CRC Progetti S.r.l. is aware of the importance of protecting personal data and undertakes to protect the privacy of the users, process private data with caution and confidentiality and not to use them for purposes other than that stated below.

In this page there is the description of the ways of managing the website in relation to the personal data of the users that visit the website.  This is an information note in compliance with UE Regulation n. 2016/679 “General Data Protection Regulation” (c.d. GDPR) and the D.lgs 196/2003 to those interacting with CRC Progetti S.r.l. web services.

  1. Type of data processed

The data concerned are the navigation data and the data voluntarily supplied by the user, as stated below.

CRC Progetti S.r.l. informs the users of the website that collected data will be used exclusively for the purposes stated below and to update users on the novelties, events and activities of CRC Progetti S.r.l..

Navigation data

Computer systems and software procedures responsible for the correct operation of the site will, during their normal operation, acquire data which have to be transmitted in the use of the protocols of internet communication.

This information is not collected in order to be associated to identified interested parties, but, due to the nature thereof, and through processing and association with data held by third parties, could allow the identification of the users.

This category of data includes computer IP addresses or domain names used by the users who connect to the site, addresses in URI notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in reply, the numeric code indicating the state of the reply given by the server (good outcome, error, etc.) and other parameters relating to the operative system and IT environment of the user.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check the correct operation and are cancelled immediately after processing. The data could be used to check responsibilities in the case of hypothetical computer crimes to the detriment of the website: except for this, data on web contacts do not remain available for more than seven days.

Data furnished willingly by the user

The optional, explicit and voluntary forwarding of e-mails to the addresses stated on the website, leads to the subsequent acquisition of the sender’s address, necessary in order to reply to requests, and any other personal data contained in the mail. These data will be notified to third parties only when it is necessary in order to fulfil the requests of the same users/visitors.

  1. Purpose of processing

The data processing is aimed exclusively at achieving the following aims:

  1. a) aims relating to the use of services offered to navigate the site;
  2. b) activities closely connected and instrumental to the management of relations with users and potential collaborators (contact requests);


  1. c) marketing activities, only and exclusively following specific consent, aimed at market research; financial and statistical analyses; the forwarding of advertising/IT/promotions material, newsletters, also in relation to programmes and promotions, also on-line, communications, development and maintenance of business relations.

The providing of data for the purposes stated in lett. c) is optional and is undertaken according to the methods stated in art. 7 of the GDPR. The notifications relating to marketing activities can be forwarded electronically (eg: newsletters).

  1. Processing methods

Data processing is undertaken in compliance with art. 4 n. 2) of GDPR and can concern the collection, registration, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, block, communication, cancellation and destruction of data. This can be done both with the use of paper, and with the use of IT electronic instruments, using means and instruments that can guarantee the security and confidentiality of the data. In particular, all the technical and organisational methods will be used to guarantee a suitable level of security against risk.

Data processing is undertaken using automated systems for a period that is strictly necessary for the purposes for which they were collected and nonetheless, in compliance with legislation in force.  In order to know the data storage times, write to

  1. Communication and divulging of data

Personal data are processed by the employees and/or collaborators of the Data Controller and will not be divulged, but could be notified to third parties (including business partners, consultants and professionals, banks and building societies, insurances), to comply with obligations of law, regulations, community regulations or for aspects concerning the management and execution of legal relations underway or elapsed.

  1. Rights of the party

It is hereby stated that the parties concerned can, at any time, ask for:

  1. a) access to their personal data;
  2. b) correction thereof in the case of inaccuracy;
  3. c) cancellation;
  4. d) limitation of processing;
  5. e) the right to oppose the processing of data at the right conditions;
  6. d) the right to the portability of data, ie to receive, in a structured format of common use and readable by automatic device, the personal data provided.

For anything else not specifically mentioned herein please see regulations in force concerning Privacy and specifically arts. 15, 16, 17, 18, 20 and 21 of the GDPR.

In the case of violation, the interested party has the right to lodge a complaint at the relative Supervisory Authority (Article 13 par. 2 letter d) of the GDPR).

  1. Revocation of consent

The consent given for the processing of one’s personal data can be revoked at any moment, without this prejudicing:

– lawfulness of data processing carried out in the period prior to the revocation

– further processing based on legal bases other than consent, such as contractual and legal obligations.

For further clarification on this information or on any privacy topic, or should you wish to exercise the abovementioned rights or withdraw consent, write to

  1. Data Controller

The data controller is CRC Progetti S.r.l. Via Galileo Galilei, trav 3 n.2 – 25010 San Zeno Naviglio (Brescia).