The Policy and Privacy Standards used by CORAL S.p.A. to protect the personal data are founded on the following principles:

PRINCIPLES OF RESPONSIBILITY

The processing of personal data is handled over time by appropriate responsibilities identified within the company organisation. The holder of the processing activity is CORAL S.p.A. with premises in Volpiano (Torino), Corso Europa 596. The person in charge of processing the data is the legal representative of coral S.p.a.

PRINCIPLE OF TRANSPARENCY

The personal data are collected and subsequently processed according to the principles set out in the Privacy Policy adopted by CORAL S.p.A. indicated in this Privacy Policy. In accordance with the provisions of art. 13 of Leg. Dec. 196/03, at the time the data is conferred, the interested party is provided with an information notice synthetic but complete, detailing the purposes and method of the processing activities, on the obligatory or optional nature of conferral of the data, on the consequences of failing to confer the data, on the individuals or categories of subjects to whom the personal data can be communicated and the scope of diffusion of the same data, on the rights of art. 7 of Leg. Dec. 196/2003 (access integration updating, correction, cancellation for violation of the law, opposition to the processing activity etc.), on the identity and the premises of the holder and of those in charge of the processing activity. The interested party is therefore called to express his informed and free consent, expressed in specific form, which is documented in the form provided for by the law. If conferral of the personal data occurs in later stages, integrations may be provided to the information notices already made in precedence and any new permission to treatment laid out by the Code may be requested.

PRINCIPLE OF PERTINENCE OF COLLECTION

The personal data are processed legitimately and correctly; they are recorded for specific, explicit and legitimate purposes; they are pertinent and do not fall outside of the purposes of the processing activity; they are kept for the time required to the purposes of collection.

PRINCIPLE OF PURPOSE OF USE

The purposes of processing the personal data are made known to the interested parties at the moment of collection. Any new processing of data, if foreign to the purposes declared, are initiated only after a new information notice has been given to the interested party and possible request of consent, when requested by Leg. Dec. 196/03. In any case the personal data are not communicated to third parties or diffused without the prior consent of the interested party, except in cases expressly indicated by art. 24 of Leg. Dec. 196/03.

PRINCIPLE OF SAFETY

The personal data are protected by technical, computer, telematic, logistical and procedural safety measures, against risks of destruction or loss, even accidental, and unauthorized access or unpermitted processing. These measures are updated periodically on the basis of technical progress, the nature of the data and specific features of the handling process, which are monitored constantly and verified over time.

SCOPE OF APPLICATION

With the consent of the interested parties, if requested by the law, and in any case after adequate information notice which specifies the various purposes, the personal data can be communicated to third parties, public and private, foreign to the CORAL S.p.A. company who will handle them as independent holders of the processing activity, according to the definition contained in Leg. Dec. 196/03. Of the processing of the personal data carried out by these third parties the company is in no way responsible. CORAL S.p.A. shall not be held liable for: 1. the rules and methods of managing the personal data of other websites that may be reached from our pages through connections and sending backs; 2, the contents of any e-mail service, Web space, chat forums provided by users. Types of data collected and method of processing. The types of personal data collected and processed in the website www.coral.eu are those necessary to provide the various services provided on line. The data collected are handled by paper, automated and telematic means and with logic strictly correlated to the purposes of the processing activity. To offer you the services your fax or phone numbers may be used as well as your e-mail address. It is therefore evident that if your fax or telephone number is not provided you cannot be provided with the services requiring the use of these tools. If you do not express your consent for the use of e-mail, telephone or fax for purposes of advertising information or direct sale or commercial interactive communication, these tools cannot be used for this purpose. Any involuntary sending of email to the addresses indicated in the site implies acquisition of the address of the sender as well as any other information contained in the message.

SCOPE OF DATA COMMUNICATION

The personal data provided by you can be communicated to third parties to fulfil the obligations of law, to execute orders from public authorities legitimated to this or to have a right upheld or defended in a judicial seat. If necessary in relation to the particular services or products requested, your personal data can be communicated to third parties who carry out, as independent holders of the processing activity, functions strictly connected and instrumental to the provision of the services or supply of the products. Without the communication these services and products cannot be provided.

CONFERRAL OF YOUR PERSONAL DATA

Conferral of your personal data is always optional, in that you can provide them or not. Naturally if you decide not to provide them, some or all the services cannot be provided. Registration forms are used to collect the personal data and these specifically mark some data as obligatory. These data are necessary for providing the service required. If you do not provide us with these data we cannot provide the service required and you cannot avail of the connected opportunities.

SAFETY MEASURES ADOPTED TO PROTECT THE DATA COLLECTED

The www.coral.eu website uses safe architecture and technologies to protect your personal data against undue divulgation, alteration or improper use. The protection measures initiated for the personal data propose, in particular, to reduce to a minimum the risks of destroying or loss, even accidental of the data, of unauthorized access or unpermitted processing or not conforming to the purposes of the collection. These safety measures respond to the minimum requirements indicated by the Legislator (Technical Discipline in the subject of minimum safety measures pursuant to art. 33 to 36 of Leg. Dec. 196/03). Finally, periodic "Risk Analysis" activities are carried out to verify adherence to the standards defined and if necessary new safety measures are adopted following organisational changes and technological innovation or changes in the type of data collected. All the safety measures are constantly monitored and periodically checked.