Aims

To protect the rights and freedoms of natural persons, as well as their personal data, CPL Concordia Soc. Coop. has drawn up a Data Breach Policy to deal with the potential personal data breaches as effectively as possible.

A personal data breach is defined as the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed.

Possible causes of a breach

The causes that can lead to such situations can be:

  • Wilful misconduct or negligence
  • Unforeseen circumstances such as fire, flood, earthquake, etc.
  • Hacking attacks
  • Failure of planned mitigation measures
  • “Blagging” offences where information is obtained by deceiving the organisation holding it.

Possible consequences of a breach

The main risks to the rights and freedoms of individuals following a data breach are:

  • Physical, material or immaterial damage to individuals;
  • Loss of control over the data of the Data Subjects;
  • Limitations of rights/discrimination;
  • Theft or misuse of identity;
  • Financial loss/economic or social or reputational damage (for both the Data Subject and the Data Controller);
  • Unauthorised decryption of pseudonymisation;
  • Loss of confidentiality of personal data protected by professional secrecy (medical, judicial information);
  • Unauthorised use of personal data.

DPO details

 

Tel.: 0535.616.111
E-mail: dpo@cpl.it

Certifications and accreditations