This Policy Privacy makes known the information in compliance with what is stated in Regulation (EU) 2016/679, European Regulation for the Protection of Personal Data that CHINESPORT Spa does with the data gathered from clients and suppliers, as well as from date gathered during users’ browsing of the following websites: www.chinesport.it , www.chinesport.com, www.chinesport.fr, www.chinesport.de, www.chinesport.es, www.chinesport.at, www.globalposturalsystem.com, www.struzzonline.com, www.gps-academy.com
1) Data controller is CHINESPORT Spa with headquarters office in Udine, via Croazia 2 (hereafter referred to as Controller)
Any requests for information relating to the protection of personal data should be sent to: the Controller’s main offices or by e-mail to firstname.lastname@example.org .
Data controller can be reached at: email@example.com
2) Purpose of the processing
Following is a list of the purposes of the processing, beside which is its legal basis for the processing.
Purpose of the processing
Legal basis for the processing
Processing of common personal data for designing, producing, marketing, commercializing and servicing for the elderly and disabled people, of medical devices for the diagnosis, physiotherapy and rehabilitation.
processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. (Art. 6 c. 1 lett b))
Processing of common personal data for the updating of product and services options and features
processing is necessary for the performance of a contract to which the data subject is party or in order to take steps following the request of the data subject prior to entering into a contract; ( Art. 6 c. 1 lett b))
Processing of common personal data for billing
Processing is necessary for the performance of a contract to which the data subject is party or and to fulfil the obligations by law. (Art. 6 c. 1 lett. b) e c))
Processing of common personal data for credit collection
processing is necessary for the purposes of the legitimate interests pursued by data controller or for credit protection (Art. 6 c. 1 lett. f))
Processing of common personal data for fraud prevention, including informatic ones
processing is necessary for the purposes of the legitimate interests pursued by data controller concerning the protection of services from fraudulent operations that may be carried out by third parties (Art. 6 c. 1 lett. f))
Data processing for a certain category of information according to art. 9 to fulfil the obligations to which suppliers with a local INPS, INAIL and/or ASL code are subjected to.
a) processing is necessary for managing the health and social systems on the basis of the Italian Law (concerning products contemplated by INPS, INAIL and/or ASL); (Art. 9 c. 2 lett. h))
b) consent (for all the other cases) Art. 9 c. 1 lett. a)
Direct marketing initiatives
Legitimate interest of the Data Controller for the processing of personal data for direct marketing purposes, in compliance with the interests, rights and fundamental freedoms of the data subjects (ref. Considering 47, e Art. 6 c. 1 lett. f)
For direct marketing concerning new and old clients. E-mail communication for marketing purposes will, under any circumstances, deal with the concession of personal data to recipients other than that for satisfying the requests of the subjects involved.
Consent Art. 6 c. 1 lett. a)
3) Processing methods
All your personal data will be dealt by our company under paperwork and/or telematic or office data processing form; conferring your personal data is optional, but failure to provide such data may prevent the provision of information or the fulfilment of contract obligations.
4) Recipients of personal data
Without prejudice to the fact that all communication and disclosure will be carried out in compliance with legal obligations, for the purposes of protecting and for a better management of our rights regarding every single commercial business transaction, solely for the purposes necessary for contract reasons and/or to satisfy your requests. Other than Chinesport staff data can be transmitted to:
- our network of dealers
- our specialized partners for after-sales services
- suppliers of custom devices for patients
- marketing agencies
- credit institutions
- insurance companies
- credit recovery companies
- business information companies
- professionals and consultants
- companies operating in the transport sector
- other external processors in accordance with art. 28 GDPR
The transmission of commercial promotion e-mails will in no case result in the transfer of personal data to recipients unrelated to the fulfillment of contractual obligations or requests from interested parties.
5) Data retention
The data will be kept for the times indicated in the following table:
Customers and suppliers
10 years from the execution of a contract or the fulfillment of a pre-contractual request, or for other specific terms if required by law
Data of customers who have ceased contractual relationships, for marketing purposes
up to 7 years from the termination of contractual relationships
Potential clients (Prospect)
until consent is revoked
Candidate for recruitment
12 months from receipt of the application
6) Exercise of the rights of the data subjects
Regarding personal data, the customer may exercise the rights defined by Chapter III arts. from 12 to 23 of the European Regulation 679/2016.
Here follow the rights foreseen by articles 15 and 16, of the European Regulation 679/2016, in order to remind you that you are entitled to the exercise of the following rights in our regard:
1. The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
a) the purposes of the processing;
b) the categories of personal data concerned;
c) the recipients or categories of recipient to whom the data might be disclosed, in particular if recipients are of third countries or international organizations;
d) the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
e) The existence of the right of the data subject concerned to request the data controller to provide access to personal data and to correct or cancel the data or limitation of processing concerning them or oppose to the processing;
f) the right to lodge a complaint with a supervisory authority;
2. The controller provides, at the request of the subject, a copy of the personal data undergoing processing. Where the data subject makes the request by electronic means, and unless otherwise requested by the data subject, the information shall be provided in a commonly used electronic form.
3. The subject has the right of rectification of inaccurate personal data without undue delay. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, by means of providing a supplementary statement.
4. The Subject has the right to obtain from the Controller the erasure of personal data concerning him or her without undue delay if:
a) they are no longer required for the purposes for which they were collected
b) the personal data has been handled in an illicit way;
c) the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
Point 4 shall not apply to the extent whenever the treatment may be necessary: for the establishment, exercise or defence of legal claims.
5. If the legal basis of the processing is the consent, the subject concerned may freely withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
The rights outlined above may be exercised by contacting the “Data Controller”.
Addendum to the Web site
Dati di navigazione
The computer systems and procedures provided for the function of the website collect certain personal information during their normal operation, the transmission of which is subject to the use of data exchange protocols on the Internet.
Such information is not collected in order to relate it to identified data subjects, however it may allow user identification after being processed and matched with data held by third parties.
This category includes, for instance, IP addresses or names with domains of computers used by persons logging onto the site, URI (Uniform Resource Identifier) addresses of the resources required as well as other parameters related to the users' operative system.
These data are used only to obtain anonymous statistical information about the use of the site and to ensure its proper operation, and are deleted immediately after processing. The data may be used at the request of the competent authorities to investigate liability in the event of cybercrime damaging the website.
Voluntarily provided data
If emails are sent voluntarily, explicitly and optionally to addresses given on this site, the sender's address, which is required to respond to requests, is automatically acquired, as are any other personal data which may be included in the communication.
Specific summary information will be progressively reported or displayed on the site pages dedicated to particular services, upon request.
No personal user data is acquired by the site.
Cookies are not used to get personal data about the users. No cookies are used to transfer personal information nor are there any so-called persistent cookies of any kind for tracking users. Cookies used in this website contain information about the use of its specific functions.