Privacy policy

CPA srl | Registered office: Via Don Demetrio Castelli 71, 12060 Roddi (CN) | PI 02857780049

INFORMATION ON THE PROTECTION OF PERSONAL DATA PURSUANT TO REGULATION (EU) 2016/679 ("GDPR")

CPA srl with registered office in Via Don Demetrio Castelli 71 - Roddi (CN), (hereinafter, "Company"), as owner of the data processing, informs pursuant to art. 13 Legislative Decree 30.6.2003 n. and art. 13 EU Regulation no. 2016/679 (hereafter, "GDPR") that your data will be processed in the manner and for the following purposes:

  1. Subject of the processing

The personal data, not sensitive, provided by you and / or communicated during the subscription to our offline, online and telephone services and / or subscription to the newsletter of the Data Controller

  1. Purposes and methods of data processing

  1. Your personal data is collected and will be processed exclusively for purposes strictly connected and instrumental to the fulfillment of the obligations inherent in relations with the Company, in particular:

  1. to provide the services covered by the request and / or continuation of the contract,

  2. for the insertion of personal data in the company's computer databases and also in the booking systems of Airlines, Hotel chains, Car rental companies, GDS (Global Distribution System) or any other suppliers of the requested services

  3. for bookkeeping and billing;

  4. for the management of collections and payments;

  5. Allow subscriptions to newsletter services provided by the Data Controller and other services that may be requested by you

  6. Prevent or discover fraudulent activity or abuse

  7. Exercise the rights of the owner

  8. In the event that you are already a customer, the Company may send you commercial communications relating to services and products similar to those which you have already used, unless you disagree (art.130 c. 4 of the Privacy Code).

  9. to fulfill the obligations established by civil and fiscal law forms, by regulations, by community legislation.

  1. Only with your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), the data may be processed for the following Marketing Purposes:
    - sending via email newsletters, commercial communications and / or advertising material on products or services offered by the Data Controller.


The processing of personal data will be carried out via paper and IT media by the owner, the manager / managers and the persons in charge with the observance of any precautionary measure, which guarantees its security and confidentiality.

  1. Nature of data collection and consequences of a failure to provide it

The legal basis of the processing indicated in point 1 to point 8 of the preceding paragraph (A) is the execution of the contract stipulated and / or provision of the service requested to the Company, while the legal basis of the treatment indicated in point 9 of the preceding paragraph is the fulfillment of legal obligations to which the Company is subject as data controller. The provision of your personal data is optional but any failure to provide it may make it impossible for us to establish and fulfill the contractual relationship and / or provision of the requested service (s).

  1. Access to data

Your data may be made accessible for the purposes referred to in art. 1):

  • to employees, consultants and collaborators of the Data Controller, in their capacity as persons in charge and / or internal managers of the treatment and / or system administrators;

  • to companies linked to CPA srl or to third parties who carry out outsourcing activities on behalf of the Data Controller, in their capacity as external data processors.

  1. Communication and dissemination of data

Your personal data, for the purposes of the execution of the contract and / or provision of the requested services and for the purposes indicated above, may be communicated to:

  • natural and legal persons (legal, administrative, tax consultancy firms, auditing firms, couriers and shippers etc.) which the owner uses for the fulfillment of administrative, accounting, commercial and management obligations;

  • banking institutions for the management of collections and payments;

  • factoring or debt collection companies;

  • our collaborators and employees specifically appointed and within the scope of their duties.

Your personal data may also be communicated to the person providing the service you have purchased, who will act as an independent owner of your data and will in turn provide you with appropriate information.

Any communication will concern only the data that are necessary for the purposes described above.

  1. Data transfer

Your personal data will be stored on servers located within the European Union. The Company does not make transfers of personal data to countries located outside the European Union.

In any case, it is understood that the Owner, if necessary, will have the right to move the location of the servers also outside the European Union. In this case, the Data Controller ensures as of now that the transfer of non-EU data will take place in accordance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and / or by adopting the standard contractual clauses provided by the European Commission.

  1. Retention period

The personal data concerning you will be kept for the entire duration of your contractual relationship with the Company and / or provision of the requested service. After the termination of the contractual relationship and / or the end of the provision of the service, the Company will keep personal data for the fulfillment of the contractual and legal obligations, including fiscal ones. Subsequently, personal data will be kept for a period not exceeding the statute of limitations prescribed by law to possibly enforce or defend a right in court and in any case for no more than 10 years from the termination of the relationship for the Purposes of Service and for no more than 2 years from the data collection for Marketing Purposes.

  1. Cookies

Cookies are data that are sent from the website and stored by the internet browser on the user's computer or other device (for example, tablet or mobile phone). Technical cookies and third-party cookies may be installed from our website or its subdomains. In any case, the user can manage, or request the general deactivation or cancellation of cookies, by changing the settings of his internet browser. This deactivation, however, may slow down or prevent access to some parts of the site. The settings to manage or disable cookies may vary depending on the internet browser used, therefore, for more information on how to perform these operations, we suggest the User to consult the manual of your device or the "Help" function or "Help" of your internet browser.

The following are links to users that explain how to manage or disable cookies for the most popular internet browsers:

technical cookies

The use of technical cookies, i.e. cookies necessary for the transmission of communications on the electronic communications network or cookies strictly necessary for the supplier to provide the service requested by the customer, allows the safe and efficient use of our site. Session cookies may be installed in order to allow access and permanence in the reserved area of ​​the portal as an authenticated user. Technical cookies are essential for the proper functioning of our website and are used to allow users to browse normally and to be able to take advantage of the advanced services available on our website. The technical cookies used are divided into session cookies, which are stored exclusively for the duration of navigation until the browser is closed, and persistent cookies that are saved in the memory of the user's device until their expiry or cancellation by the user same.

Our site uses the following technical cookies:

  • Technical navigation or session cookies, used to manage normal navigation and user authentication;

  • Functional technical cookies, used to store customizations chosen by the user, such as, for example, graphic templates;

  • Technical analytics cookies, used to know how users use our website so that they can evaluate and improve their functioning.

Third-party Cookies

Third-party cookies may be installed: these are analytical and profiling cookies, Google Analytics, Google Doubleclick, Criteo, Rocket Fuel, Youtube, Yahoo, Bing and Facebook. These cookies are sent from the websites of the aforementioned third parties external to our site. Third-party analytical cookies are used to detect information on user behavior on the site. The detection takes place anonymously, in order to monitor performance and improve the usability of the site. Third-party profiling cookies are used to create user profiles, in order to propose advertising messages in line with the choices expressed by the users themselves.

profiling cookies

Profiling cookies can be installed by the Owner / s, through so-called web analytics software, which are used to prepare detailed and real-time analysis reports relating to information on: visitors to a website, search of origin, keywords used, language of use, most visited pages. The same can collect information and data such as IP address, nationality, city, date / time, device, browser, operating system, screen resolution, navigation origin, pages visited and number of pages, duration of the visit, number of visits made.

  1. Social plugins

The Site may use social media plugins. By accessing the Site, these Plugins will allow your browser to create a direct connection to the servers of the relevant social networks. The content of the Plugins will be transmitted by the respective Providers directly on your browser. By incorporating the Plugin, the Providers will receive notification that the browser has accessed the site from our service, even if you do not have a profile or are not connected to it. The information (which may also contain the IP address) can be communicated by the client's browser directly to the Provider's server.

If you are connected to one of the social services, the Providers will be able to trace the visit to our Site directly to your social profile. By interacting with the Social Plugins, the information will also be transmitted to the Provider's servers and stored there. This information may also be shown on the social network, published and / or shared with the contacts of the relevant social network.

For more information on the purposes and methods of processing and use of data by Social Providers, as well as the rights and settings to protect your privacy, please consult the respective privacy policies of the Social Providers concerned.

If you do not want Facebook, LinkedIn, Twitter, Instagram or other social networks to connect the data relating to your visit to our site, directly to your profile of the respective services, you must disconnect from the social service before accessing our site.

  1. Rights of the party concerned

At any time you can exercise your rights towards the Data Controller, pursuant to articles 15 - 22 of the GDPR, which for your convenience we summarize below. In particular, you have the right:

  • to obtain the cessation of treatment in cases where your personal data are processed for direct marketing purposes, also in relation to services identical to those already purchased by our Company (so-called right of opposition);

  • to obtain information in relation to the purposes for which your personal data are processed, the period of treatment and the subjects to whom the data are communicated (so-called right of access);

  • to obtain the correction or integration of inaccurate personal data concerning you (so-called right of rectification);

  • to obtain the cancellation of personal data concerning you in the following cases (a) the data are no longer necessary for the purposes for which they were collected; (b) you have withdrawn your consent to the processing of data if they are processed on the basis of your consent; (c) you have objected to the processing of your personal data if they are processed for our legitimate interest; or (d) the processing of your personal data does not comply with the law. However, we inform you that the retention of personal data by the Company is lawful if it is necessary to allow it to fulfill a legal obligation or to ascertain, exercise or defend a right in court (so-called cancellation right);

  • to obtain that the personal data concerning you are only preserved without any other use of them in the following cases (a) you contest the accuracy of personal data, for the period necessary to allow us to verify the accuracy of such personal data; (b) the processing is unlawful but you still oppose the cancellation of personal data by us; (c) your personal data are necessary for the assessment, exercise or defense of a right in court; (d) You have objected to the processing and are awaiting verification of the possible prevalence of our legitimate reasons for processing over those of the interested party (so-called right of limitation);

  • to receive in a commonly used format, readable by an automatic and interoperable device, the personal data concerning you processed by automated means, if they are processed under a contract or on the basis of your consent (so-called portability right).

Finally, we remind you that you have the right to contact the Guarantor for the protection of personal data (Piazza di Monte Citorio, 121 - 00186 Rome RM) to assert your rights in relation to the processing of your personal data.

  1. How to exercise rights

Any request addressed to the Owner or Manager can also be sent by registered letter or e-mail through the references indicated in the following point.

  1. Owner and manager of the treatment

The data controller is: CPA srl - Via Don Demetrio Castelli 71 - 12060 Roddi CN, Email address: cpa@cpa-piscine.it

The list of data processors is available at the Data Controller's offices and can be requested by sending an email to the address cpa@cpa-piscine.it