PRIVACY POLICY
CITY GREEN LIGHT SRL
PRIVACY AND COOKIE POLICY
(Reg. UE 2016/679)
This privacy policy explains how we collect and use the personal data within City Green Light LTD web applications.
- Controller of collected data
City Green Light S.r.l., via G. Zampieri 15 – 36100 Vicenza (VI), C.F. e P.IVA 03785880240, E-mail: privacy@citygreenlight.com.
2. What data we collect
WEB SITE: www.citygreelight.com
Our website, autonomously or through third-party integrated services, collects personal data in the following categories: contact data, cookies and functional data.
Personal data can be readily entered by the User, or Data will be collected automatically when interacting with our website.
By using our website the User must take their own responsibility of handling third-party personal data through publishing or sharing such data on this web application, and must give assurances of their rights to communicate or disclose such data, and by doing so, freeing City Green Light LTD from any responsibility towards third parties.
A) Contact Data
City Green Light LTD’s website collects User’s Personal Data; we collect the following items:
| Identifier | Subjects of treatment | Purpose - legal basis | Origin | Maximum storage period |
|---|---|---|---|---|
| Name | City Green Light Srl | Contattare l'utente - Consenso dell'interessato | https://citygreenlight.com/en/contact-us/ | 10 years |
| Surname | City Green Light Srl | Contattare l'utente - Consenso dell'interessato | https://citygreenlight.com/en/contact-us/ | 10 years |
| City Green Light Srl | Contattare l'utente - Consenso dell'interessato | https://citygreenlight.com/en/contact-us/ | 10 years |
B) Cookies and functional data
The use of Cookies- or similar function technologies- on our website, or from third-party integrated services on our website, unless otherwise stated, is strictly done so as to identify the User and to remember the User’s preferences during future visits, in order to provide the User with the services requested. If the User does not allow the collection of Personal Data, then the User may be denied access to the services offered on our website. Our website will interact with the User through the following cookies:
| Cookie name | Subject to treatment | Purpose - legal basis | Origin | Type | Expiry |
|---|---|---|---|---|---|
| _ga | City Green Light Srl Google Inc.(*) | Contact the user - Consent of the interested party | https://www.google-analytics.com/analytics.js | HTTP | 2 years |
| _gat | City Green Light Srl Google Inc.(*) | Contact the user - Consent of the interested party | https://www.google-analytics.com/analytics.js | HTTP | 1 day |
| _gid | City Green Light Srl Google Inc.(*) | Contact the user - Consent of the interested party | https://www.google-analytics.com/analytics.js | HTTP | 1 day |
| Ads/ga-audiences | City Green Light Srl Google Inc.(*) | Contact the user - Consent of the interested party | https://www.google-analytics.com/analytics.js | PIXEL | Session |
| cookieBannerDisplayed | City Green Light Srl | Contact the user - Consent of the interested party | https://www.citygreenlight.com/js/main.js | Local storage | Session |
| cookieBannerAccepted | City Green Light Srl | Contact the user - Consent of the interested party | https://www.citygreenlight.com/js/main.js | Local storage | Session |
(*) Google Analytics is a web analytics service offered by Google Inc. (“Google”). Google utilizes the Personal Data to track and examine the application use, to report on its traffic and share the data with other Google services. Google may use the Personal Data to contextualize and personalize the ads of its own advertising network.
For further information refer to the Privacy Policy.
CITYGREENAPP
The software application CITYGREENAPP, autonomously or through third parties, collects Personal Data in the following categories: personal and registration data of the User.
Personal data can be readily entered by the User, or Data will be collected automatically when interacting with our website.
The User of the website must take their own responsibility of handling third-party personal data by publishing or sharing such data through this web application, and must give assurances of their rights to communicate or disclose such data, and by doing so, freeing City Green Light LTD from any responsibility towards third parties.
A) Personal Contact Data
City Green Light LTD’s website collects User’s Personal Data; we collect the following items:
| Identifier | Subject of treatment | Purpose - legal basis | Maximum period of conservation |
|---|---|---|---|
| Name | City Green Light Srl | Forwarding of reports and receipt of update notifications - Consent of the data subject | 10 years |
| Surname | City Green Light Srl | Forwarding of reports and receipt of update notifications - Consent of the data subject | 10 years |
| City Green Light Srl | Forwarding of reports and receipt of update notifications - Consent of the data subject | 10 years | |
| Password | City Green Light Srl | Forwarding of reports and receipt of update notifications - Consent of the data subject | 10 years |
| Phone | City Green Light Srl | Forwarding of reports and receipt of update notifications - Consent of the data subject | 10 years |
3. How we use the collected data
The collected data will be processed by especially appointed Data Processor, that is an appointed third-party specialist and administrator of the computer system who will operate under specific appointment, signed and sealed by the Controller of the Data, and subject to a duty of uttermost confidentiality and to only process the collected data to third-parties when specifically authorized. The list of the appointed Data Processor is available upon request. The Controller has designated a Data Protection Officer (DPO) (art. 37 Reg. UE 2016/679), namely:
Avv. Alberto Giuliani dpo@citygreenlight.com.
The collected data will be retained for the length of time necessary to provide the service requested by the User or by the purposes described on this document. The User can, at any time, request to withdraw consent of processing the data concerning him or her, or the erasure of the Personal Data.
4. The Data Subject’s Rights
The Right of Access and Copy (Art.15 EU GDPR 2016/679): The Data Subject shall have the right to obtain, at any time, confirmation as to whether or not Personal Data concerning him or her are being processed, and, specifically the purposes of the processing; the categories of personal data concerned; the recipients to whom the personal data have been or will be disclosed; the period for which the personal data will be stored; where the personal data are not collected from the data subject, any available information as to their source; the existence of automated processing and profiling; where personal data are transferred to a third country or to an international organisation, any information and appropriate safeguards relating to the transfer pursuant to Art. 46 EU GDPR 2016/679; a copy of the personal data undergoing processing- a fee may be charged for any further copies requested by the Data Subject.
The Right to Rectification and Erasure (Artt. 16 and 17 EU GDPR 2016/679): The Data Subject shall have the right to obtain from the Controller, without undue delay, the rectification of inaccurate Personal Data concerning him or her, as well as the erasure of personal data without undue delay, with restriction of processing during the pending investigation.
The Right to Data Portability (Art. 15 EU GDPR 2016/679): The Data Subject shall have the right to receive the Personal Data concerning him or her in a structured, commonly used and machine-readable format, and have the right to transmit those data to another controller without hindrance, unless this proves impossible or technically unfeasible.
The Right to Object (Artt. 7 e 21 EU GDPR 2016/679): The Data Subject shall have the right to object and withdraw consent at any time to processing of personal data concerning him or her, unless compelling legitimate grounds override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of legal claims.
The Right to lodge a Complaint with a supervisory authority (Art. 77 EU GDPR 2016/679): The Data Subject shall have the right to lodge a complaint with a supervisory authority in case of infringement of this Regulation.
The Right to Compensation and Liability (Art. 82 EU GDPR 2016/679): The Data Subject shall have the right to receive compensation for the damage suffered as to Art. 82 EU GDPR 2016/679.
The Right to Communication of a personal data breach (art. 34 EU GDPR 2016/679): The Data Subject shall have the right to communication, without undue delay, when the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons.
Any request for the exercise of the rights listed above must be addressed in person or by registered mail with return receipt to the main office, or by email to: privacy@citygreenlight.com
5. Privacy Policy update
The Data Controller retains the right to change this Privacy Policy at any time, and to inform the users with notice on this page. We kindly ask the Users to refer to and monitor this page. The date of the last update can be found at the bottom of the page. In case of non-acceptance of the changes made to this privacy policy, the User shall halt the use of this application and may request the Data Controller to erase the Personal Data. Unless otherwise stated, the previous Privacy Policy will continue to apply to the Personal Data collected up to that time.
6. Definitions and lawful basis for the purposes of this regulation
Personal Data
‘Personal Data’ means any information relating to an identified or identifiable natural person, who can be identified, directly or indirectly, by reference to any other identifier, including a personal identity number.
Functional Data
These are the information autonomously collected from this application (or from third-party applications used by this application), namely: IP addresses or domain names of the computer the user is using to connect to this app, URI addresses, the time of the request, the way the request has been posed, the size of the response file, a numerical number code identifying the response status (successful, error, etc.), the country, the browser and the operating system of the user, the session length (i.e. how long a user has spent on each page), the user’s visit path on the application, especially the sequence of the web pages visited, parameters of the operating system and the user’s IT environment.
User
‘User’ means the natural person using our website; the User must coincide with the Data Subject or be authorized by the Data Subject and whose Personal Data are being processed.
Data Subject
‘Data Subject’ means the natural or legal person whose Personal Data refers to.
Data Processor
The ‘Data Processor’ is the natural person or the legal entity, the public authority or any other body, association or establishment appointed by the Controller of the Data to process the Personal Data, as explained in this Privacy Policy.
Controller of the Data
‘Data Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data- its tools and the applications’ security software. The Controller, unless otherwise stated, is the owner of this application.
Application
The ‘Application’ is the hardware or software tool through which the Personal Data is collected.
Cookies
‘Cookies’ are text files that are transferred from the server to a User’s devise when they access a website, in order to identify those Users who have previously visited the same website.
Legal references:
To Users within EU: this Privacy Policy has been edited in fulfilment of the obligations set out in Art.10 Directive n.95/46/EC, as well as those of Directive 2002/58/EC, and according to the updated Directive 2009/136/EC, as to Cookies concerned.
This statement also complies with the requirements of EU Reg. 2016/679 (Global Data Protection Regulation).
Last update: 15.10.2020
PRIVACY POLICY
CITY GREEN LIGHT SRL
PRIVACY AND COOKIE POLICY
(Reg. UE 2016/679)
This privacy policy explains how we collect and use the personal data within City Green Light LTD web applications.
- Controller of collected data
City Green Light S.r.l., via G. Zampieri 15 – 36100 Vicenza (VI), C.F. e P.IVA 03785880240, E-mail: privacy@citygreenlight.com.
2. What data we collect
WEB SITE: www.citygreelight.com
Our website, autonomously or through third-party integrated services, collects personal data in the following categories: contact data, cookies and functional data.
Personal data can be readily entered by the User, or Data will be collected automatically when interacting with our website.
By using our website the User must take their own responsibility of handling third-party personal data through publishing or sharing such data on this web application, and must give assurances of their rights to communicate or disclose such data, and by doing so, freeing City Green Light LTD from any responsibility towards third parties.
A) Contact Data
City Green Light LTD’s website collects User’s Personal Data; we collect the following items:
| Identifier |
|---|
| Name |
| Surname |
| Subject to treatment |
| City Green Light Srl |
| Purpose - legal basis |
| "Contact the user - Consent of the interested party" |
| Origin |
| https://citygreenlight.com/en/keep-in-touch/ |
| Maximum storage period |
| 10 years |
B) Cookies and functional data
The use of Cookies- or similar function technologies- on our website, or from third-party integrated services on our website, unless otherwise stated, is strictly done so as to identify the User and to remember the User’s preferences during future visits, in order to provide the User with the services requested. If the User does not allow the collection of Personal Data, then the User may be denied access to the services offered on our website. Our website will interact with the User through the following cookies:
| Cookie Name |
|---|
| 1) _ga |
| 2) _gat |
| 3) _gid |
| 4) Ads/ga-audiences |
| 5) cookieBannerDisplayed |
| 6) cookieBannerAccepted |
| Subject to treatment |
| "1) City Green Light Srl |
| Google Inc)(*) |
| "2) City Green Light Srl |
| Google Inc)(*) |
| "3) City Green Light Srl |
| Google Inc)(*) |
| "4) City Green Light Srl |
| Google Inc)(*) |
| 5) City Green Light Srl |
| 6) City Green Light Srl |
| Purpose - legal basis |
| 1) Contact the user - Consent of the interested party |
| 2) Contact the user - Consent of the interested party |
| 3) Contact the user - Consent of the interested party |
| 4) Contact the user - Consent of the interested party |
| 5) Contact the user - Consent of the interested party |
| 6) Contact the user - Consent of the interested party |
| Origin |
| 1) https://www.google-analytics.com/analytics)js |
| 2) https://www.google-analytics.com/analytics.js |
| 3) https://www.google-analytics.com/analytics.js |
| 4) https://www.google-analytics.com/analytics.js |
| 5) https://www.citygreenlight.com/js/main.js |
| 6) https://www.citygreenlight.com/js/main.js |
| Type |
| 1) HTTP |
| 2) HTTP |
| 3) HTTP |
| 4) PIXEL |
| 5) Local storage |
| 6) Local storage |
| Expiry |
| 1) 2 years |
| 2) 1 day |
| 3) 1 day |
| 4) Session |
| 5) Session |
| 6) Session |
(*) Google Analytics is a web analytics service offered by Google Inc. (“Google”). Google utilizes the Personal Data to track and examine the application use, to report on its traffic and share the data with other Google services. Google may use the Personal Data to contextualize and personalize the ads of its own advertising network.
For further information refer to the Privacy Policy.
CITYGREENAPP
The software application CITYGREENAPP, autonomously or through third parties, collects Personal Data in the following categories: personal and registration data of the User.
Personal data can be readily entered by the User, or Data will be collected automatically when interacting with our website.
The User of the website must take their own responsibility of handling third-party personal data by publishing or sharing such data through this web application, and must give assurances of their rights to communicate or disclose such data, and by doing so, freeing City Green Light LTD from any responsibility towards third parties.
A) Personal Contact Data
City Green Light LTD’s website collects User’s Personal Data; we collect the following items:
| Identifier |
|---|
| Name |
| Surname |
| Password |
| Phone |
| Subject to treatment |
| City Green Light Srl |
| Purpose - legal basis |
| Forwarding of reports and receipt of update notifications - Consent of the data subject |
| Maximum storage period |
| 10 years |
3. How we use the collected data
The collected data will be processed by especially appointed Data Processor, that is an appointed third-party specialist and administrator of the computer system who will operate under specific appointment, signed and sealed by the Controller of the Data, and subject to a duty of uttermost confidentiality and to only process the collected data to third-parties when specifically authorized. The list of the appointed Data Processor is available upon request. The Controller has designated a Data Protection Officer (DPO) (art. 37 Reg. UE 2016/679), namely:
Avv. Alberto Giuliani dpo@citygreenlight.com.
The collected data will be retained for the length of time necessary to provide the service requested by the User or by the purposes described on this document. The User can, at any time, request to withdraw consent of processing the data concerning him or her, or the erasure of the Personal Data.
4. The Data Subject’s Rights
The Right of Access and Copy (Art.15 EU GDPR 2016/679): The Data Subject shall have the right to obtain, at any time, confirmation as to whether or not Personal Data concerning him or her are being processed, and, specifically the purposes of the processing; the categories of personal data concerned; the recipients to whom the personal data have been or will be disclosed; the period for which the personal data will be stored; where the personal data are not collected from the data subject, any available information as to their source; the existence of automated processing and profiling; where personal data are transferred to a third country or to an international organisation, any information and appropriate safeguards relating to the transfer pursuant to Art. 46 EU GDPR 2016/679; a copy of the personal data undergoing processing- a fee may be charged for any further copies requested by the Data Subject.
The Right to Rectification and Erasure (Artt. 16 and 17 EU GDPR 2016/679): The Data Subject shall have the right to obtain from the Controller, without undue delay, the rectification of inaccurate Personal Data concerning him or her, as well as the erasure of personal data without undue delay, with restriction of processing during the pending investigation.
The Right to Data Portability (Art. 15 EU GDPR 2016/679): The Data Subject shall have the right to receive the Personal Data concerning him or her in a structured, commonly used and machine-readable format, and have the right to transmit those data to another controller without hindrance, unless this proves impossible or technically unfeasible.
The Right to Object (Artt. 7 e 21 EU GDPR 2016/679): The Data Subject shall have the right to object and withdraw consent at any time to processing of personal data concerning him or her, unless compelling legitimate grounds override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of legal claims.
The Right to lodge a Complaint with a supervisory authority (Art. 77 EU GDPR 2016/679): The Data Subject shall have the right to lodge a complaint with a supervisory authority in case of infringement of this Regulation.
The Right to Compensation and Liability (Art. 82 EU GDPR 2016/679): The Data Subject shall have the right to receive compensation for the damage suffered as to Art. 82 EU GDPR 2016/679.
The Right to Communication of a personal data breach (art. 34 EU GDPR 2016/679): The Data Subject shall have the right to communication, without undue delay, when the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons.
Any request for the exercise of the rights listed above must be addressed in person or by registered mail with return receipt to the main office, or by email to: privacy@citygreenlight.com
5. Privacy Policy update
The Data Controller retains the right to change this Privacy Policy at any time, and to inform the users with notice on this page. We kindly ask the Users to refer to and monitor this page. The date of the last update can be found at the bottom of the page. In case of non-acceptance of the changes made to this privacy policy, the User shall halt the use of this application and may request the Data Controller to erase the Personal Data. Unless otherwise stated, the previous Privacy Policy will continue to apply to the Personal Data collected up to that time.
6. Definitions and lawful basis for the purposes of this regulation
Personal Data
‘Personal Data’ means any information relating to an identified or identifiable natural person, who can be identified, directly or indirectly, by reference to any other identifier, including a personal identity number.
Functional Data
These are the information autonomously collected from this application (or from third-party applications used by this application), namely: IP addresses or domain names of the computer the user is using to connect to this app, URI addresses, the time of the request, the way the request has been posed, the size of the response file, a numerical number code identifying the response status (successful, error, etc.), the country, the browser and the operating system of the user, the session length (i.e. how long a user has spent on each page), the user’s visit path on the application, especially the sequence of the web pages visited, parameters of the operating system and the user’s IT environment.
User
‘User’ means the natural person using our website; the User must coincide with the Data Subject or be authorized by the Data Subject and whose Personal Data are being processed.
Data Subject
‘Data Subject’ means the natural or legal person whose Personal Data refers to.
Data Processor
The ‘Data Processor’ is the natural person or the legal entity, the public authority or any other body, association or establishment appointed by the Controller of the Data to process the Personal Data, as explained in this Privacy Policy.
Controller of the Data
‘Data Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data- its tools and the applications’ security software. The Controller, unless otherwise stated, is the owner of this application.
Application
The ‘Application’ is the hardware or software tool through which the Personal Data is collected.
Cookies
‘Cookies’ are text files that are transferred from the server to a User’s devise when they access a website, in order to identify those Users who have previously visited the same website.
Legal references:
To Users within EU: this Privacy Policy has been edited in fulfilment of the obligations set out in Art.10 Directive n.95/46/EC, as well as those of Directive 2002/58/EC, and according to the updated Directive 2009/136/EC, as to Cookies concerned.
This statement also complies with the requirements of EU Reg. 2016/679 (Global Data Protection Regulation).
Last update: 15.10.2020