Privacy Notice and Consent

Country* Admiralty Islands Afghanistan Albania Algeria American Samoa Andorra Angola Anguilla Antigua And Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire Bosnia And Herzegowina Botswana Brazil Virgin Islands, British Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Caroline Islands Cayman Islands Central African Republic Chad Chile China Christmas Island Colombia Comoros Congo, Democratic Republic Of The Congo, Republic Of The Cook Islands Costa Rica Cote D Ivoire Croatia (Local Name: Hrvatska) Cuba Curacao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands (Malvinas) Faroe Islands Fiji Finland France French Guiana French Polynesia Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guinea Guinea-Bissau Guyana Haiti Honduras Hong Kong Hungary Iceland India Indonesia Iran (Islamic Republic Of) Iraq Ireland Israel Italy Jamaica Japan Jordan Kazakhstan Kenya Kiribati Korea, Republic Of (South Korea) Korea,Democratic People'S Republic Of(North Korea) Kosovo Kuwait Kyrgyzstan Lao People'S Democratic Republic Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macau Macedonia, The Former Yugoslav Republic Of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia, Federated States Of Midway Islands Moldova, Republic Of Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian National Authority Panama Papua New Guinea Paraguay Peru Philippines Poland Portugal Puerto Rico Qatar Reunion Romania Russian Federation Rwanda Saba Saint Barthélemy Saint Helena, Ascension And Tristan Da Cunha Saint Kitts And Nevis Saint Lucia Saint Pierre And Miquelon Saint Vincent And The Grenadines Samoa Sao Tome And Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia (Slovak Republic) Slovenia Solomon Islands Somalia South Africa South Georgia And The South Sandwich Islands Spain Sri Lanka Sint Eustatius Sudan Suriname Swaziland Sweden Switzerland Syrian Arab Republic Taiwan, Province Of China Tajikistan Tanzania, United Republic Of Thailand Timor-Leste Togo Tokelau Tonga Trinidad And Tobago Tunisia Turkey Turkmenistan Turks And Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates United Kingdom United States Uruguay Virgin Islands, U.S. Uzbekistan Vanuatu Venezuela, Bolivarian Republic Of Vietnam Wake Island Wallis And Futuna Islands Yemen Zambia Zimbabwe Isle Of Man Channel Islands Saint Martin (French Part) Sint Maarten (Dutch Part) South Sudan Western Sahara

Please fill the form and express your consent ticking boxes at the end of the page

Privacy Notice and Consent – SkyMinder Services

1. In compliance with the provisions of article 13 of EU Regulation 679/2016 (GDPR), CRIF informs the CLIENT that the personal data relating to the CLIENT which have already been acquired or that will be communicated, will be processed by CRIF S.p.a., via della Beverara 21 - 40131 Bologna as Data Controller for the purpose of providing the SkyMinder Service and for the compliance with obligations under the law.
2. Specifically, personal data provided by the CLIENT will be processed, in order to undertake CRIF activities, for the following purposes:

a) in order to fulfill legal obligations arising from, inter alia, statutory, tax and accounting laws;

b) for the administrative management of the relationship and to evaluate the regularity occurred in the registration process;

c) for the fulfillment of obligations deriving from contractual obligations, including transfer of personal data to CRIF Group subsidiaries either into and out the European Union;

d) to assert or defend a right in court or out of court;

e) for anything that may arise directly or indirectly from the existing or future relationship with CRIF;

f) as well as for statistical and market analysis purposes, sales information and/or promotional and/or marketing purposes, or initiatives related to the activities of CRIF, via e-mail, SMS or phone.

g) as well as for statistical and market analysis purposes, sales information and/or promotional and/or marketing purposes, or initiatives related to the activities of CRIF, via e-mail, SMS or phone, by other companies within the corporate group that CRIF belongs to, including extra-EU countries.

The data shall be processed on the base of at least one of the lawful grounds pursuant to the article 6 of GDPR. In particular, the processing for the purposes indicated in article 2 points a), b), c), d) and e) does not required the data subject’s consent, because it is based on the article 6, lett. b (performance of a contract) and c (legal obligation) of GDPR. The processing pursuant article 2 points f) and g) is based on the article 6, lett. a (data subject’s consent).

3. These data will be stored partly in paper archives and partly in digital archives, in respect of the security measures set out in GDPR.
4. Generally, the data provided by CRIF’s customer will not be transferred outside the European Union. However, with the objective of fulfilling this Contract, the data may be communicated to other companies within the corporate group that CRIF belongs to and to external companies whose work CRIF has to rely on in order to perform specific services, all, however, for the purposes of carrying out the work detailed in the Contract. The data in question can also be communicated and/or disclosed: a) in cases and to subjects provided for in the legislation; b) to external subjects that carry out specific tasks on behalf of CRIF in relation to the purposes detailed above; c) to law firms or external consultants in order to assert or defend a right in a court of law or out of court; d) to companies which CRIF control, are associated with, partly own, or companies which are shareholders in or control CRIF, or to its sales network (agents, dealers, distributors etc.) in relation to the purposes detailed above; e) to third party market operators that use the SkyMinder Service in relation to the objectives detailed above. For each service asked by CRIF’s customer CRIF will provide a specific privacy notice with a detail of the Countries where the data are transferred. However, when personal data will be transfer outside the European Union, the transfer will be put in place in accordance with previsions of GDPR and all applicable laws.
5. Where, in order to carry out CRIF activities for the CLIENT, it is necessary to process information and personal data of third parties other than the CLIENT itself, but communicated by the CLIENT to CRIF, the CLIENT warrants that the communication to CRIF of such information or personal data of third parties takes place in full and total compliance with the provisions of GDPR and on the base of at least one of the lawful grounds pursuant to the article 6 of GDPR. If such communication to CRIF requires the consent of the parties concerned, it will be the responsibility of the CLIENT to obtain such consent also for the benefit of CRIF.
6. The provision of CLIENT data to CRIF is mandatory only when stated by the law. However, the unavailability of data which is relevant to the correct and complete execution of CRIF activities related to the SkyMinder Service, may make CRIF activities more difficult, more expensive and sometimes impossible.
7. The provision of CLIENT data for the purposes indicated in article 2 points a), b), c), d) and e) is instrumental and necessary to the execution of orders and contracts and for administrative, commercial, tax and accounting management of the relationship that has been established or is being established, and therefore failure to provide these data could result in the impossibility of establishing, continuing or implementing the relationship.
8. The provision of data for the purposes outlined in article 2 points f) and g) is optional and important to everything that could directly or indirectly result from the existing relationship or relationship that is being established with CRIF, and therefore any refusal to provide the data for these purposes could result in the impossibility of improving the quality of the services and initiatives of CRIF in relation to the CLIENT, and the impossibility of giving adequate information about these services and initiatives.
9. The Data Controller for the processing of the CLIENT's data for the performance of the SkyMinder Service is CRIF. The full list of the data processors appointed by CRIF is available upon request from CRIF headquarters.
10. We also inform you that, under provisions of GDPR, on the base of lawfulness of processing and of the modalities of processing, if the conditions are met, you have the following rights: access to and rectification or erasure of personal data or the restriction of processing concerning your data or to object to processing as well as the right to data portability. Furthermore, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before this withdrawal. In these cases, requests should be sent to CRIF SpA, Via M. Fantin, 1-3, 40131 Bologna. The data subject can lodge a complaint with supervisory authority, using the following link: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524.
11. For any questions regarding the processing of your personal data, please contact our Data Protection Officer, using the following contact details: e-mail: dirprivacy@crif.com; pec: crif@pec.crif.com.

REQUEST FOR CONSENT

In relation to the information notice reported above concerning the processing of personal data for the purposes set out in Article 2) point f)

REQUEST FOR CONSENT

In relation to the information notice reported above concerning the processing of personal data for the purposes set out in Article 2) point g)