INFORMATION FOR THE PROCESSING OF PERSONAL DATA
- Data Controller
The company Palmieri Srl, Via degli Oleandri, 46 81034 Mondragone (CE), Tel. 0823 978068 , P.iva 04010930610 as Data Controller, informs you, pursuant to European Regulation no. 679/2016 (“GDPR”) that your data will be subject to processing based on the principles of correctness, lawfulness, transparency and protection of your privacy and your rights. We therefore ask you to read the information carefully.
In this document we wish to explain to you:
- who is the Data Controller of your data;
- which data we use;
- why we collect your data;
- how your data are used;
- which data are mandatory and which are optional;
- how long your data are retained;
- who can have access to your data;
- to whom its data can be communicated;
- where your data can be transferred;
- what are your rights;
- how to exercise your rights.
- Which data do we use?
Our company uses your personal data, i.e. identification data such as: given name, surname, company name, address, telephone, e-mail, VAT number, bank and payment references etc. provided by you when, for example, you contact us directly for information on products/services, for a quote, or to define and/manage an order or a business relationship.
- Why do we collect your data?
The data provided by you allow us, on the one hand, to provide you with the requested information, manage our offering or define a business agreement, and on the other hand help us to understand your habits, your interests and your preferences in order to always be in line with your needs.
Specifically, your personal data are processed:
- a) without your prior consent for the following service purposes:
- the execution of the contract or the fulfilment of pre-contractual commitments:
- contact you as you have requested to provide all the information and responses on products and offers;
- define estimates;
- administer and manage the business relationship, providing for the management of all administrative and accounting aspects, the sending of service communications, organisation and shipment, assistance;
- improve assistance, services, content and products also through aggregated statistical analysis in an anonymous form.
- fulfilment of legal obligations:
- comply with and fulfil the obligations established by laws, regulations, EU regulations, orders and requirements of the competent authorities.
- the pursuit of a legitimate interest of the Data Controller:
- manage complaints and disputes, recover loans, prevent fraud and illegal activities;
- exercise the rights and protect the legitimate interests of the Data Controller or of third parties such as the right to defence in court;
- to manage commercial communications to the e-mail address you provide, relating to services and products similar to those used. Each email sent will allow you, by clicking on the appropriate link, to refuse further mailings.
- How are your data used?
Your personal data are used for collection, registration, organisation, storage, consultation, analysis, matching, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction operations. Your personal data are subjected to paper-based, electronic and automated processing and stored in electronic or paper files.
The processing operations are carried out minimising the use of personal and identifying data which are not necessary for the specific processing purposes pursued
- Which data are mandatory and which are optional?
Among the information we collect, some are essential to the definition, conclusion and administration of the contract, others help us to offer you a better service. In particular, the provision of your personal data, processed for the purposes of the service referred to in point a), is necessary for the management of the subsequent contractual relationships.
The provision of your personal data, when processed for other purposes (e.g. commercial or promotional communications) is optional. Their non-conferment does not prevent the management of the contractual relationship, but implies the interruption of the flow towards you of commercial or promotional communications.
- For how long are your data retained?
The data retention period is related to the purpose of the processing in progress. The Data Controller shall retain the personal data for a period of time not exceeding the achievement of the purposes for which they were processed, namely: for no more than 10 years from the termination of the relationship in accordance with legal obligations; for no more than 5 years in the absence of a relationship (sale, purchase, provision of services) for marketing purposes only.
- Who can have access to your data?
The protection of your personal data is important to us. For this reason we share your data only when strictly necessary and only with those who help us to offer you a better service every day. Your data may be made accessible:
- To the personnel within the organisation of the Data Controller, by virtue of the tasks assigned to them, with respect to the processing purposes specified in this Notice, as authorised processing parties and, where appointed, to the Data Processors.
- To public and/or private entities, natural and/or legal persons (legal, administrative and fiscal consultancy firms, commercial agents, shippers and couriers, any IT companies and any other parties) that the Data Controller uses in carrying out the activities, in their capacity as external Data Processors. The complete list is available at our office and can be viewed at your request.
- To all those parties (including Public Authorities) who have access to the data under regulatory or administrative provisions.
- To whom may your data be communicated?
The Data Controller may communicate its data to Supervisory Bodies, Judicial Authorities and to all other parties to whom the communication is mandatory by law for the completion of the aforementioned purposes. Your personal data shall under no circumstances be disclosed to third parties for promotional purposes and shall not be disseminated in any way.
- Where can your data be transferred?
Your data may not be subject to transfer outside the European Union.
- What are your rights?
Below we illustrate the rights you have that guarantee the control and protection of your personal data. In fact, you have the right to:
- a. obtain the cessation of processing ( i.e. right of opposition ) The Data Subject has the right to oppose at any time, for reasons connected with his/her particular situation, to the processing of personal data concerning him/her, including profiling on the basis of these provisions. The Data Controller shall no longer process the personal data in the event of the objection, unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the Data Subject, or for the establishment, exercise or defence of legal claims.
– If personal data are processed for direct marketing purposes, the Data Subject has the right to object at any time to the processing of personal data concerning him/her for such purposes, including profiling insofar as it is related to such direct marketing.
– If the Data Subject objects to their processing for direct marketing purposes, the personal data may no longer be processed for these purposes.
- b) obtain information in relation to the purposes for which personal data are processed, to the period of processing and to the parties to whom the data are communicated (i.e. right of access);
- c) obtain the correction or integration of incorrect personal data concerning the Data Subject (i.e. right of rectification);
- d) obtain the cancellation of personal data in the following case –
(i) the data are no longer necessary for the purposes for which they were collected;
(ii) the Data Subject has withdrawn his/her consent to the processing of data wherever they are processed on the basis of his/her consent;
(iii) the Data Subject has opposed the processing of personal data concerning him/her if they are processed for our legitimate interest; or
(iv) the processing of their personal data does not comply with the law.
However, we point out that the retention of personal data is lawful if it is necessary to allow the fulfilment of a legal obligation or to ascertain, exercise or defend a right in court
- e) obtain are only stored the situation that the personal data are only stored without any other use being made of them in the following cases:
(i) the Data Subject disputes the accuracy of the personal data, for the period necessary to enable us to verify the accuracy of such personal data;
(ii) the processing is unlawful but the Data Subject nevertheless opposes the deletion of the personal data on our part;
(iii) the personal data are necessary for the assessment, exercise or defence of a right in court;
(iv) the Data Subject has opposed the processing and is awaiting the verification of the possible prevalence of our legitimate reasons to the processing with respect to those of the data subject ((i.e. right of limitation);
- f) to receive personal data concerning him/her in a commonly-used format, readable by an automatic and interoperable device, if they are processed under a contract or on the basis of your consent
- How to exercise your rights
At any time you may change and revoke the processing of your personal data and exercise your rights in different ways: by sending a request to our company, to the addresses listed in point 1, or by sending an email to the following address email@example.com
For all the cases mentioned above, where necessary, we will take care to be aware of the third parties to whom your personal data are communicated, of the possible exercise of your rights, with the exception of specific cases (e.g. when such compliance proves impossible or involves the use of means which are manifestly disproportionate to the protected right).
Finally, we remind you that you have the right to contact the Office for Data Protection for the protection of personal data in relation to the processing of your personal data (www.garanteprivacy.it).
The present Informational Note on the processing of personal data is subject to updating by the Data Controller, the version currently in force is rev. 01 of 17 May 2018.