(articles 13-14, EU Regulation n. 2016/679)
In compliance with EU Regulation 2016/679 on the processing of personal data and their free circulation, to Legislative Decree no. 196/2003 and subsequent amendments “Code on the protection of personal data”, we inform you, as a “Data subject” on the way of use of personal data by our Company, in order to guarantee a correct, lawful and transparent processing in compliance with the principles placed to the protection of your rights and your personal liberties.
DATA CONTROLLER: Moretti Forni Spa
Registered Office: Via A. Meucci n. 4 – Mondolfo (PU)
Vat number: 01298900414
Phone N. / FAX: 0721-96161 / 0721-9616299
E-mail / pec: firstname.lastname@example.org / email@example.com
WHAT WE DO WITH YOUR DATA (Categories of data, contractual requirement)
We mainly request and process only personal data classified as “common”, but, in some cases, it may be essential to also process data classified as “special”; it will be the responsibility of our company staff to communicate specific information relating to the use and purpose of the processing.
The “common” personal data processed by the Data Controller are, e.g. the name and surname, the place and date of birth, the economic identification data, the VAT number and the Tax Code, the residence, the domicile, the details or a photocopy of the identification document, the address mail or PEC, the telephone numbers.
The provision of some personal data is mandatory in order to take advantage of the services offered by the Data Controller, therefore in the absence of the same we will not be able to follow up on the execution of the entrusted activity. Other data, on the other hand, expressly identifiable in the models created by the company, are optional, consequently failure to provide them will prevent the provision of additional and non-essential services for the continuation of the relationship.
WHY WE PROCESS YOUR DATA (Purposes and legal bases)
We process your data to perform the activities related to the execution of the contract or to carry out the pre-contractual activities requested by you, for the fulfilment of legal obligations deriving from civil or tax or accounting norms, as well as to enable effective administrative management and the resulting financial and commercial relationships. They can also be developed for an evaluation of the quality of the services provided, for the management of complaints and for the reply of requests for information forwarded.
We may also process your contact details for business promotion activities also through our partners based within the European Union, but for this purpose you will be asked for explicit consent.
In case there is a need to pursue further purposes of processing your data, which have not been indicated in this information, we will inform you in advance about the new methods of processing.
HOW WE PROCESS YOUR DATA AND WITH WHICH TOOLS (Processing mode)
Your personal data will be processed by the Controller’s organization through authorized staff, in paper and digital format.Only personnel authorized by the Data Controller will be able to access your data to carry out the processing or system maintenance operations. We take all technical and organisational measures to avoid unauthorized access, disclosure, modification or destruction problems. These measures have been reported within our privacy management system, which allows to maintain a constant monitoring of protection against the data processed, as well as a continuous adaptation of the procedures according to the evolution of the Company reality. We also specify that we do not use, within our organization, an automated decision-making, including profiling, which produces legal effects that concern you and / or that significantly affect your person.
TO WHOM WE COMMUNICATE YOUR DATA (Communication to third parties and categories of recipients)
The data are processed at the legal and operational headquarters of the Data Controller and in any other place where the parties involved in the processing can be located. Your personal data may be disclosed to public bodies and institutions in charge, in order to comply with the obligations established by laws and regulations, as well as may be disclosed to external companies that carry out outsourcing activities on behalf of the Data Controller, in their quality of data processors. These data processors are accredited and authorized by us to process the data exclusively for the purposes described above, including the correct management of the contractual relationship established between the parties. All data processors have been identified individually, within our management system, and have received appropriate instructions to ensure the rights of data subjects, in addition to the requirement to respect the right of confidentiality. The complete and up-to-date list of data processors can always be requested to the Data Controller, as indicated in this information. Your data will not be transferred to third countries not belonging to the European Union and with personal data protection regulations not aligned with EU Regulation 2016/679. We also specify that your data will not be disclosed by us to any third parties neither authorized nor for any other purpose than those stated in this information.
HOW LONG WE KEEP YOUR DATA (Storage Period)
We will process your data for the time necessary to achieve the aforementioned purposes and for the period established by the regulations in force. At the end of the period, the data will be destroyed, returned or processed ensuring compliance with the principle of minimisation, to protect the rights and freedoms of the data subject and always safeguarding them with appropriate technical and organisational security measures.
WHAT ARE YOUR RIGHTS
At any time you can directly request the Data Controller to see, correct, delete or limit the data concerning you. We guarantee you the right to data portability and therefore at any time you can request a digital copy of the same or the automatic transfer to other parties. In the cases provided, you can also object or revoke the consent given. Furthermore, your right to lodge a complaint to the Data Protection Authority remains safeguarded, if you deem our processing methods not compliant.
HOW TO EXERCISE YOUR RIGHTS
In order to follow up your rights or to request further information regarding the processing of your personal data carried out by our Company, please contact the Data Controller, in order to verify together the legal prerequisites and to be able to answer your requests in the most rapid and exhaustive way possible or You can send a request using the “GDPR Rights Form” provided by the Data Controller on the company website.
The Information is the tool provided by the EU Regulation 2016/679 as an application of the principle of transparency and has the purpose of helping you (Data subject) in the management of the information we process and which concern you. As the processing methods vary, or in the event of a change in national or european legislation, the information may be reviewed and integrated. In the event of important changes or changes in the processing purposes, you will be notified in advance through the corporate communication tools.