Browsing policy pursuant to art. 13 of Regulation (EU) 2016/679
Cyres Consulting Services GmbH (hereinafter "the Company), with registered office at Highlight Towers, Tower 2, 17th Floor, Mies-van-der-Rohe-Str. 8, 80807 Munich, Germany, Tax Code and VAT no. DE286844569, hereby provides information to users with regard to the methods and conditions applied by the Company to processing performed on personal data. In particular, this policy relates to personal data of users viewing and using the Company’s website, available at the following domain: https://www.cyres-consulting.com/
The Company acts as “Data Controller” with regard to the processing, defined as “the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data”. In concrete terms, processing of personal data may be carried out by parties duly authorised and appointed by the Company to perform processing on users’ personal data. In application of regulations governing the processing of personal data, users who view and use the Company’s website are classified as “data subjects”, meaning the physical persons to whom the data being processed refer. Please note that this policy does not extend to other websites which may be visited by users by clicking on hyperlinks, including the Social Buttons, contained on the Company’s website. More specifically, the Social Buttons are digital buttons or links which provide a direct connection to the Social Network platforms (such as, for example, LinkedIn, Facebook, Twitter, YouTube), configured for each individual “button”. By clicking on these links, users can access the Company’s social media accounts. The managers of the Social Networks which the Social Buttons link to operate as independent Data Controllers; as a consequence, all information on the methods with which these Controllers carry out processing operations on users’ personal data can be found on the corresponding Social Network platforms.
- Personal data processed:
During and following interaction with this website, the Company may process the following personal data of users:
a. Navigation data: during their normal operation, the IT systems and software procedures which operate this website acquire some personal data, the transmission of which is implicit in the use of Internet communications protocols. These data are not collected for association with identified subjects, but by their very nature, when processed or associated with personal data held by third parties, they might allow users to be identified. This category of personal data includes the IP addresses or domain names of the computers used by users who log onto the website, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used when submitting the request to the server, the size of the file obtained in reply, the numerical code indicating the server’s response status (concluded successfully, error, etc.) and other parameters relating to the user’s operating system and IT environment. These personal data are used for the sole purpose of obtaining anonymous statistical information concerning use of the website and to check that it is operating correctly. Navigation data are not retained for more than (12 months), unless required for the investigation of criminal offences by the judicial authorities.
b. Personal data provided voluntarily: the optional, explicit and voluntary transmission of personal data to the Company by filling out the forms contained on the website leads to the acquisition of the user’s email address and all other personal data required by the Company in order to fulfil specific requests. With regard to the processing of personal data provided by filling out the contact form contained on this website, refer to the corresponding “contact form policy”.
- urpose and legal basis of the processing of personal data
In relation to the personal data specified in 1, a) of this policy, users’ personal data is processed automatically and “mandatorily” by the Company in order to allow browsing of the site; in this case, the processing is performed on the basis of a legal obligation to which the Company is subject, as well as on the basis of the Company’s legitimate interest in ensuring correct operation and security of the website; express user consent is therefore not required. With regard to the personal data specified in 1, b) of this policy, the processing is performed to provide information or support to users; in this case, the processing is based on the execution of specific requests and on compliance with precontractual measures; express user consent is therefore not required.
- Nature of the contribution of personal data
Without prejudice to the navigation data which must necessarily be provided as it is instrumental to browsing the Company’s website, users are free to decide whether or not to provide personal data in order to receive information or support from the Company. With regard to the processing of personal data provided by filling out the contact form contained on this website, refer to the corresponding “contact form policy”.
- Methods and duration of processing of personal data
Processing of personal data is performed by parties authorised to process personal data, specifically identified and trained for that purpose by the Company. Processing of users’ personal data is performed through the use of automated tools with reference to website access data. With regard to the processing of personal data provided by filling out the contact form contained on this website, refer to the corresponding “contact form policy”. In all cases, processing of personal data is performed in full compliance with provisions designed to guarantee security and confidentiality of the data, as well as ensuring that the data are accurate, up to date and relevant to the purposes declared in this policy. Notwithstanding the fact that the navigation data per 1, a) are not held for more than 12 months, the processing of personal data is performed for the time strictly necessary for the purposes for which the data were collected, and in any case on the basis of the deadlines laid out by legislative provisions. Please also note that the Company has adopted specific security measures to prevent the loss, illegal or improper use of, or unauthorised access to, personal data.
- Recipients of personal data
Within the limits of the purposes identified in this policy, your personal data may be transferred within Italy or abroad, within the European Union (EU) or European Economic Area (EEA), in order to comply with legal obligations. For more information with regard to the recipients of users’ personal data provided by filling out the contact form contained on this website, refer to the corresponding “contact form policy”. Personal data will not be transferred outside the European Union (EU) or European Economic Area (EEA). Personal data will not be published or disseminated, i.e. divulged to the public or an unlimited number of parties.
- Rights pursuant to articles 15, 16, 17, 18, 20 and 21 of Regulation (EU) 2016/679
Users, as data subjects, can exercise their rights to access their personal data provided for by article 15 of the EU regulation and the rights provided for pursuant to articles 16, 17, 18, 20 and 21 of the same regulation regarding rectification, erasure, restriction of the processing, portability (where applicable), and the right to object to the processing of your personal data.
These rights can be exercised by emailing cyres-consulting.com
If you consider that the processing of personal data relating to you infringes the GDPR, you have the right referring to in Article 77 of the GDPR to complain to the supervisory authority against the processing of your personal data (in particular in the Member State of your habitual residence, place of work or place of the alleged infringement).
We also specify that the competent supervisory authority for Cyres is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach