Privacy policy

• Privacy Policy Suppliers
• Privacy Policy Clients

Privacy GDPR

On 25 May 2018 Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data (General Data Protection Regulation - GDPR) came into force.

The GDPR states that “the protection of natural persons in relation to the processing of personal data is a fundamental right” and that it “protects the fundamental rights and freedoms of natural persons, in particular the right to the protection of personal data”.

The main innovation introduced by the GDPR is the principle of “accountability”, which, based on the method of assessing risks to the rights and freedoms of data subjects, places the onus on data controllers (hence also on the company CIEFFE SRL) to prove compliance with the principles applicable to the processing of personal data and to adopt the most appropriate and suitable protection measures.

This law also forced the company CIEFFE SRL to adopt a new method of handling personal data, both of users accessing the facility and of the people working there.

In order to implement and oversee the personal data protection system, the company CIEFFE SRL has set up an internal organisation with different levels of responsibility (external data processors, internal coordinators, authorised persons, area contact persons, etc.).

If you wish to exercise your rights as a data subject or to receive more information about your rights, you may send an express written request to the registered office of CIEFFE SRL or by email to the following address: privacy@cieffemilano.it