Privacy policy

Customer Communication: Privacy Update

As of May 25, 2018, the new European Regulation No. 679/2016 (“GDPR”) on the protection of personal data has come into effect. In compliance with the GDPR and in accordance with the principle of transparency, we have updated our privacy notice, which we invite you to read below:

PRIVACY NOTICE

1. Introduction

Cescor is committed to ensuring the protection of your personal data every day.

With this privacy notice, we aim to provide you with a clear and transparent overview of the information we collect and process in relation to our customers within the framework of contractual relationships, the use of our website, and online applications installed on mobile devices.

In the following sections, we will explain how we use your personal data, for what purposes, and for how long, while also reminding you of your rights and our commitment to complying with data protection regulations.

The details of the individual notices updated pursuant to the new European Regulation No. 679/2016 (“GDPR”) can be consulted in the following sections of the Cescor.it website:

• Privacy Policy (this page)

• Cookie Policy

2. Who is the data controller of your personal data?

Cescor.it, with registered office at Via Maniago 12 - 20134 Milan (Italy), represented by its legal representative pro tempore, is the data controller of your personal data (the “Controller”, “Cescor”, or “we”).

3. What are the contact details of the Data Protection Officer?

Cescor.it has appointed a Data Protection Officer (DPO) who supervises compliance by the Controller and other Group companies with the obligations prescribed by the GDPR and, more generally, by personal data protection legislation.

To exercise your rights as outlined in this privacy notice, our DPO can be contacted by email at: This email address is being protected from spambots. You need JavaScript enabled to view it.

4. What is meant by personal data and which data do we process?

“Personal data” means any information capable of identifying, directly or indirectly, a natural person, in this case you, when using the services offered by Cescor.

In particular, we collect and process the personal data necessary to register on the portal and allow you to use services reserved for registered users, such as GPS track downloads and route and tour uploads:

• personal and identification data (name, email address)

In addition, when you use our website and applications, we process registration information, browsing data, contact details, IP address, domain names of the devices used, URLs accessed, information relating to the operating system and IT environment used, browsing history, geographical coordinates of the mobile device, as well as data voluntarily provided by you in order to use our services and purchase our products.

We also collect your data through cookies.

Cookies are small text files that websites visited by users send to their devices, where they are stored and then retransmitted to the same websites upon subsequent visits.

Generally, we use so-called technical cookies necessary to ensure the best functionality of our website. If you wish to disable/refuse the use of these cookies, you may modify your browser settings at any time.

For further details regarding other types of cookies we use, such as third-party and profiling cookies, please refer to our Cookie Policy published on our website.

5. Why do we process your personal data?

First of all, we collect and process your personal data strictly necessary to fulfill your requests and provide the services you have subscribed to. In particular:

• Sending newsletters, from which you may unsubscribe at any time with a simple click.

In any case, we are committed to ensuring that the information collected and used is appropriate for the purposes described and does not constitute an invasion of your personal sphere.

6. To whom do we disclose your data?

Your data remains stored within the Joomla CMS database of Cescor.it and is not shared with third parties.

We may also disclose your data to parties to whom disclosure is required by law and to banking institutions with which we operate for contractual purposes. These parties process data as independent data controllers.

7. How long do we retain your data?

We retain your data only for the time necessary to carry out the processing activities for the purposes mentioned above.

8. What are your rights?

• Right of access – you have the right to obtain confirmation as to whether or not personal data concerning you is being processed, as well as access to information relating to such processing.

• Right to rectification – you have the right to obtain the correction of incomplete or inaccurate personal data.

• Right to erasure (“right to be forgotten”) – under certain circumstances, you have the right to obtain the deletion of your data from our archives where it is no longer necessary for contractual purposes or legal obligations.

• Right to restriction of processing – under certain conditions, you have the right to obtain restriction of processing where it is not necessary for contractual purposes or legal obligations.

• Right to data portability – you have the right to obtain the transfer of your data to another data controller.

• Right to object – you have the right to object at any time, for reasons related to your particular situation, to the processing of your data based on legitimate interest, public interest, or the exercise of official authority, including profiling.

• Right to withdraw consent – you have the right to withdraw your consent at any time, without affecting the lawfulness of processing carried out before the withdrawal.

• Right to lodge a complaint with a supervisory authority – you may submit requests concerning the exercise of your rights at any time. If you wish to lodge a complaint regarding the way your data is processed or the handling of a complaint you have submitted, you have the right to contact the competent supervisory authority directly.

The above rights may be exercised by contacting the Controller at the following email address: This email address is being protected from spambots. You need JavaScript enabled to view it.

The exercise of your rights as a data subject is free of charge pursuant to Article 12 of the GDPR.