INFORMATION NOTICE ON PERSONAL DATA PROCESSING PURSUANT TO ARTICLES 13-14 OF EU REGULATION NO. 2016/679
CONTROLLER AND CONTACT DETAILS
CONTROLLER AND CONTACT DETAILS
Purposes requiring specific consent
LEGAL BASIS OF DATA PROCESSING (ART. 6)
Processing is necessary for the performance of any agreements the Data Subject is a Party to, or in order to take steps at the request of the Data Subject prior to entering into a contract.
Data Subjects shall give their consent to the processing of their personal data for a specific purpose.
CATEGORIES OF PERSONAL DATA RECIPIENTS
Categories of recipients
Banks and banking companies
Cloud service providers
TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES
The Data Controller(s) shall not intend to transfer personal data to a non-EU country or an international organisation. Should it be required to perform any such transfer the Controller(s) shall forthwith ensure that the said data transfer will only be performed under the specific conditions set out in Articles 45 (“Transfers on the basis of an adequacy decision”), 46, para. 1 (“Transfers subject to appropriate safeguards”), or 46, para. 2 (Execution of Standard Contractual Clauses issued by the European Commission) of the GDPR.
PERSONAL DATA RETENTION
YOUR RIGHTS AS DATA SUBJECT
In compliance with the GDPR, you can enforce the rights set forth therein, and specifically the following rights:
- Right to access – Obtain confirmation from the Data Controller as to whether or not personal data concerning you are being processed and, in this case, access to specific information on the following: purposes of processing, categories of personal data being processed and data retention period, recipients to whom the said data can be disclosed (Art. 15, GDPR),
- Right to amendment – Without undue delay, have your inaccurate personal data rectified, or completed if incomplete (Art. 16, GDPR),
- Right to data erasure – Without undue delay, ask for the deletion of your personal data, in certain circumstances and with the restrictions applied by the GDPR (Art. 17, GDPR),
- Right to restriction of processing – Require the Controller to restrict the processing of your personal data, in certain circumstances and with the restrictions applied by the GDPR (Art. 18, GDPR)
- Right to portability – You may request to obtain structured, commonly used and machine readable formats of your personal data provided to the Controller, and shall have the right to transfer such data to another Controller without hindrance from the Controller, in certain circumstances and with the restrictions applied by the GDPR (Art. 20, GDPR)
- Right to object – Object to the processing of your personal data, unless the Controller has lawful rights to proceed with the processing thereof (Art. 21, GDPR)
- Right to claim – Lodge a complaint with the Italian data protection authority (www.garanteprivacy.it).
You can amend or withdraw your consent and enforce your rights by directly contacting the Data Controller by e-mail at the address
METHODS OF DATA PROCESSING
Your personal data shall be processed by performing the operations set forth in Art. 4, para. 2, GDPR, whether or not by automated means, namely: collection, recording, organisation, structuring, update, storage, adaptation or alteration, retrieval and analysis, reference, use, disclosure by transmission, comparison, interconnection, restriction, erasure or destruction. In any event, the logical and physical security of your data and the general confidentiality of the personal data being processed shall be guaranteed, by implementing all the appropriate technical and organisational measures as required to ensure their security.