Data protection policy
Last modified : May 25, 2018
Collini Consulting Sas manufactures, sells, distributes and markets solutions and systems for the security, filtering and protection of IT networks.
Collini Consulting Sas, together with its subsidiaries, is sincerely committed to the protection of personal data that it collects from interested parties (hereinafter “User”) offline, through, for example, paper forms, contracts, declarations (hereafter “Forms”) or online, through the website www.flashstart.com, www.flashstart.it , www.flashstart.es (hereafter “Website”) and through, for example , but not limited to, Collini Consulting Sas (web) applications, software and digital tools (hereinafter “Applications”).
In accordance with the General European Data Protection Regulation (EU) 679/2016 (GDPR), for the purpose of:
• guarantee transparency in the nature of the Personal Data that Collini Consulting Sas collects offline through Forms or online through the Website and / or through the Applications;
• ensure transparency in the use of the personal data collected;
• facilitate the interested parties in the exercise of their rights;
Therefore, Collini Consulting Sas defines this Data Protection Policy.
The protection of your personal data is important for Collini Consulting Sas. The company aims to treat your personal data in a legitimate, appropriate and transparent way.
Read this Data Protection Policy and its main key terms, indicated below in capital letters.
In this regard, in case of questions or comments, contact Collini Consulting Sas directly.
1. DATA CONTROLLERS, DATA CONTROLLERS AND DATA PROCESSORS
Collini Consulting Sas and its subsidiaries, as established within the European Union, are subject to the General Data Protection Regulation (EU) 679/2016 (GDPR) and to any future legislation, in application of the aforementioned Regulation, which enter into in force in the member state in which they are established.
HOLDERS OF THE TREATMENT
The personal data sent by the user offline through the forms or online through the website and / or applications are used for the purposes described below by Collini Consulting Sas, with registered office in Italy, in Cesena in via Cervese 1424 (VAT number : IT03187460401), as Data Controller.
The subsidiaries of Collini Consulting Sas act as data controllers with reference to the processing of personal data collected offline through forms or online through the website and / or applications.
In the future it is possible that Collini Consulting Sas, together with its subsidiaries, jointly establish, on the basis of a written agreement, the purposes and means of the processing of personal data as data controllers (for example, but not limited to, in all cases in which the subsidiary is particularly involved in the processing of personal data at local level for the development of a project).
In the aforementioned cases, the interested parties whose personal data must be processed by the data controllers will be informed accordingly.
RESPONSIBLE FOR THE TREATMENT
Collini Consulting Sas can also act as Data Processor on behalf of its subsidiaries for any online or offline processing of Personal Data.
The subsidiaries of Collini Consulting Sas can act as Data Processors on behalf of and under the instructions of Collini Consulting Sas if agreements are in place for data processing.
2. PERSONAL DATA COLLECTED BY Collini Consulting Sas AND PURPOSE
Collini Consulting Sas, to the extent necessary, collects, processes, records, stores and transfers the personal data of the data subjects provided offline through forms or online via the website and/or applications, by way of example but not limited to, in the following cases: by visiting the Website, using Applications, filling in Registration forms offline or online; reporting cases of non-compliance; by contacting Collini Consulting Sas; presenting job applications; by clicking the social media buttons; providing feedback (e.g. on Forms, products, Applications, Website, customer support); responding to surveys and other activities.
Personal data are collected on an optional or mandatory basis. If it is mandatory to provide Personal Data, it will be marked accordingly. In the event that an interested party fails or refuses to provide the personal data that Collini Consulting Sas has marked as mandatory, the company will consequently not be able to carry out the process or activity requested by that interested party.
An example of personal data marked as mandatory is represented by the situation in which an interested party wishes to submit registration forms. In this case, Collini Consulting Sas needs some personal data in order to be able to process the related registration request. If the interested party wishes to register but does not provide the personal data marked as mandatory, Collini Consulting Sas will not be able to accept and process the registration request.
Collini Consulting Sas can collect Personal Data on the basis of the consent or without the consent of the interested party involved if:
1) it is necessary to fulfill a legal obligation;
2) a contract in which the interested party is one of the parties must be executed or executed;
3) there are legitimate interests, public interests or vital interests to be protected which will prevail over the rights of the interested party involved;
4) an authority has requested Collini Consulting Sas to process Personal Data.
Collini Consulting Sas can further process your personal data only:
• if the purpose of the further processing is compatible with the purposes of the initial collection of the user’s personal data;
• if the user gives his consent to the further processing of data for a purpose that is new and incompatible with the purposes of the initial collection of personal data.
In subparagraphs 2.1 and 2.2, the personal data collected by Collini Consulting Sas and the purposes of the collection are reported.
2.1. PERSONAL DATA THAT Collini Consulting Sas
COLLECTS BY THE USER OR BY THIRD PARTIES.
The user may be asked to provide Collini Consulting Sas, according to the purpose of each Treatment and to the extent necessary, different types of Personal Data including, by way of example but not limited to, name, surname, title, address, telephone, mobile phone , email address, language, country, nationality, personal social media URL, preferences, interests, feedback.
Collini Consulting Sas also uses the personal data provided by the user to third parties, for example to service providers, or personal data in the public domain such as commonly recognized personal data, personal data visible on its website or blog or posted on the profile of publicly accessible social media.
Collini Consulting Sas will also be able to receive Personal Data through third parties following mergers, acquisitions and any other transformation operation.
2.1.1 Purpose of the collection of Personal Data.
After being collected, the personal data mentioned above are used for a series of purposes, which are listed below:
Business administration and customer management.
Collini Consulting Sas must be able to execute contracts in a proper and correct manner, and carry out all the necessary accounting and legal processes. Consequently, Collini Consulting Sas will need some personal data provided by the interested parties offline through forms or online through the website and applications. In accordance with Regulation (EU) 679/2016, for the purpose of executing contracts, the consent of the interested party, which is or will be a part of a contract, is not required.
With reference to the management of customer relations and the provision of customer services, Collini Consulting Sas uses Personal Data (e.g. name, country, nationality, e-mail address, customer code) in order to:
• assess whether it was feasible to sell products or provide services to a customer before entering into a contract;
• to process written customer requests, customer orders for products and services and cashback requests;
• identify and contact customers for a discount;
• inform customers of their rights and additional services related to the product or service purchased;
• inform customers of Daikin’s events and promotional campaigns and send them invitations;
• manage access to the premises, to the Website and to the Applications of Collini Consulting Sas;
• organize and carry out assistance for customers and installers;
• inform customers of an impending maintenance deadline
• inform customers and contacts in general of important information for the IT security of networks.
Distribution of products.
Collini Consulting Sas uses Personal Data for the distribution of products and in particular for:
• Facilitate its European Subsidiaries in the distribution of products and in the provision of services through authorized agencies, commercial Partners, the Website and / or through the Applications;
• Facilitate distributors in the delivery of products, spare parts and services (for example, Personal Data are included in the delivery notes that accompany the transport of a purchased product);
• Optimize sales and services by developing offers for customers;
• Improve and accelerate the distribution of Collini Consulting Sas products and services;
• Examine the technical data of the installations and the status of contracts and projects;
• Organize and provide training to customers, installers, employees and subcontractors.
Management of suppliers.
Collini Consulting Sas uses Personal Data to keep records relating to suppliers and service providers, to register and manage purchase orders, business expenses and invoices provided by suppliers and service providers.
As a leading manufacturer and supplier of network security solutions, Collini Consulting Sas is able to provide information tailored to the user and his needs (for example, using transaction data, Collini Consulting Sas is able to inform the user about the services, offers and suggestions related to the purchase. This is called “direct marketing”).
Collini Consulting Sas uses the collected Personal Data, the Personal Data that is publicly available (e.g. information available on the Internet, through search results, social media results) or Personal Data received from third parties (e.g. Suppliers of Internet services) for direct marketing purposes and to attract new customers.
Collini Consulting Sas also carries out direct marketing with the aim of organizing internal events, trips, presentations, meetings for employees, customers and commercial partners.
Collini Consulting Sas carries out direct marketing through a variety of media including, but not limited to, text messaging on mobile phones, surveys, e-mails, the Website, online advertising, database marketing, Applications and events.
Collini Consulting Sas carries out direct marketing on the basis of its legitimate interest in pursuing commercial objectives.
Collini Consulting Sas can carry out direct marketing. If the user does not wish to receive a highly personalized offer, he can at any time refuse his consent to receive direct marketing when asked.
Collini Consulting Sas is committed to ensuring that direct marketing information is provided in a clear and adequate way and this using the channel designated by the recipient in order to minimize the inconvenience of being disturbed.
Improvement of the quality of products and services.
Collini Consulting Sas uses Personal Data collected through Forms, job applications, surveys, surveys, comments, feedback sent to Collini Consulting Sas to improve its products and services, carry out further surveys, develop analytical, risk, marketing and other models and to produce statistics. Collini Consulting Sas also uses user transaction data to develop global models and perform analyzes.
Example: Collini Consulting Sas may need to process the number of people who have purchased a specific product or who have requested a specific service.
For this purpose, Collini Consulting Sas undertakes as much as possible to aggregate Personal Data anonymously or Pseudo anonymously, in order to ensure that these Personal Data are not easily identifiable or no longer identifiable as User Data.
The practice of processing personal data for statistical purposes is particularly justified by the desire of Collini Consulting Sas to implement strategic choices to have better performance on the market and to provide the user with better products and services.
Personal data may also be used to evaluate, simplify and improve the processes of Collini Consulting Sas, for example to optimize campaigns, procedures and sales, both offline and online, through the website and / or applications.
Example: if the user has not completed a procedure or the sales process, Collini Consulting Sas will be able to contact him to find out what the problem was and if it is possible to provide help to the user. In this case, Collini Consulting Sas limits its contact to provide technical and administrative support for that specific procedure or specific process.
Recruitment and selection.
In order to hire “talents”, Collini Consulting Sas collects Personal Data such as, for example, name, e-mail, telephone number, information on the curriculum, URL to the social media profile from open candidates and targeted candidates who present application, for example, for job vacancies, international traineeships, internships for students.
The personal data provided by the candidates (by filling in forms or registering and creating a personal account on the website or when accessing the applications) will be used to process applications, to contact candidates for management-related activities human resources, manage hiring processes (e.g. by inviting candidates to interviews and to carry out written tests) and draw up employment contracts.
Collini Consulting Sas undertakes to delete from its archives the Personal Data belonging to the candidates who have not been hired at the end of the selection process, when there is no legitimate reason to keep them.
Personnel management and salary benefits.
Collini Consulting Sas uses Personal Data for the purpose of managing personnel and, in particular, for:
• Manage and keep track of employment contracts and pay slips;
• Pay wages;
• Keep track of employee attendance, travel and training activities;
• Communicate with health insurance companies;
• Provide employees with insurance, company assets and performance-related pay benefits.
Record keeping and accounting.
Collini Consulting Sas uses Personal Data for record keeping and accounting purposes and for the purpose of:
• Keep track of transactions
• Issue invoices related to the sales and services provided;
• Fill out tax returns and related forms to fulfill tax obligations;
• To elaborate statistics on the basis of transaction data (for example regarding the number of transactions carried out and in which area);
• Comply with current legislation and regulatory requirements both at national and European and international level.
Legal complaints and disputes.
Collini Consulting Sas can use Personal Data as evidence and to ascertain, exercise and safeguard their rights or the rights of those whom the company represents (e.g. in disputes) before any jurisdiction of any country (for example, among others, the right of Collini Consulting Sas to defend itself against acts of unfair competition or the right of Collini Consulting Sas to solicit the fulfillment of an unpaid invoice).
Fraud and crime prevention.
Collini Consulting Sas can also use personal data to prevent, detect and investigate crimes and IT risks for legitimate interest or when a public authority requires it.
Company activity and office management.
Collini Consulting Sas jointly transmits and / or uses the Personal Data collected with its Subsidiaries and / or its Commercial Partners only when necessary and with a view to drawing up periodic reports on results and aspects related to the activity, business plan and corporate strategies .
Collini Consulting Sas provides for the processing of personal data of European citizens who have been legally collected, unless there is a legal impediment (e.g. a confidentiality obligation or a provision in data protection laws).
Collini Consulting Sas undertakes to implement all appropriate measures for the protection of personal data with reference to intra-group communications in line with Regulation (EU) 679/2016.
2.2. PERSONAL DATA OBTAINED FROM THE USE OF THE WEBSITE AND / OR APPLICATIONS.
2.2.1 Purpose of the collection of Personal Data.
When the user visits the Website and / or the Applications, Collini Consulting Sas collects some of his Personal Data for the following purposes:
Facilitation of the use of the Website and / or Applications.
By collecting some Personal Data (e.g. IP address, login data), Collini Consulting Sas is able to better adapt the Website and / or Applications according to the needs of the user.
Example: in order to support and simplify the user identification process, Collini Consulting Sas stores a username and password through a Cookie; in this way it is not necessary for the user to enter identification credentials or other personal data at each visit.
Monitoring of the interests and preferences of the interested parties.
Collini Consulting Sas, on its website and / or applications, on the basis of consent or legitimate interest, can systematically monitor and regulate personal data through automated decision-making technologies and cookies. This is done for the purpose of evaluating some personal aspects relating to a natural person, in particular to analyze and predict aspects concerning the person’s performance on the job, his economic situation, personal preferences, interests, reliability, behavior , position or displacements (geo-location).
3. Will the PERSONAL DATA COLLECTED be disclosed to third parties?
For the aforementioned purposes, Collini Consulting Sas may need services, advice and / or assistance from third parties, including but not limited to, for the maintenance of the Applications and the bug fixing, the purchase of Applications, the data hosting , advice on compliance with laws and regulations, Application development, human resources services, provisioning services, Internet provider services, production of statistics and more.
In this regard, to the extent necessary, Collini Consulting Sas can transmit or disclose the Personal Data collected to any natural person or legal person, to subcontractors and commercial Partners who are third parties with respect to Collini Consulting Sas Collini Consulting Sas does not sell or acquire your personal data from third parties for your personal use.
Whenever Collini Consulting Sas must transmit or disclose some Personal Data collected to third parties, except in the case of legitimate interest of the third party, Collini Consulting Sas will ensure that it has an agreement for the processing of data with that third party by virtue of the provisions of Regulation (EU) 679/2016, asking the third party to comply with the principles and provisions of the same Regulation and to align with the appropriate safety standards.
4. Transfer of PERSONAL data to third countries (NON EU)
For the purposes described above, Collini Consulting Sas jointly transmits and uses the personal data collected, belonging to the interested parties present in the European Union, with DIL and / or other companies of the Daikin Group and / or commercial partners based in any country not EU.
Collini Consulting Sas has established adequate standard contractual clauses and appropriate guarantees regarding any transfer of Personal Data between the Subsidiaries. In any case of transfer of personal data to a non-EU country, Collini Consulting Sas undertakes to:
• ensure an adequate level of protection by setting appropriate guarantees and respecting the provisions of Regulation (EU) 679/2016;
• manage the transfer of Personal Data on the basis of:
a) adequacy decisions of the European Union; or
b) standard contractual clauses / binding company rules; or
c) code of conduct approved by the relevant control authority / official safety certifications.
• manage the transfer of personal data on the basis of the consent of the interested party whose personal data must be transferred, or on the basis of the derogations pursuant to article 49 of Regulation (EU) 679/2016 if the transfer cannot be performed on the basis of cases a), b), c).
5. Data retention and related criteria
Collini Consulting Sas does not keep your personal data forever. Collini Consulting Sas uses personal data to the extent necessary and only for the purpose of pursuing the purposes described above. After the purpose has been achieved, Collini Consulting Sas undertakes to delete Personal Data, unless their storage is required by law, at national, European or international level.
The starting point for storing Personal Data is the legal retention period (which is often ten years and lasts until the expiry of a contract or the end of the commercial relationship). The period may be longer where necessary for the exercise of the rights of Collini Consulting Sas.
If no retention period is established by law, the retention period may be shorter, in accordance with, by way of example but not limited to, one of the following criteria: contract duration and legal obligations; commercial and organizational needs; long-term business relationship; pursuit of direct marketing, statistics.
Some ideas become clearer only when they are considered over a longer period of time. For this reason, for some types of Personal Data, a longer time horizon may be necessary (e.g. for those necessary to design risk and marketing models).
As has been stated, Collini Consulting Sas undertakes as much as possible to work with aggregated, anonymized or anonymised Pseudo Personal Data and in all cases it will cease connections with individuals as quickly as possible.
6. RIGHTS OF THE INTERESTED PARTY AND RELATED OPERATING METHODS.
If you have any questions regarding the protection of your Personal Data or the exercise of your rights, the user can contact Collini Consulting Sas at any time by writing to Collini Consulting Sas or one of its Subsidiaries, calling Collini Consulting Sas or one of its Subsidiaries, by sending a specific Form by mail or by submitting the Form available online under each section “contact Collini Consulting Sas” through the Website and / or Applications.
After the personal data have been processed, the user has various rights as an interested party, which can be exercised as indicated below.
The user must be as specific as possible whenever he wishes to exercise his rights. Collini Consulting Sas can adequately respond only to requests expressed in sufficient detail. Collini Consulting Sas will have to verify the identity of the user in as much detail as possible, to prevent someone else from trying to exercise their rights. The user will therefore be asked to provide a valid identification document when submitting this request.
The user can access their personal data.
If the user wishes to access the Personal Data that Collini Consulting Sas processes or wants to have more information regarding:
• the purposes of the treatment;
• the categories of Personal Data in question;
• the categories of recipients to whom the personal data have been or will be communicated;
• the expected period of data retention or the criteria used to establish this period;
• the rights of the interested party;
• the rights that the interested party can exercise with respect to the Treatment by Collini Consulting Sas;
• the existence of an automated decision-making process, including profiling, and the expected consequences;
Collini Consulting Sas will use the personal data provided by the user through the form for the sole purpose of verifying and processing the request.
If the user exercises the right to access, Collini Consulting Sas will provide a list as complete as possible or a copy of the Personal Data.
The user can integrate / rectify / delete / limit the processing of their personal data.
It may happen that some Personal Data held by Collini Consulting Sas are not (or have ceased to be) correct. It may also happen that the user wants to add something to their Personal Data provided to Collini Consulting Sas. The user can request the correction or integration of their personal data at any time by sending an email to: firstname.lastname@example.org.
If the user wants Collini Consulting Sas to delete his Personal Data, the request will be processed, unless an impediment or incompatibility within the meaning of the law or by virtue of legitimate interests regarding the elimination emerges. If the user wishes to request the deletion of personal data, it is necessary to send an email to: email@example.com
The user can obtain the limitation on the processing of their personal data at any time by sending an email to: firstname.lastname@example.org
The user can request the portability of their Personal Data for himself or for third parties.
If the personal data have been collected through electronic means, the user can request the portability of the personal data provided for himself or for third parties, by sending an email to: email@example.com
The user can withdraw consent to the processing of their personal data.
Whenever the user provides Collini Consulting Sas with his consent for the processing of personal data, he can subsequently withdraw this consent at any time by following the suggested procedure and with the same ease with which he provided it.
If the user wishes to withdraw his consent, he can do so at any time by sending an email to: firstname.lastname@example.org
The user can object to the Data Processing or to the Processing by means of automated decision-making systems.
If the user does not agree with the ways in which Collini Consulting Sas manages its legitimate interests in processing certain Personal Data, it can object by sending an email to: email@example.com. Collini Consulting Sas will have to process the objections unless there are legitimate reasons for not doing so or reasons provided by law (for example, an objection will be rejected if the processing of personal data has been conducted to combat fraud).
If the user does not agree with the Treatment through an automated individual decision-making process for direct marketing carried out by Collini Consulting Sas, he can object at any time by sending an email to: firstname.lastname@example.org.
If the user does not agree with the way in which Collini Consulting Sas handles the processing of personal data or if he has other questions about it, he can always contact the data protection authority of his country of residence (for example , if residing in Italy, the user can contact the Data Protection Authority involved: www.garanteprivacy.it; Commission for the protection of privacy, Rue de la Presse, 35, 1000 Brussels).
7. Data protection officer
The following are the contacts of the Collini Consulting Sas Data Protection Officer:
• e-mail address: email@example.com;
• by mail: (to the attention of) Collini Consulting Sas Data Protection Officer, via Cervese 1424 – 47521 Cesena (FC) – Italy
Through its website or applications Collini Consulting Sas does not process personal data of individuals under the age of 16, nor does it offer them commercial offers or try to contact them, unless their legal representative has given their consent.
9. SECURITY MEASURES FOR THE PROTECTION OF PERSONAL DATA
Collini Consulting Sas has implemented adequate security measures in order to maintain integrity and security, as well as prevent destruction, loss, accidental or illegal alteration, unauthorized disclosure, or access to personal data transmitted, stored or otherwise processed, in line with Regulation (EU) 679/2016.
10. ADDITIONAL CHANGES TO THIS DATA PROTECTION POLICY
Collini Consulting Sas regularly tries to improve its efforts in protecting Personal Data. This data protection policy can be modified or updated in the light of future laws, at international, European and national level.
Collini Consulting Sas will inform the user of all substantial changes to this Policy on data protection offline or through online means (for example, through the Website, during the first visit or at each update of this Data Protection Policy).
The user can always find the most recent version of Collini Consulting Sas’ data protection policy on the website www.flashstart.com/privacy-policy or for each application by clicking on the “Data protection policy” section.