INFORMATION NOTICE IN ACCORDANCE WITH ARTICLE 13 OF REGULATION (EU) 2016/679 (GENERAL DATA PROTECTION REGULATION)
Dear Client / Supplier,
With reference to the personal data supplied by you to the present Company PUNTO INOX SERVICE SRL (hereinafter, the “Company”) in relation to our current business relationship or otherwise received by the Company (hereinafter, “Data”), in accordance with the terms of Article 13 of Regulation (EU) 2016/679 (“General Data Protection Regulation”, hereinafter “Regulation”) we hereby advise you as follows.
For the present purposes, the term “processing” means “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction”.
For the present purposes, the term “personal data” means “any i n formation relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
For the present purposes, the term “data subject” means “an identified or identifiable natural person”.
For the present purposes, the term “special categories of personal data” means “personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation shall be prohibited”.
For the present purposes, the term judicial data means “personal data relating to criminal convict ions and offences or related security measures”.
The Data Controller is PUNTO INOX SERVICE SRL. with registered office in Milano – Via Castel Morrone 24, VAT 03359530965, Phone +39 – 031 617034, fax +39 – 031 617267 Certified email address email@example.com.
PURPOSE OF THE PROCESSING ANDA DATA PROCESSED
Within the limits set down by the laws in force, the Data may be processed by the Company for the following purposes: a) fulfilling obligations provided by laws, regulations and/or EU laws; b) for fulfilment of contractual obligations.
You are no requested to provide special categories of persona data (as indicate above) and/or personal data relating to criminal convictions and offences or related security measures, nor will such data be obtained by other means.
GROUNDS FOR PROCESSING, MANDATORY / DISCRETIONARY NATURE OF PROCESSING AND
CONSEQUENCES OF FAILURE TO PROVIDE DATA
The provision of Data is necessary for all that is requested for compliance with a legal obligation to which the Company is subject, to exercise specific rights to the company or to you, and for the performance of a contract with you. However, in the event of failure to provide Data, the Company could be inhibited from pursuing the above-mentioned purposes and will not be able to provide the performance of the contract to you requested nor to perform all the obligations, also by law, deriving from it.
RECIPIENTS AND TRANSFER OF DATA
For the same purposes set forth in this informative note, the Data may be subject to processing by person authorised by the Company and who have undertaken an obligation of confidentiality or are subject to an appropriate legal obligation of confidentiality (e.g., Company’s employees).
Moreover, the Data may be communicated to third parties (such as, by way of example only, credit institutes or forwarding agents), with registered offices located in the countries belonging to or not belonging to the European Union and/or European Economic Space, which need to access such Data in relation to the same purposes set forth above. Such companies are considered, in some cases, autonomous data controllers of the processing, which may process the Data within the limits strictly necessary for the above-mentioned purposes; to the extent not indicated in this informative note, said parties must provide you with a specific informative note in respect of the processing of data which may possibly be undertaken by them.
The transfer of Data will be made through appropriate safeguards, such as by relying on adequacy decisions from the European Commission, standard data protection clauses adopted by the European Commission, or other safeguards or conditions considered adequate to the transfer at hand. More information about transfer are available sending a written request to Company at the following email address: Certified email address firstname.lastname@example.org
The Data shall not be diffused (by the term “diffusion” we mean making unspecified parties aware of the Data).
RETENTION OF DATA
The Data will be kept for the period deemed strictly necessary to manage the contractual relationship. In any case, the further preservation. In any case Company may continue to store the Data for a longer period, as may be required by the applicable legislation.
DATA SUBJECTS’ RIGHTS
In your capacity as data subject of the Data processing, you are entitled to exercise the following rights, at any time:
‐ access your Data being processed by Company (and/or a copy of that Data), as well as information on the processing of your Data;
‐ correct or update your Data processed by Company, where it may be inaccurate or incomplete;
‐ request erasure of your Data being processed by Company, where you feel that the
processing is unnecessary or otherwise unlawful;
‐ request the restriction of the processing of your Data, where you feel that the Data processed is inaccurate, unnecessary or unlawfully processed, or where you have objected to the processing;
‐ exercise your right to portability: the right to obtain a copy of your Data provided to Company, in a structured, commonly used and machine-readable format, as well as the transmission of that Personal Data to another data controller;
‐ object to the processing of your Data, based on relevant grounds related to your particular situation, which you believe must prevent Company from processing your Data.
You can always exercise your rights described above by sending a written request to Company at the following e-mail address: Certified email address email@example.com.
In any case, please note that – pursuant to art.77 of the Regulation – as a data subject, you are entitled to file a complaint with the competent supervisory authorities for the protection of Personal Data (in Italy, “Garante per la Protezione dei dati personali”), if you believe that the processing of your Data is unlawful.