Privacy Policy

Customers

Pursuant to Article 13 of Regulation (EU) 2016/679, the following information is provided to customers, natural persons, or customer representatives whose personal data is processed by CDLAN.

 

Data controller
The Data Controller is CDLAN S.p.A. – via Caldera 21, Milan
Contact details of the Data Protection Officer (DPO): rpd@cdlan.it 


Purpose and Legal Basis of Processing

  1. supply and provision of services, including support – processing is necessary for the performance of a contract to which the data subject is a party;
  2. recovery and assignment of the credit – processing is necessary for the legitimate interest of the Data Controller in protecting its credit;
  3. fraud prevention, including IT fraud – processing is necessary for the legitimate interest of the Data Controller in protecting the services provided from fraudulent activities, including those carried out by third parties;
  4. fulfillment of obligations to which the providers of communication services are subject – processing is necessary to fulfill a legal obligation;
  5. marketing email – advertising emails related to products and services similar to those already purchased are sent unless the data subject objects. 


Disclosure 

Data may be disclosed to:

  • public and private entities where required by law;
  • third parties to whom CDLAN may assign the credit;
  • third parties engaged by CDLAN to carry out specific tasks such as tax compliance, IT or business consulting, fraud prevention, and debt collection.

In these cases, the recipients of the data will be appointed as Data Processors.

Publication of data in telephone directories:
The data subject may request the publication of their personal data in telephone directories in accordance with applicable laws and regulations.

Data is not transferred outside the European Union.


Data Retention 

Data will be retained:

  • for the purposes outlined in points a), b), c), and d), for a period of ten years from the termination of the contract, in compliance with legal obligations;

  • for the purposes outlined in point e), for no more than 24 months following the termination of the contract. 



Data Subject Rights 

How to exercise rights of access, rectification, erasure, restriction, and objection:

To exercise these rights, the data subject may contact the Data Protection Officer at rpd@cdlan.it.

Right to withdraw consent:
Consent withdrawal or objection to receiving advertising communications may be exercised by contacting rpd@cdlan.it.

Right to lodge a complaint with the supervisory authority:
The data subject may lodge a complaint with the Data Protection Authority: www.garanteprivacy.it