Privacy policy

Pursuant to regulation (UE) 2016/679 ("GDPR")

www.bakertilly-cgsm.it

This site processes Personal Data of the Users.

Data controller

Baker Tilly Colombo Galli Sole Massara & Partners - C.so Cavallotti, 26/30 28100 Novara NO - Italia
Responsible: Baker Tilly Colombo Galli Sole Massara & Partners

Email address: segreteria.no@bakertilly-cgsm.it 

Types of Data collected

Among the Data collected by the site www.bakertilly-cgsm.it, directly or through third parties, there are: Name, Surname, Email address, Phone number, Usage data and Cookies.

This policy, or informative texts displayed before data collection, specifies the types of the collected data.

Personal Data can be freely provided by the User or, in case of Usage Data, automatically collected.

Unless otherwise specified, all Data requested by the site www.bakertilly-cgsm.it is mandatory. If the User refuses to provide them, it could be impossible to offer the service for which such data is required.

In case of optional data, Users can freely choose if providing them or not, without any consequence regarding the service or its operation.

For any doubt about mandatory Data, Users can contact the Data controller

The use of Cookies – or similar – by side of this website or of the third-parties service providers used by the site www.bakertilly-cgsm.it, unless otherwise specified, has the purpose to offer the service required by the user, further to additional purposes as described in the present document and in the Cookie Policy, where available.

The User assumes responsibility for any Personal Data of third parties obtained, published or shared by means of this Website and warrants that he has the right to hand them over or spread them freeing the Data Controller from any liability to third parties. 

Mode and place of processing of the collected Data

Processing mode

The Data Controller shall take appropriate security measures in order to prevent any unauthorized access, divulgation, amendment or destruction of the Personal Data.

We take appropriate technical and organizational measures in order to protect the Personal Data of the User in case of destruction, loss, amendment or accidental or unlawful damage.

Processing occurs through digital and/or telematic means, with organizational modes and with procedures which are strictly related with the indicated purposes. In addition to the Data Controller, other subjects that are involved in the company structure as well as collaborators (administrative staff, sales staff, marketing staff, lawyers, system administrators, third party technical service providers, couriers, hosting providers, IT companies, communication agencies), may have access to the Data in some specific cases. Said subjects may be appointed, if necessary, as Data Processors by the Data Controller. The updated list of the Data Processors may always be required to the Data Controller. 

Legal basis for the processing

The Data Controller processes the User’s Personal Data in the event one of the following conditions exists:

  • The User has given consent for one or more specific purposes
  • Processing is necessary for the execution of a contract with the User and/or the execution of pre-contractual measures
  • Processing is necessary to fulfil a legal obligation to which the Data Controller is subject
  • Processing is necessary for the performance of a task in the public interest or for the exercise of official authority vested in the Data Controller
  • Processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties
  • It is always possible to request the Data Controller to specify processing: if it is based on the law, if it is provided for in a contract or necessary to close a contract.

Place

Data are processed at the operational headquarters of the Data Controller and everywhere the involved parties are based. We could file information (among which Personal Data) locally on the device of the User by using cookies and other filing methods of applications and browsers.

Personal Data of the User may be transferred to a different country from where the User is based. In order to obtain further information about the processing place the User can refer to the section about the details about personal Data processing.

The User has the right to obtain information about the legal basis of the transfer of Data outside EU and about the security measures the Data Controller adopted in order to protect the Data.

For any further information, please contact the Controller.

In case any of the above described transfers will occur, the User can refer to the specific sections of the present document or ask the Data Controller for any information by using the contact details at the beginning. 

Data retention period

Data are processed and stored for the time required by the purposes for which they were collected. Therefore:

  • Personal Data which were collected for the execution of a contract between the Controller and the Owner will be kept till the complete execution of the contract itself.
  • Personal Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User can get further information about the legitimate interest of the Data Controller in the specific sections of the present document or by contacting the Data Controller himself.

When processing is based on the User’s consent, the Data Controller may retain the Data until said consent is revoked. In addition, the Data Controller may be obliged to retain some Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

At the end of the retention period the Personal Data will be deleted and the right of access, cancellation, rectification and the right to Data portability can no longer be exercised.

Purposes of the Processing of Collected Data

Data concerning the User is collected to allow the Data Controller to provide its Services as well as for the following purposes: Contacting the User; interacting with the social network and external platforms; statistics and displaying contents from external platforms.

In order to obtain further information about the purposes of processing and about the concretely relevant Personal Data for each purpose, the User can refer to the specific sections of the present document. 

Links to third parties’ websites

Our website may contain links towards or from third parties’ websites. We invite you to keep in mind that such websites have their own policies and that we do not accept any responsibility or obligation in relation to such policies. Please check each policy before sharing your own personal data with such websites. 

Details on the processing of Personal Data

Personal Data are processed with the following purposes and by using the following Services:

  • Contact Form
    • The User, by filling the contact form with his data, consents to their use in order to reply to the request for information, quotation, comment or any other type of request which will be indicated on the header of the form.
    • Processed Personal Data:
    • Name, Surname, Email Address, Phone Number
  • Google Analytics (Google Inc.)
    • Google Analytics is a service of web analysis supplied by Google Inc. which uses the processed Personal Data to track and examine the use of the site, to compile reports and to share them with the other services developed by Google.
    • Google could use Personal Data in order to contextualize and customize their advertisements.
    • Processed Personal Data: Cookie and Usage Data
    • Processing place: USA
  • Widget Google Maps (Google Inc.)
    • Google Maps is a viewing maps service supplied by Google Inc. that allows to this app to complete these subjects in its own pages.
    • It is possible that, even if the Users do not use the service, the same collects Data regarding the pages where it is installed.
    • Processed Personal Data: Cookie and Usage Data
    • Processing place: USA

User rights

Users may exercise the following rights with reference to the Data processed by the Data Controller:

  • Revoke consent at any time
  • Object to the processing of their own Personal Data if this occurs on a different legal basis from consent
  • Access their Data and receive a copy of the Data processed
  • Verify and request update/rectification
  • Obtain the restriction of the processing of Data to the sole storage. When their Data is used for direct marketing purposes, the user can object to their processing without providing any reasons 
  • Obtain the cancellation or removal of their Personal Data
  • Receive their Data and have it transferred to another controller. This provision is applicable when Data is processed with automated tools and processing is based on the User's consent, on a contract of which the User is a party or on contractual measures connected to it.
  • File a complaint to the Competent Supervisory Authority for the Protection of Personal Data or file in court.
  • Details on the right of opposition


When Personal Data is processed in the public interest, in the exercise of public authority to which the Controller is invested or to pursue a legitimate interest of the Owner, the User has the right to oppose the processing for reasons related to their particular situation.

When their Data is used for direct marketing purposes, the User can object to their processing without providing any reasons. Users can refer to the respective sections of this document to find out if the Controller deals with Data for direct marketing purposes.

How to exercise your rights 

To exercise User’s rights, Users can direct a request to the Data Controller which will be processed as soon as possible (at least within 30 days)

Systems log and maintenance

For needs related to operation and maintenance, this Application - and any third party services it uses - may collect system logs, which are files that record the interactions and which may also contain personal data, such as IP address of the User

This Website does not support Do Not Track requests

Changes to this Privacy Policy 

The Data Controller reserves the right to change this Privacy Policy in any moment informing the Users by means of this page and, if possible, by means of the Website as well as, where technically and legally feasible, by sending a notification to the users using the contact details in his hands. Please check regularly this page. If modifications are made that affect processing operations whose legal basis is consent, the Data Controller undertakes to gather the User's consent again, if necessary. Further information in relation to the processing of Personal Data could be required in any moment to the Data Controller

The User hereby declares he is aware that the Controller may be asked to disclose his/ Personal Data to public authorities

Cookie Disclaimer

Cookies are small text files (stored in a user's browser), which are often used by websites to help make the user experience more efficient. If you feel uncomfortable with the use of cookies you can amend your browser settings to request each time a cookie is downloaded, or to completely disable cookies.

By continuing to browse the site you agree to use cookies.

Information about cookies, including how to block or delete them can be found at www.allaboutcookies.org.