You are here

Home » Management System » Privacy » Privacy Policy

Privacy Policy

Print

Privacy Notice according to art. 13 EU Regulation 2016/679 (“GDPR”)

This privacy notice (“Privacy Policy”) describes how Cassa Nazionale di Previdenza e Assistenza a favore dei Dottori Commercialisti (“C.N.P.A.D.C.”), with registered office in Via Mantova 1, 00198 Roma, tel. 0039/06-47486.1 in its quality of data controller, processes the personal data relating to the data subjects who uses the web services offered by CNPADC through the following web page: www.cnpadc.it (“Web Page”).

The Privacy Notice is related to the Web Page exclusively, therefore it cannot be considered valid and applicable for other web page that could be connected to the Web Page.

1. Data Controller

The data controller is C.N.P.A.D.C. (“Data Controller”).

2. Data Protection Officer (DPO)

The Data Controller appointed a Data Protection Officer who can be contacted at the following e-mail address: dpo@cnpadc.it.

3. Processing of Personal Data

The Data Controller will process Your personal data (“Personal Data”) that will be communicated by You or that will be legally collected as per below.

With reference to the Privacy Notice, processing is related to any activities, carried out through automatic system and concerning to Personal Data, such as, inter alia: the collection, registration, management, retention, amendment, extraction, consultation, use, communication, making available, limitation, deletion and disruption.

C.N.P.A.D.C. will only retain Your Personal Data for as long as necessary to fulfil the purposes it has been collected for, including for the purposes of satisfying any legal, accounting or reporting requirements. In any case Your Personal Data will be collected in compliance with the principles of necessity, transparency, legitimacy, correctness and proportionality as provided for by GDPR.

Your Personal Data will be processed manually and/or through computer or telematic devices.

Specific security measures have been adopted to avoid loss of data, illegal processing and illicit use of data ad not authorised access.

4. Purpose and legal basis of the processing

Your Personal Data will be processed by the Data Controller in relation to its institutional activity and concerning:

  1. purposes relating to the management of relationships existing with its associates, including the sending of communication to inform the associate about the services he/she required and, concerning information on laws, rules, regulations and deadlines and general information;
  2. to meet obligation provided for by the laws, regulations, C.N.P.A.D.C. By-Laws and decisions issued by the competent authorities;
  3. upon collected Your free and specific consent, that You can give it in the specific section of the Web Page relating to Online Services, to send the newsletter concerning all the activities carried out by the Data Controller.

The processing is grounded on the following legal basis (i) Your express consent for the purposes sub c); (ii) the agreement existed between You and the Data Controller and concerning the activities sub a) and (iii) to meet law obligations sub b).

The Personal Data required to you through the document drafted by the Data Controller are needed to pursue the purposes above mentioned and a your potential refusal to give such data (as required) can be of prejudice for the performance of the services provided for by C.N.P.A.D.C.

Conversely, You can decide to give or not to give your Personal Data for the purposes sub c). In such a case, Your refusal to give Your Data for the purposes sub c) cannot be of prejudice for the performance of the activities sub a) and b) above mentioned.

Where Personal Data is going to be collected, the Data Controller will specify in what cases Your Personal Data is mandatory or optional and for what purposes.

5. Source of Your Personal Data

Your Personal Data is collected from Data Controller and through the documents it provides You with. Some of Your Personal Data (in compliance with other specific provisions by the law) are collected at the following institutional authorities: Agenzia delle Entrate (Italian Tax Agency), I.N.P.S. (National Social Welfare Institution); I.N.A.I.L. (National Institute for Insurance against Accidents at Work) and Equitalia (Tax Collectors Office).

6. Recipients of Your Personal Data

For the purposes above mentioned, Your Personal Data can be shared:

  1. with the employees and staff of the Data Controller, who, for the processing of Your  Personal Data, will be duly appointed and instructed by the Data Controller;
  2. with the private and public Authorities and Offices that, as provided for by the law, are entitled to process such data;
  3. with partners or third entities which activity and role is needed for the performance of the services and activity by the C.N.P.A.D.C. These are, inter alia: Agenzia delle Entrate (Italian Tax Agency), I.N.P.S. (National Social Welfare Institution); I.N.A.I.L. (National Institute for Insurance against Accidents at Work), Equitalia (Tax Collectors Office), Medical Offices, Banks and Insurance Companies.

7. Transfer of Your Personal Data

Your Personal Data will be processed in the EU and stored in servers which are located in Italy.

8. Retention period of Your Personal Data

Your Personal Data will be processed for the purposes above mentioned sub a), b) e c) and will be retained by the Data Controller to meet the principles of necessity and proportionality, as provided for by GDPR, and for a period of 10 years starting from the achievement of such purposes. This is n order to protect and support the rights of the Data Controller in case of claims filed by You and/or third parties and concerning the performance of the activity as per the purposes sub a), b) e c).

9. Browser Data

Computer devices, which are responsible for the Web Site, collect certain personal data which sharing is needed and implied for the Internet communication system (e.g., IP addresses of the computer used by data subjects to visit the Web Site, time of request, and other information concerning the devices used by the data subject). Such information is collected not to identify specific users, however, taking into consideration its nature and by a possible jointly combined with data retained from third parties, it could permit to identify the users. Such data is processed to obtain anonymous statistic information on the number of users of the Web Site and to verify its operation exclusively. Such data is delated immediately following the relevant processing. In any case, the data could be used to verify the ground of liabilities in relation to illicit use of the Web Page or informatic crime, if any.

The Web Site uses cookies according to the Cookie Policy.

10. Data Subject rights

In compliance with Sections 15 – 21 of the GDPR, You have certain rights in connection with Your Personal Data, in particular way:

  1. to access Your Personal Data anytime and to receive a copy of the Personal Data held, as well as to check that it is lawfully processed by C.N.P.A.D.C.;
  2. to ask the correction or an updating of any incomplete or inaccurate Personal Data held by C.N.P.A.D.C.;
  3. to ask C.N.P.A.D.C. to delete, anonymize or remove Your Personal Data in certain circumstances. There are also certain exceptions where C.N.P.A.D.C. may refuse a request for erasure (e.g. where Personal Data is required for compliance with law or in connection with claims);
  4. to ask C.N.P.A.D.C. to suspend the processing of certain of Your Personal Data;
  5. under specific conditions, to limit the processing of Your Personal Data (such as by stopping all processing, except storage);
  6. under specific conditions, to require C.N.P.A.D.C. to provide a copy of Your Personal Data in machine-readable format to request the transfer of certain of Your Personal Data to another party (sc. right to data portability);
  7. to lodge a complaint with a supervisory authority, in particular in the Member State in the European Union where You are habitually resident, where You work or where an alleged infringement of Data Protection law has taken place. In Italy You can file a compliant to the Garante per la protezione dei dati personali, Piazza di Monte Citorio, n. 121, 00186, Roma, Phone: (+39) 06.696771, Facsmile: (+39) 06.69677.3785, E-mail: garante@gpdp.it.

We inform you that you have anyway, at any time, the right to object to processing of Personal Data for the sending of promotional, advertising, marketing and commercial communications, as well as for the promotion of events. The right to object to such processing carried out by automated means extends also to the processing of Personal Data carried out by traditional means, unless you wish to object just partially. Whether you object to the processing of the data for the sending of promotional, advertising, marketing and commercial communications by Data Controller, your Personal Data will no longer be subject to processing for such purposes.

For further information about your Personal Data, You can contact:

Data Controller, via mail, Cassa Nazionale di Previdenza e Assistenza a favore dei Dottori Commercialisti, registered office in Via Mantova 1, 00198 Roma and via e-mail at the following registered email address: servizio.supporto@pec.cnpadc.it ;

Data Protection Officer at the following e-mail: dpo@cnpadc.it.