PRIVACY NOTICE TO USERS

CESAR New York, 50 w. 23rd Street New York, NY 10010 (Ve), hereinafter, ” Owner “, owner of the website http://cesarnyc.com (hereinafter, the ” Site “), as owner of the processing of personal data of users who browse and who are registered on the Site (hereinafter, the ” Users “) below provides the privacy policy pursuant to art. 13 of Legislative Decree 196/2003 (hereinafter, the ” Privacy Code “) and pursuant to art. 13 of EU Regulation 2016/679 of 27 April 2016 (hereafter, ” Regulation “, the Regulation and the Privacy Code are together defined as ” Applicable Regulations”).

This Site and any services offered through the Site are reserved for individuals who have reached the age of eighteen. The Data Controller therefore does not collect personal data relating to subjects under the age of 18. At the request of the Users, the Data Controller will promptly delete all personal data involuntarily collected and relating to subjects under the age of 18.

The Owner takes the utmost account of the right to privacy and protection of personal data of its Users. For any information in relation to this privacy statement, Users can contact the Owner at any time, using the following methods:

By sending a registered letter with return receipt to the owner’s registered office
By sending an email to [email protected]

1. Purpose of the treatment

Users’ personal data will be processed lawfully by the Data Controller pursuant to art. 6 of the Regulation for the following processing purposes:

a) Navigation of the site, in relation to the possibility of collecting User data necessary at a technical level, such as for example the IP address, while browsing the site.

b) Reply to your requests for information, received by us through the appropriate contact form.

c) Registration in the reserved area of ​​the site.

d) Legal obligations , or to fulfill obligations under the law, by an authority, by a regulation or by European legislation.

e) Sending information newsletters, upon specific request by the interested party.

The provision of personal data for the aforementioned processing purposes is optional but necessary, since failure to provide them will make it impossible for the User to browse the site, register on the Site and take advantage of the services offered by the Owner on the Site.

With reference to the purposes referred to in points 1 / a, 1 / b, 1 / c, 1 / and the legal basis of the processing is in fact the execution of the services provided through the Site and requested by you (pursuant to article 6 , paragraph 1, letter b of the Privacy Regulation 2016/679); with reference to the purpose referred to in point 1 / d of the previous paragraph, the legal basis of the processing is to fulfill a legal obligation to which the data controller is subject (pursuant to article 6, paragraph 1, letter c of the Privacy Regulation 2016/679).

2. Processing methods and data retention times

The Data Controller will process Users’ personal data using manual and IT tools, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of the data.

The personal data of the Users of the Site will be kept for the time strictly necessary to carry out the purposes illustrated in the previous paragraph 1, or in any case according to what is necessary for the protection in civil law of the interests of both the Users and the Owner.

3. Scope of communication and dissemination of data

Employees and / or collaborators of the Data Controller appointed to manage the Site may become aware of the Users’ personal data. These subjects, who are formally appointed by the Data Controller as “persons in charge of processing”, will process the User’s data only for the purposes indicated in this information and in compliance with the provisions of the Applicable Regulations.

Third parties who may process personal data on behalf of the Data Controller as ” External Data Processors “, such as, by way of example, suppliers of IT and logistical services functional to the operation of the Site, may also become aware of the Users’ personal data. , outsourced or cloud computing service providers , professionals and consultants.

Users have the right to obtain a list of any data processors appointed by the Data Controller, making a request to the Data Controller in the manner indicated in the first paragraph of this information.

4. Rights of the interested parties

Pursuant to the Applicable Law, the Data Controller informs that Users have the right to obtain the indication (through the contact details indicated in this information):

the origin of personal data;
the purposes and methods of treatment;
the logic applied in case of treatment carried out with the aid of electronic instruments;
the identity of the owner and managers;
of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as managers or agents.

Furthermore, Users have the right to obtain:

l ‘ access , the’ update , the rectification or, when they have interest, ‘ integration of the data;
the cancellation , transformation into anonymous form or blocking of data processed in violation of the law, including those whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case where this fulfillment proves impossible o involves the use of means manifestly disproportionate to the protected right.

In addition, Users have:

The right to withdraw consent at any time, if the treatment is based on their consent;
The right to data portability (right to receive all personal data concerning them in a structured format, commonly used and readable by automatic device), the right to limit the processing of personal data and the right to erasure (“right to ‘oblivion”);
The right to object : in whole or in part, for legitimate reasons, to the processing of personal data concerning them, even if pertinent to the purpose of the collection;
In whole or in part, to the processing of personal data concerning them for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication;

If personal data are processed for direct marketing purposes, at any time, to the processing of their data carried out for this purpose, including profiling to the extent that it is connected to such direct marketing. If they believe that the processing that concerns them violates the Regulation, the right to lodge a complaint with a supervisory authority (in the Member State where they usually reside, in the one in which they work or in the one in which the alleged violation occurred). The Supervisory Authority is the Guarantor for the protection of personal data. Contact Here.