(articles 13-14, EU Regulation n. 2016/679)
In compliance with EU Regulation 2016/679 on the processing of personal data and their free circulation, to Legislative Decree no. 196/2003 and subsequent amendments “Code on the protection of personal data”, we inform you, as a “Data subject” on the way of use of personal data by our Company, MORETTI FORNI SPA, in order to guarantee a correct, lawful and transparent processing in compliance with the principles placed to the protection of your rights and your personal liberties.
DATA CONTROLLER: Moretti Forni Spa
Registered Office: Via A. Meucci n. 4 – Mondolfo (PU)
Vat number: 01298900414
Phone N. / FAX: 0721-96161 / 0721-9616299
E-mail / pec: email@example.com / firstname.lastname@example.org
WHAT WE DO WITH YOUR DATA (Categories of data, contractual requirement)
We mainly request and process only personal data classified as “common”. In some cases, however, it may be essential to also process data classified as “special”. In these cases, it will be the responsibility of our company staff to communicate specific information relating to the use and purpose of the processing.
In relation to the contract between the parties, may be collected and catalogued, within our organization, your contact details (telephone number, email, contact details, etc.), possibly also the data of your workers and collaborators, as well as the company’s data, in order to improve the management of the existent relationship.
The provision of some personal data (appropriately specified during the request phase) is mandatory in order to take advantage of the services offered by our Company. Without them, we will not be able to process your request; or provide an adequate service; or provide it within the required time; or could result in the partial, or total, non-execution of the entrusted activity. Other data, on the other hand, are optional, consequently not providing them will prevent the supply of additional services, which however are not essential for the continuation of the relationship.
WHY WE PROCESS YOUR DATA (Purposes and legal bases)
We process your data to perform the activities related to the execution of the contract or to carry out the pre-contractual activities requested by you, for the fulfilment of legal obligations deriving from civil or tax or accounting norms, as well as to enable effective administrative management and the resulting financial and commercial relationships. They can also be developed for an evaluation of the quality of the services provided, for the management of complaints and for the reply of requests for information forwarded.
In case there is a need to pursue further purposes of processing your data, which have not been indicated in this information, we will inform you in advance about the new methods of processing.
We may also process your contact details for the business promotion activity or for the communications related to the direct sale of products and services similar to those already provided, but for this purpose you will be asked for explicit consent.
HOW WE PROCESS YOUR DATA AND WITH WHICH TOOLS (Processing mode)
Your personal data will be processed by our Company through the use of analog and digital systems.
Only personnel authorized by the Data Controller will be able to access your data to carry out the processing or system maintenance operations. We take all technical and organisational measures to avoid unauthorized access, disclosure, modification or destruction problems. These measures have been reported within our privacy management system, which allows to maintain a constant monitoring of protection against the data processed, as well as a continuous adaptation of the procedures according to the evolution of the Company reality. We also specify that we do not use, within our organization, an automated decision-making, including profiling, which produces legal effects that concern you and / or that significantly affect your person.
TO WHOM WE COMMUNICATE YOUR DATA (Communication to third parties and categories of recipients)
The data are processed at the legal and operational headquarters of the Data Controller and in any other place where the parties involved in the processing can be located. Your personal data may be disclosed to public bodies and institutions in charge, in order to comply with the obligations established by laws and regulations, as well as may be disclosed to external companies that carry out outsourcing activities on behalf of the Data Controller, in their quality of data processors. These data processors are accredited and authorized by us to process the data exclusively for the purposes described above, including the correct management of the contractual relationship established between the parties. All data processors have been identified individually, within our management system, and have received appropriate instructions to ensure the rights of data subjects, in addition to the requirement to respect the right of confidentiality. The complete and up-to-date list of data processors can always be requested to the Data Controller, as indicated in this information. Your data will not be transferred to third countries not belonging to the European Union and with personal data protection regulations not aligned with EU Regulation 2016/679. We also specify that your data will not be disclosed by us to any third parties neither authorized nor for any other purpose than those stated in this information.
HOW LONG WE KEEP YOUR DATA (Storage Period)
We will process your data for the time necessary to achieve the stated purposes for which they were collected and will be kept for the duration of the contractual relationship. They may also be maintained after the termination of the relationship, for the entire duration necessary for the extinction of the obligations contractually assumed and in order to fulfil the related obligations provided for by enforced laws. The personal data used for the business promotion activity may be processed until the possible exercise of the right of opposition. At the end of the period, the data will be destroyed, returned or processed ensuring compliance with the principle of minimisation, to protect the rights and freedoms of the data subject and always safeguarding them with appropriate technical and organisational security measures.
WHAT ARE YOUR RIGHTS
Where possible, we always collect personal data directly from the Data subject.
For the purposes, and within the limits, of the relationship established with the Data subject, we may make requests to other independent Data Controllers, such as private structures, public bodies, registers and/or public databases. Only if strictly necessary, and on residual basis, we could address ourselves to those who legally exercise representation, or to a close relative or family member.
HOW TO EXERCISE YOUR RIGHTS
In order to follow up your rights or to request further information regarding the processing of your personal data carried out by our Company, please contact the Data Controller, in order to verify together the legal prerequisites and to be able to answer your requests in the most rapid and exhaustive way possible. You can send a request using the “GDPR Rights Form” provided by the Data Controller on the company website.
The Information is the tool provided by the EU Regulation 2016/679 as an application of the principle of transparency and has the purpose of helping you (Data subject) in the management of the information we process and which concern you. As the processing methods vary, or in the event of a change in national or European legislation, the information may be reviewed and integrated. In the event of important changes or changes in the processing purposes, you will be notified in advance through the corporate communication tools.