INFORMATION ON THE PROCESSING OF PERSONAL DATA

& nbsp;

The Data Controller informs you, pursuant to art. 13 EU Regulation no. 2016/679 (hereinafter, “GDPR”) that your data will be processed in the manner and for the following purposes:

  1. Object of the Treatment

The Data Controller processes personal, identifying data (for example, name, surname, company name, address, telephone, e-mail, bank and payment details) subsequently, “personal data” or even “data” from you communicated during pre-contractual and / or contractual relationships.

  1. Purpose of the processing

A – Your personal data are processed without your express consent art. 6 lett. b), e) GDPR), for the following purposes:

  • Conclude the contracts for the services of the Owner;
  • Fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships with you;
  • Fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority;
  • Exercise the rights of the owner;

B – Your personal data are processed only with your specific and distinct consent (Article 7 of the GDPR), for the following Marketing purposes:

  • Send them via e-mail, post and / or sms and / or telephone contacts, newsletters, commercial communications and / or advertising material on products or services offered by the Data Controller and detection of the degree of satisfaction with the quality of services;
  • Send them via e-mail, post and / or sms and / or telephone contacts, commercial and / or promotional communications from third parties (for example, business partners, insurance companies, other companies connected to the Data Controller).

Please note that if you are already our customer, we can send you commercial communications relating to the Controller’s services and products similar to those you have already used.

  1. Treatment modes and times

The processing of your personal data is carried out by means of the operations indicated in art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subjected to both paper and electronic and / or automated processing.

The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and in any case for no more than 10 years from the termination of the relationship for the purposes of service and for no more than 2 years from the collection of data for the purposes of Marketing.

At the end of the periods indicated, the data will be deleted and / or made anonymous

  1. Data access

Your data may be made accessible for the purposes referred to in art. 2.A) and 2.B):

  • To employees and collaborators of the Data Controller or associated companies in Italy and abroad, in their capacity as persons in charge and / or internal data processors and / or system administrators;
  • To third-party companies or other subjects who carry out outsourced activities on behalf of the Data Controller, in their capacity as external data processors.
  1. Data communication

Without the need for express consent (Article 6 letter b) and c) GDPR), the Data Controller may communicate your data for the purposes referred to in art. 2.A) to those subjects to whom the communication is mandatory by law for the accomplishment of said purposes. These subjects will process the data in their capacity as independent data controllers.

Your data will not be disclosed.

  1. Data transfer

Personal data is stored as follows:

– in electronic format on the computer systems located at the headquarters of our company, within the European Union;

– in paper format at the headquarters of our company, within the European Union;

In any case, it is understood that the Data Controller, if necessary, will have the right to move data to IT systems even outside the EU. In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission.

  1. Nature of providing data and consequences of refusing to reply

The provision of data for the purposes referred to in art. 2.A) is mandatory. In their absence, we will not be able to guarantee the services of art. 2.A).

The provision of data for the purposes referred to in art. 2.B) is optional. You can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, you will not be able to receive newsletters, commercial communications and advertising material relating to the Services offered by the Data Controller. However, you will continue to be entitled to the Services referred to in art. 2.A).

  1. Rights of the interested party

In your capacity as an interested party, you have the rights referred to in art. 15 GDPR

Where applicable, it also has the rights referred to in Articles. 16-21 GDPR (Right of rectification, right to be forgotten, right of limitation of treatment, right to data portability, right of opposition), as well as the right of complaint to the Guarantor Authority.

  1. How to exercise rights

You can exercise your rights at any time by sending a communication to the Data Controller:

  • A registered letter a.r. to:

A & amp; D s.n.c. by Molteni Simone and C. – Via Genova 21 22063 CANTU ’(CO)

  1. Owner, managers and agents

The Data Controller is A & amp; D s.n.c. by Molteni Simone e C. based in Cantù (CO) in Via Genova 21

The updated list of data processors and persons in charge of processing is kept at the registered office of the Data Controller.

& nbsp;