, in general, contact the user;
- execute pre-contractual and contractual obligations with respect to established legal relationships, even at a distance;
- fulfill legal obligations;
- send information and commercial communications (newsletters)
- manage management, administrative, accounting and tax obligations;
- archiving, hosting and management of the back end infrastructure of the Site;
- interaction with social networks and external platforms;
- statistics and cookie management;
- prevention and detection of any abuse in the use of the Website, or any fraudulent activity and therefore allow the Owners to protect themselves in court.
4. Legal basis for data processing The legal basis for the processing of personal data provided by the user while browsing the Site are:
- the fulfillment of a legal obligation to which the Data Controller is subject pursuant to art. 6 co 1 lett. c) GDPR with regard to the fulfillment of obligations under the law, regulations, community legislation or an order of the Authority;
- the execution of a contract of which the interested party is a party or the execution of pre-contractual measures adopted at the request of the same, pursuant to art. 6 co 1 lett. b) GDPR as regards the data collected to respond to requests for information from users sent through the appropriate contact form;
the legitimate interest pursuant to art. 6 co 1 lett. f) GDPR for the management of the backend infrastructure of the Site, for the management of technical and analytical cookies on the Site and, more generally, for the exercise of their rights in the context of the information society
explicit consent, for sending information and commercial communications (newsletters).
5. Data retention period The data processed to fulfill legal obligations will be kept until they are fulfilled, and in any case for the period of time necessary to demonstrate compliance; the data processed to fulfill contractual or pre-contractual purposes up to the fulfillment of the same and, if a contract is concluded or there have been pre-contractual negotiations, for ten years from the signing of the same in order to allow any judicial or extrajudicial protection as well as the demonstration of the correct fulfillment of the contractual obligations assumed. When the processing of personal data is necessary for the pursuit of a legitimate interest of the Data Controller, the personal data will be kept until such interest is satisfied or until any opposition by the interested party, to be exercised in the manner indicated below. The data processed for the purposes of Abuse and Fraud Prevention will be kept for the time strictly necessary to allow the Data Controller to defend himself in court. Regarding the processing of data for sending information and commercial communications (Newsletter), the data will be processed for no more than 24 months from their collection.
6. Processing methods On this Website, the data is collected electronically and processed through operations carried out mainly with the aid of electronic tools, ensuring the use of suitable measures for the security of the data processed and guaranteeing its confidentiality. This Website does not provide for the existence of an automated decision-making process for commercial profiling purposes (targeted marketing technique which includes the set of activities for the collection and processing of user data in order to understand their choices and their behavior at purpose of dividing interests into “profiles”, or into homogeneous groups for increasingly specific behaviors or characteristics).
7. Recipients of personal data The categories of recipients who may become aware of your personal data during or after the execution of the contract are:
- the subjects who process the data in execution of specific legal obligations;
- external consultants who provide functional services for the purposes indicated above, identified in writing and to whom specific written instructions have been given with reference to the processing of personal data;
- subjects with whom it is necessary to interact to execute the requested services (eg hosting providers, credit institutions);
- subjects necessary for the provision of the services offered by the Site including, by way of example, the sending of e-mails and the analysis of the functioning of the Site who typically act as data processors on behalf of the Owner;
- persons authorized by the Data Controller to process personal data necessary to carry out activities strictly related to the provision of the Services, who are committed to confidentiality or have an adequate legal obligation of confidentiality (eg employees and collaborators of the Data Controller);
- subjects that offer services and / or make programs or web platforms available for the activity of sending information and commercial communications (newsletters);
- in general, to all those public and private subjects for which communication is necessary for the correct and complete fulfillment of the purposes indicated.
- Users’ personal data may be disclosed to Judicial Authorities and Police Forces only in cases where this is required by law and used by the Data Controller for the purposes of any defense of his rights in court, where strictly necessary.
8. Scope of data circulation The processing of personal data relating to the services of the Website takes place at the headquarters of the Data Controller and is only handled by authorized personnel. The collected data will not be disclosed. However, for the actual execution of the requested service, some data will be shared with external parties called to carry out specific tasks on behalf of the Data Controller (eg: hosting, housing, cloud providers, e-mail service providers for the publication needs of the Website and management of the e-mail / PEC service, web agency, etc.). To provide some services, personal data may be transferred to organizations or third countries, where the hosting servers or suppliers are located. In the event that this happens, the Data Controller ensures that the processing of your personal data by these recipients takes place in compliance with the applicable legislation. More information is available from the Data Controller by writing to the following address: firstname.lastname@example.org. The Data Controller undertakes to protect the security of personal data by adopting all the IT and physical measures necessary for the protection of the personal data provided. No security system guarantees this protection with absolute certainty; therefore, except in cases of liability for negligence, the Data Controller is not liable for the fait accompli by third parties who illegally access the systems without the necessary authorizations. For these reasons, users of the Site are advised to ensure that their computer is equipped with adequate software for the protection of data transmission over the network (for example, updated antivirus, firewall) and that their Internet provider has adopted suitable measures for security. of data transmission over the network.
9.Your rights under the REG. EU 2016/679 Art. 13 par. 2 and Articles 15 to 22 of EU Reg. 2016/679 (GDPR) list the user’s rights.
The Data Controller therefore intends to inform you about the existence:
- the right of the interested party to ask the Data Controller for access to personal data (Article 15 of the GDPR), the rectification (Article 16 of the GDPR) or the limitation of the processing that concerns them (Article 18 of the GDPR) or to oppose, for reasons legitimate, to their treatment (Article 21 GDPR), in addition to the right to data portability (Article 20 GDPR);
- the right to request cancellation (Article 17 of the GDPR), transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently treated.
Requests can be addressed to the Data Controller, without formalities or, alternatively, using the model provided by the Guarantor for the Protection of Personal Data available on the Website: http: //www.garanteprivacy.it/web/guest/home/docweb / – / docweb-display / docweb / 1089924, by sending an e-mail to the address: email@example.com.
If the processing is based on art. 6, paragraph 1, letter a) or on art. 9, paragraph 2 lett. a), the user has the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the withdrawal.
Furthermore, in the event of a violation of the law, the user has the right to lodge a complaint with the Guarantor for the Protection of Personal Data, as the authority responsible for monitoring the processing in the Italian state. The form for submitting a complaint to the Privacy Guarantor can be found at:
For a more in-depth examination of the rights that compete with you, see articles 15 and ss. GDPR.
Last update: 21.10.2021
This information is provided pursuant to EU Regulation 2016/679.
1. What are Cookies and what are they for? Cookies are information made up of small strings of text (code) entered on your browser when a website is visited. They perform various and important functions within the network (execution of authentication, IT, session monitoring, storage of information on specific configurations regarding users who access the server, storage of preferences etc.). While browsing, the User may also receive cookies from different sites and / or platforms (so-called third-party cookies) on their device, set directly by the managers of these websites and used for the purposes and according to the methods defined by them. Some of the purposes for installing cookies may also require the consent of the user. When the installation of Cookies takes place on the basis of consent, this consent can be freely revoked at any time by following the instructions contained in this document. It is also specified that within this Site there are Cookies and other tracking systems operated by third parties, the installation of which cannot be technically controlled by the Owner.
2. Technical cookies
3. Third-party cookies Some third-party cookies are installed through this site. The individual third-party cookies are shown in detail, as well as the links through which the user can receive more information and request the deactivation of cookies. If among the tools indicated below there are services managed by third parties, these could – in addition to what is specified and also without the knowledge of the Owner – perform User tracking activities. For detailed information on this, it is advisable to consult the privacy policies of the services listed.
3.1 Advertising This type of service allows the User Data to be used for commercial communication purposes in various forms of advertising, such as banners, also in relation to the User’s interests. This does not mean that all Personal Data is used for this purpose. Data and conditions of use are indicated below.
3.2 Statistics These services allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.
Service: Google Analytics with anonymized IP (Google Inc.)
Service: Yandex Metrica
3.3 Service: Google Maps (Google Inc.) This site uses Google Maps, a service for the use of geographical maps of Google Inc
3.4. Social network This type of service allows interaction with social networks directly from the pages of this Site. The interactions and information acquired from this Site are in any case subject to the User’s privacy settings relating to each social network. In the event that an interaction service with social networks is installed, it is possible that, even if the Users do not use the service, it collects traffic data relating to the pages in which it is installed.
- Servizio: Widget sociali di Youtube (Google Inc.)
The pages of the Website also feature Social Network buttons and widgets to facilitate interaction with social platforms. In particular, on the pages of this Site there is a share button for:
The management of the information collected by third parties is governed by the relevant information to which reference must be made for any clarification. The Data Controller is not responsible for the operation of third-party Cookies / plugins on its Site. However, for convenience and transparency, the web addresses of the various information and methods for managing cookies / plugins are shown below. To this end, see the privacy and cookie information of the aforementioned social networks available at the following links:
4. Processing methods The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data. The processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organization of this Site (for example system administrators) or external subjects (such as third party technical service providers, hosting providers, professionals and / or IT companies, agencies) may have access to the Data. communication) also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Managers can always be requested from the Data Controller at the addresses indicated in the Contact details section of this document.
5. Provision of data and consent Except for the technical cookies strictly necessary for normal navigation, the provision of data is left to the will of the interested party who decides to browse the Site, after having read the brief information contained in the appropriate banner and to use the services that involve the installation of cookies. The User can therefore avoid the installation of Cookies by keeping the banner (thus refraining from closing it by clicking on the ‘ok’ button), as well as through the special functions available on their browser.
7. Rights of the interested party At any time, the User can exercise their rights towards the Data Controller. In particular, the User has the right to:
- ask for confirmation of the existence or otherwise of their personal data
- obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the retention period
- obtain the correction and deletion of data
- obtain the limitation of the treatment
- obtain data portability, i.e. receive them from a data controller, in a structured format, commonly used and readable by an automatic device, and transmit them to another data controller without impediments
- oppose the processing at any time and also in the case of processing for direct marketing purposes
- oppose an automated decision-making process relating to natural persons, including profiling
- ask the Data Controller to access personal data and to correct or cancel them or limit their processing or to oppose their processing, in addition to the right to data portability
- withdraw the consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation
- lodge a complaint with a supervisory authority.
8. Third party sites The third party sites that can be accessed through this Site are not covered by this information. The owner declines any responsibility regarding them. The categories of cookies used and the type of processing of personal data by these third parties are regulated in accordance with the information provided by them.
10. Data Controller Cubi S.r.l. (VAT number: 01402610230), with registered office in Sommacampagna (37066 – VR), in Via dell’Artigianato n. 92, in the person of the pro tempore legal representative (even only the “Owner”).
11. Contact details of the Data Controller You can exercise your rights, indicated in the previous section of this information, with a written request sent to CUBI S.R.L .:
postal address: CUBI SRL, via dell’Artigianato n. 92, Sommacampagna (37066 – VR)
Last modified: 21/10/2021