Data Protection Regulation

 
crew

 

INTRODUCTION

The EU Regulation 2016/679 "General Data Protection Regulation" (GDPR or Regulation) strengthens the protection of the right to personal data protection (Data Protection), in line with the recognition of data protection as a fundamental right within the EU. The Regulation also represents a necessary and urgent response to the challenges posed by technological developments that allow for the collection and processing of large amounts of personal data in real-time, enabling automated decision-making that bypasses human intervention. The Regulation addresses the growing need for privacy protection, increasingly felt by European citizens.

CREW S.r.l. considers the protection of its Clients', Employees', and Suppliers' personal data as an obligation that goes beyond mere regulatory compliance. For this reason, it has developed its own Data Protection Framework, which encompasses roles and responsibilities, internal rules, and methodologies aimed at managing and mitigating risks to individuals' rights and freedoms associated with personal data processing.

DATA SUBJECTS’ RIGHTS

The EU Regulation 2016/679 (articles 15 to 23) grants data subjects specific rights. In particular, with regard to personal data processing, the data subject has the right to request the following from CREW S.r.l.: access to data, data rectification, data erasure and portability, limitation of processing, and objection to processing. Specifically:

  • Right of Access: The data subject may request confirmation from CREW S.r.l. as to whether personal data concerning them is being processed, and, if so, obtain access to the personal data.
  • Right to Rectification: The data subject may obtain the rectification of inaccurate personal data from CREW S.r.l.
  • Right to Erasure/Right to be Forgotten: Under certain circumstances, the data subject may obtain the erasure of personal data concerning them from CREW S.r.l.
  • Right to Data Portability: Under certain circumstances, the data subject may receive their personal data in a structured, commonly used, and machine-readable format from CREW S.r.l. They also have the right to transmit that data to another data controller without interference from CREW S.r.l.
  • Right to Restriction of Processing: Under certain circumstances, the data subject may obtain restriction of processing from CREW S.r.l.
  • Right to Object to Processing: The data subject may object at any time, for reasons related to their particular situation, to the processing of personal data concerning them. CREW S.r.l. will abstain from further processing unless there are compelling legitimate grounds that override the data subject’s interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.

Furthermore, the data subject may lodge a complaint with the Supervisory Authority, which in Italy is the Data Protection Authority ("Garante per la Protezione dei Dati Personali"). They may exercise their rights at any time by contacting CREW S.r.l. at the email address titolaretrattamento@crew.it or by reaching out to the Data Protection Officer at protezionedati@crew.it.

USERS VISITING WWW.CREW.IT

This Privacy Notice (together with other documents mentioned herein) describes the personal data we collect from users and how we process it. This notice pertains solely to the processing of personal data of users who visit the crew.it website for the specific purposes detailed below and does not cover any information collected through other methods, sources, or other websites accessible through links on the website, unless explicitly specified otherwise.

Refer to specific notices provided at the time of data collection for details on each type of processing. CREW S.r.l. considers the protection of personal data of its Clients, Employees, and Suppliers as an obligation that goes beyond mere regulatory compliance. For this reason, we have developed a Data Protection Framework, which encompasses roles and responsibilities, internal rules, and methodologies aimed at managing and mitigating risks to individuals' rights and freedoms associated with personal data processing.

Below are the contact details for CREW S.r.l.:

  • CREW S.r.l., Data Controller, is represented by the temporary Chief Executive Officer, with its registered office at Via Cefalonia, 70 - 25124 Brescia, and can be reached at titolaretrattamento@crew.it.
  • Data Protection Officer can be contacted at protezionedati@crew.it.

The personal data processed via the website, within the scope of the purposes defined in this Privacy Notice, include:

  • Voluntarily provided personal data (e.g., name, surname, email address, etc.) will be processed solely for the purposes described in the specific “Personal Data Protection Notices” prepared by the Data Controller for different online services. These notices, available at the time data is provided, will supply additional information, such as the legal basis for processing, potential recipients of personal data, the retention period for personal data (or the criteria to determine that period), the existence of automated decision-making processes, including profiling, along with all necessary information listed at the end of this section for the exercise of privacy rights.
  • Voluntarily submitted email communications to addresses indicated on this site entail the acquisition of the sender’s email address, as well as any other personal data included in the electronic communication, necessary for responding to requests. This data is used solely to provide the requested information.
  • Data will not be used for other purposes without the explicit consent of the data subject.
     
    By browsing the website, technical information about the hardware and software used by visitors is collected. This information does not provide personal data about the user but only technical/computer data that is used in aggregate and anonymous form solely to improve service quality and to provide statistics on site usage. For more information, refer to the dedicated cookie section.

Personal data will be processed for the time strictly necessary to achieve the purposes for which they were provided, and related IT systems will be protected by the adoption of adequate technical and organizational measures pursuant to Article 32 of the GDPR.

The accuracy and truthfulness of the personal data communicated to CREW S.r.l. are the responsibility of the individual transmitting it.

Information on Contract Management Procedures.