Privacy Policy

Dear user,

We inform you that the processing of your personal data will be carried out in compliance with the current privacy regulations and will be based on the principles of fairness, lawfulness, transparency, and protection of data.

In accordance with Article 13 of the European Regulation 2016/679 (GDPR), we provide you with the following general information regarding the processing of personal data through this website. Further specific information will be provided, where necessary, directly on the web pages where data collection occurs to provide any type of service.

This information pertains exclusively to the data of those interacting with the services accessible from the home page www.campagroup.it (the 'Site') and does not extend to other websites that may be reached by the user through links on the Site.

Data Controller's Contact Information:

The data controller is Campa S.r.l., located at S.S. 16, km. 978, 73022 Zona P.I.P. Corigliano d'Otranto (LE). You can contact the Data Controller using one of the following methods:

  • Email: info@campasrl.it
  • Postal address: S.S. 16, km. 978, 73022 Zona P.I.P. Corigliano d'Otranto (LE). For any communication, please include your contact details in the request, necessary for identification and follow-up.

Types of Data Processed:

Navigation Data: During their normal operation, the IT systems and software procedures involved in the operation of this Site acquire some data whose transmission is implicit in the use of Internet communication protocols. This includes IP addresses or domain names of computers used by users connecting to the Site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.), and other parameters related to the user's operating system and computer environment. These are not collected to be associated with identified individuals, but for statistical purposes and to ensure the proper functioning of the Site.

Cookies: The Site uses cookies to improve the user's browsing experience. For more information on the types of cookies used, purposes, and disabling methods, please refer to the cookie policy.

Voluntarily Provided Data: To access some services reserved for users, registration and the insertion of certain personal data are necessary. The provision of certain identifying data is necessary for authentication and verification of authorization to access restricted areas. The optional, explicit, and voluntary sending of emails to the addresses indicated on this Site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data entered in the message.

Processing Purposes: The data provided by you may be processed for:

  1. Carrying out operations necessary to provide the services and/or information you requested (e.g., navigating the Site, registering for reserved areas, assistance, scheduling appointments, email inquiries, etc.);
  2. Providing technological services (mailing lists, newsletters, remote or on-site assistance and maintenance, etc.), also by specifically authorized third parties;
  3. Activities imposed by laws, regulations, or provisions applicable to the services offered through the Site;
  4. Statistical analysis on aggregated data related to Site performance;
  5. Evaluations regarding user usage of the Site;
  6. Optimizing commercial offers through focused and selected analysis;
  7. Sending advertising and/or commercial proposals based on the profiling of your data, carried out to highlight information and commercial proposals tailored to your interests.

Specific privacy information and methods for obtaining your consent will be provided on pages of the Site where personal data is explicitly collected.

Legal Basis: The processing of your personal data will be based on one or more of the following conditions. In particular, the processing carried out for the purposes described above, which involve:

  • Points 1 and 2, are based on the necessity to respond to your information request or execute your requests for services available directly through the Site. This involves the voluntary or strictly necessary provision of data connected to a pre-contractual and/or contractual phase or functional to respond to a specific request;
  • Point 3 is based on the necessity to comply with a legal obligation, such as the obligation to implement security measures prescribed by specific laws applicable to certain services provided through the Site;
  • Point 4, concerning anonymized data, is not subject to privacy legislation as such data cannot be re-identified, directly or indirectly;
  • Points 5, 6, and 7 are based on your informed and free consent, obtained on specific pages of the Site and preceded by our specific information or cookie policy. In this case, the provision of data is entirely voluntary, and without your consent, the data will not be collected or used for these purposes.

If the data controller can rely on another legal basis (legitimate interest, public interest, etc.), specific and appropriate information will be provided.

Processing Methods, Security Measures, and Storage Times: All data will be processed primarily in electronic format. Personal data and any other information associated with a specific user are collected and processed using technical and organizational security measures to ensure an adequate level of security. These measures consider the state of the art and implementation costs, or, where provided, security measures prescribed by specific regulations. The data will be accessible only to specifically authorized personnel. Regarding data protection, you are invited, under Article 33 of the GDPR, to report to the data controller any circumstances or events that may result in a potential "personal data breach" to allow an immediate assessment and the adoption of any actions to counteract it.

The measures taken by the controller do not exempt the user/customer from paying attention to the use, where required, of passwords/PINs of adequate complexity, which should be updated periodically and carefully stored and made inaccessible to others to prevent improper and unauthorized use.

Processed personal data will be stored in a form that allows the identification of the data subjects for a period not exceeding the achievement of the purposes for which they are processed (for example, data related to assistance requests are stored for a limited period until the reported issue is resolved), except when it is necessary to keep them for a longer period due to requests from competent authorities for the prevention and prosecution of crimes or to assert or defend a right in court.

Categories of Recipients of Personal Data: Depending on the operation or service, customer/user data may be communicated by the controller to specialized companies entrusted with technical and organizational tasks who will process the data as autonomous controllers or appointed processors (e.g., Site maintenance companies).

Data may also be communicated to those subjects to whom such communication must be made in compliance with an obligation established by law, regulation, or community legislation, or as a result of an Authority's provision.

Transfer of Data Outside the EU: The personal data of the customer/user may be transferred to third countries outside the European Union under the following conditions: that it is a third country considered adequate under Article 45 of EU Regulation 2016/679, or a country for which the controller provides adequate or appropriate guarantees regarding data protection under Article 46 and 47 of the aforementioned EU Regulation, and provided that data subjects have enforceable rights and effective remedies. Alternatively, one or more of the derogations under Article 49(1)(a)-(g) of the mentioned EU Regulation may apply.

Data Subject Rights: In relation to the processing of your personal data through this Site, you can exercise the rights provided by the GDPR at any time, where applicable. In particular, you can:

  • Access your personal data, obtaining information about the purposes pursued by the controller, the categories of data involved, the recipients to whom they may be communicated, the applicable retention period, the existence of automated decision-making processes, including profiling, and, at least in such cases, meaningful information about the logic used, as well as the importance and possible consequences for the data subject, if not already indicated in this Privacy Policy;
  • Obtain the rectification of inaccurate personal data concerning you without undue delay;
  • Obtain, in cases provided by law, the erasure of your data;
  • Obtain the restriction of processing or object to it when permitted by applicable law;
  • In cases provided by law, request the portability of the data you have provided to the controller, meaning receiving them in a structured, commonly used, and machine-readable format and also requesting that such data be transmitted to another controller if technically feasible;
  • Propose a complaint to the Supervisory Authority, if you deem it appropriate.

To exercise your rights, simply contact the Data Controller, referring to the contact details provided at the beginning of this Privacy Policy.

For more information about your rights and privacy regulations in general, we invite you to visit the website of the Italian Data Protection Authority at http://www.garanteprivacy.it/.

Information Published on: 20/11/2023