Privacy Policy

Information on the processing of customers’ personal data

In accordance with the art. 13 of Regulation 2016/679/EU (hereinafter “GDPR”) Sineglossa Via Marconi, 41 – 60125 Ancona (AN) Tel. and fax: +39 071.2412416| E-mail: info@sineglossa.it P. VAT: 02413030426 (in the  following “Data Controller”), in its capacity as “Data Controller”, informs you that your personal data  collected for the conclusion of the contract with the Customer and/or in the context of the execution and/or

stipulation of the same will be processed in compliance with the aforementioned legislation, in order to  guarantee the rights, fundamental freedoms, as well as the dignity of natural persons, with particular  reference to confidentiality and personal identity. We inform you that if the activities provided to you involve the processing of personal data of third parties in your ownership it will be your responsibility to ensure that  you have complied with the provisions of the legislation with regard to the data subjects in order to make  their processing by us legitimate.

1. Origin, purpose, legal basis and nature of the data processed 

The processing of your personal data, directly provided by you, is carried out by SINEGLOSSA for the purpose  of concluding the contract with the Customer and/or in the context of the execution and/or stipulation of  the same. In addition, it is possible to process the personal data of third parties communicated by the  Customer to the Company. With respect to this hypothesis, the Customer acts as the independent data  controller and assumes the consequent legal obligations and responsibilities, keeping the Company against  any dispute, pretense and/or claim for compensation for the damage from processing that should reach the  Company from interested third parties. In compliance with current legislation on the protection of personal  data and without the need for specific consent from the Data Subject, the Data will be stored, collected and  processed by the Company for the following purposes:

a. compliance with contractual obligations, execution and/or conclusion of the contract with the Customer  and/or management of any pre-contractual measures; 

b. fulfilment of any regulatory obligations, tax and tax provisions deriving from the performance of the  business activity and obligations related to administrative-accounting activities; 

c. sending, directly or through third parties providers of marketing and communication services, newsletters  and communications for direct marketing purposes through email, sms, mms, push notifications, fax, paper  mail, operator assisted telephone calls; 

The legal bases for processing for purposes (a) and (b) above mentioned are art. 6.1.b) and 6.1..c) of the  Regulation. The provision of Data for the aforementioned purposes is optional, but any failure to provide the  Data themselves and the refusal to provide them would make it impossible for the Company to execute  and/or conclude the contract and provide the services requested by the same.

The legal basis of the processing of personal data for the purposes c) is art. 6.1.a) of the GDPR as the  processing is based on consent; it should be specified that the Data Controller may collect a single consent  for the marketing purposes described herein, in accordance with the General Provision of the Guarantor for  the protection of personal data “Guidelines regarding promotional activity and combating spam” of July 4,  2013. The provision of consent to the use of data for marketing purposes is optional and if, the data subject  wishes to oppose the processing of data for marketing purposes carried out with the means indicated here,  as well as revoke the consent given; you may do so at any time without any consequence (other than for the fact that you will no longer receive marketing communications) following the indications in the “Rights of the  Data Subject” section of this Policy. Finally, please note that for the processing carried out for the purpose of  sending directly its advertising material or direct sale or for the purpose of carrying out its own market  research or commercial communications in relation to products or services similar to those used by the Customer, the Company may use the e-mail or personal data addresses pursuant to and to the extent

permitted by art. 130, paragraph 4 of the Code and by the measure of the Guarantor Authority for the  protection of personal data of 19 June 2008 even in the absence of explicit consent. The legal basis of the  processing of data for this purpose is art. 6, paragraph 1, letter f) of the GDPR, without prejudice to the  possibility of opposing such processing at any time, following the indications present in the “Rights of the  Data Subject” section of this Policy.

2. Communication 

The data may be communicated to third parties appointed as data controllers pursuant to Article 28 of the  GDPR and in particular to banking institutions, companies active in the insurance field, service providers  strictly necessary for carrying out the business activity, or consultants of the company, where this proves  necessary for tax, administrative, contractual reasons or for needs protected by current regulations. Your personal data, or the personal data of third parties in its ownership, may also be communicated to external  companies, identified from time to time, to which SINEGLOSSA entrusts the execution of obligations deriving  from the assignment received to which only the data necessary for the activities requested of them will be  transmitted. All employees, consultants, temporary and/or any other “natural person” who carry out their activity on the basis of the instructions received from SINEGLOSSA, pursuant

to art. 29 of the GDPR, are appointed “Data Controllers” (in the following also “Appointees”). Sineglossa, if designated, gives appropriate operational instructions to the Appointees or Managers, with  particular reference to the adoption and compliance with security measures, in order to guarantee the  confidentiality and security of the data. Precisely with reference to the protection aspects of personal data,  the Customer is invited, pursuant to art. 33 of the GDPR to report to SINEGLOSSA any circumstances

or events from which a potential “data breach” may result in order to allow an immediate assessment and  the adoption of any actions aimed at countering this event by sending a communication to SINEGLOSSA to  the contactdetails indicated below. The Data will not be disclosed. The obligation of SINEGLOSSA to communicate the data to Public Authorities on specific request remains compulsory.

3. Transfer abroad 

The transfer of your personal data abroad may take place if it is necessary for the management of the  assignment received. For the processing of the information and data that will be communicated to these  subjects, the equivalent levels of protection adopted for the processing of the personal data of their  employees will be required. In any case, only the data necessary for the pursuit of the intended purposes will  be communicated and the regulatory tools provided for by Chapter V of the GDPR will be applied.

4. Methods, treatment logics and storage times 

Your data are collected and recorded in a lawful and correct manner for the purposes indicated above in  compliance with the principles and requirements of art. 5 and 1 of the GDPR. The processing of personal data  takes place through manual, IT and telematic tools with logics closely related to the purposes themselves  and, in any case, in order to guarantee their security and confidentiality. Personal Data will be processed by SINEGLOSSA for the duration of the assignment and also subsequently to assert or protect its rights or for  administrative purposes and/or to carry out obligations deriving from the applicable pro tempore regulatory  and regulatory framework and in compliance with the specific legal obligations on data retention.

5. Rights of the Data Subject 

In accordance with the limits and conditions laid down by the legislation on the protection of personal data  regarding the exercise of the rights of Interested Parties 1 with regard to the processing covered by this  Policy, as a Data Subject you have the right to request confirmation that your personal data is being processed  or not, access personal data concerning you and in relation to them you have the right to request

rectification, the deletion, notification of corrections and deletions to those to whom the data may have been  transmitted by our Organization, the limitation of processing in the cases provided for by the rule, the  portability of personal data – provided by you – in the cases indicated by the rule, to oppose the processing  of your data and, specifically, has the right to oppose decisions concerning it if based solely on automated  processing of your data , profiling included. In the event that you believe that the treatments concerning you  violate the GDPR rules, you are entitled to lodge a complaint with the Guarantor pursuant to art. 77 of the  GDPR. If you intend to request further information on the processing of your personal data or for the possible  exercise of your rights, you may contact SINEGLOSSA in writing

6. Data Controller 

Data controller, pursuant to art. 4 of the GDPR, is

Sineglossa
Via Marconi, 41 – 60125 Ancona (AN)
Tel. e fax: +39 071.2412416 | E-mail: info@sineglossa.it
P. IVA : 02413030426

Sincerely 
The Data Controller
SINEGLOSSA

13/04/2021