INFORMATION NOTICE ON PERSONAL DATA PROCESSING
Pursuant to Art. 13 EU regulation 2016/679-GDPR
http://www.privacy-regulation.eu/it/4.htm
The undersigned Company, as Data Controller of the personal data processing (hereinafter “Controller”), informs You, according to Art.13 EU regulation 2016/679 (hereinafter “GDPR”) that Your personal data will be processed by the following mode and purposes:
1. Object of processing
The Controller will process Your personal, identifying and not sensitive data (in particular, name, surname, tax code, VAT number, e-mail address, telephone number - hereinafter “personal data” or also “data”) You communicate us at the beginning of your business relationships with Controller.
2. Purpose of processing
Your personal data are processed without Your prior consent (on point b of Art. 6 and GDPR) for the following purposes: a) fulfill the pre-contractual, contractual or fiscal obligations following the relationships with Yourselves; b) compliance with legal obligations, laid down by a regulation, by legislation or by an order from a public Authority; c) exercise Controller’s rights, e.g. the right of defense in legal proceedings. We remind You that if You are already our customer, we may send You business-related messages about Controller’s services and products similar to those You have already received, unless Your dissent.
3. Mode of processing
The processing of Your personal data is carried out by means of the operations listed in Art. 4 point 2) GDPR such as: collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of Your data. Your personal data are processed as well on integrated electronic/automatic and paper format. The Controller will process Your personal data for the time strictly needed to achieve the purposes mentioned above and anyway for no more than 10 years after Your business relationship has ended pursuant to Art. 2.
4. Data accessibility
Your data may be accessible according to Art. 2 above: a) to Controller’s or its Division Company’s employees or partners, as Delegates and/or Personal Data Protection Officers and/or System Administrators; b) to third parties (such as providers for web site managing and maintenance activities, suppliers, financial institutions, professional firms, etc.) which provide outsourced services, as Data Processors.
5. Data disclosure
The Controller may communicate Your data to supervisory authorities, judicial authorities , as well as all other persons who have the legal authorization, even without Your expressed consent (on point b) and c) of Art. 6) GDPR), pursuant to Art.2 above for completion of the said purposes. Your personal data will not be disclosed to third parties.
6. Data transmission
Personal data Storage and management shall be done through servers located in the headquarters. Data will not be issued outside the European Union.
7. Nature of data conferment and consequences of refusal
Pursuant to Art.2 above, conferring Your personal data is mandatory. If none, we cannot assure the Processing mentioned in the same article.
8. Subject’s rights
As the Subject, You will have the rights pursuant to Art.15 GDPR. Where applicable, You will have also the rights pursuant Articles 16-21 GDPR (rectification, the right to be forgotten, restriction, the right to data portability, the right to object) as well as the right to lodge a complaint to Supervisory Authority.
9. How to exercise Your rights
You can exercise Your rights as pursuant on point 8 at any time by sending registered round-trip notice to the Controller’s address written at the page heading, otherwise sending an e-mail to info@rietermorando.com
10. Controller, Data Processor
The Controller is Rieter Morando S.r.l.
The updated list of Processors is kept at the Controller’s headquarters.