Information on the processing of customers’ personal data
In accordance with the art. 13 of Regulation 2016/679/EU (hereinafter “GDPR”) Sineglossa Via Marconi, 41 – 60125 Ancona (AN) Tel. and fax: +39 071.2412416| E-mail: firstname.lastname@example.org P. VAT: 02413030426 (in the following “Data Controller”), in its capacity as “Data Controller”, informs you that your personal data collected for the conclusion of the contract with the Customer and/or in the context of the execution and/or
stipulation of the same will be processed in compliance with the aforementioned legislation, in order to guarantee the rights, fundamental freedoms, as well as the dignity of natural persons, with particular reference to confidentiality and personal identity. We inform you that if the activities provided to you involve the processing of personal data of third parties in your ownership it will be your responsibility to ensure that you have complied with the provisions of the legislation with regard to the data subjects in order to make their processing by us legitimate.
1. Origin, purpose, legal basis and nature of the data processed
The processing of your personal data, directly provided by you, is carried out by SINEGLOSSA for the purpose of concluding the contract with the Customer and/or in the context of the execution and/or stipulation of the same. In addition, it is possible to process the personal data of third parties communicated by the Customer to the Company. With respect to this hypothesis, the Customer acts as the independent data controller and assumes the consequent legal obligations and responsibilities, keeping the Company against any dispute, pretense and/or claim for compensation for the damage from processing that should reach the Company from interested third parties. In compliance with current legislation on the protection of personal data and without the need for specific consent from the Data Subject, the Data will be stored, collected and processed by the Company for the following purposes:
a. compliance with contractual obligations, execution and/or conclusion of the contract with the Customer and/or management of any pre-contractual measures;
b. fulfilment of any regulatory obligations, tax and tax provisions deriving from the performance of the business activity and obligations related to administrative-accounting activities;
c. sending, directly or through third parties providers of marketing and communication services, newsletters and communications for direct marketing purposes through email, sms, mms, push notifications, fax, paper mail, operator assisted telephone calls;
The legal bases for processing for purposes (a) and (b) above mentioned are art. 6.1.b) and 6.1..c) of the Regulation. The provision of Data for the aforementioned purposes is optional, but any failure to provide the Data themselves and the refusal to provide them would make it impossible for the Company to execute and/or conclude the contract and provide the services requested by the same.
The legal basis of the processing of personal data for the purposes c) is art. 6.1.a) of the GDPR as the processing is based on consent; it should be specified that the Data Controller may collect a single consent for the marketing purposes described herein, in accordance with the General Provision of the Guarantor for the protection of personal data “Guidelines regarding promotional activity and combating spam” of July 4, 2013. The provision of consent to the use of data for marketing purposes is optional and if, the data subject wishes to oppose the processing of data for marketing purposes carried out with the means indicated here, as well as revoke the consent given; you may do so at any time without any consequence (other than for the fact that you will no longer receive marketing communications) following the indications in the “Rights of the Data Subject” section of this Policy. Finally, please note that for the processing carried out for the purpose of sending directly its advertising material or direct sale or for the purpose of carrying out its own market research or commercial communications in relation to products or services similar to those used by the Customer, the Company may use the e-mail or personal data addresses pursuant to and to the extent
permitted by art. 130, paragraph 4 of the Code and by the measure of the Guarantor Authority for the protection of personal data of 19 June 2008 even in the absence of explicit consent. The legal basis of the processing of data for this purpose is art. 6, paragraph 1, letter f) of the GDPR, without prejudice to the possibility of opposing such processing at any time, following the indications present in the “Rights of the Data Subject” section of this Policy.
The data may be communicated to third parties appointed as data controllers pursuant to Article 28 of the GDPR and in particular to banking institutions, companies active in the insurance field, service providers strictly necessary for carrying out the business activity, or consultants of the company, where this proves necessary for tax, administrative, contractual reasons or for needs protected by current regulations. Your personal data, or the personal data of third parties in its ownership, may also be communicated to external companies, identified from time to time, to which SINEGLOSSA entrusts the execution of obligations deriving from the assignment received to which only the data necessary for the activities requested of them will be transmitted. All employees, consultants, temporary and/or any other “natural person” who carry out their activity on the basis of the instructions received from SINEGLOSSA, pursuant
to art. 29 of the GDPR, are appointed “Data Controllers” (in the following also “Appointees”). Sineglossa, if designated, gives appropriate operational instructions to the Appointees or Managers, with particular reference to the adoption and compliance with security measures, in order to guarantee the confidentiality and security of the data. Precisely with reference to the protection aspects of personal data, the Customer is invited, pursuant to art. 33 of the GDPR to report to SINEGLOSSA any circumstances
or events from which a potential “data breach” may result in order to allow an immediate assessment and the adoption of any actions aimed at countering this event by sending a communication to SINEGLOSSA to the contactdetails indicated below. The Data will not be disclosed. The obligation of SINEGLOSSA to communicate the data to Public Authorities on specific request remains compulsory.
3. Transfer abroad
The transfer of your personal data abroad may take place if it is necessary for the management of the assignment received. For the processing of the information and data that will be communicated to these subjects, the equivalent levels of protection adopted for the processing of the personal data of their employees will be required. In any case, only the data necessary for the pursuit of the intended purposes will be communicated and the regulatory tools provided for by Chapter V of the GDPR will be applied.
4. Methods, treatment logics and storage times
Your data are collected and recorded in a lawful and correct manner for the purposes indicated above in compliance with the principles and requirements of art. 5 and 1 of the GDPR. The processing of personal data takes place through manual, IT and telematic tools with logics closely related to the purposes themselves and, in any case, in order to guarantee their security and confidentiality. Personal Data will be processed by SINEGLOSSA for the duration of the assignment and also subsequently to assert or protect its rights or for administrative purposes and/or to carry out obligations deriving from the applicable pro tempore regulatory and regulatory framework and in compliance with the specific legal obligations on data retention.
5. Rights of the Data Subject
In accordance with the limits and conditions laid down by the legislation on the protection of personal data regarding the exercise of the rights of Interested Parties 1 with regard to the processing covered by this Policy, as a Data Subject you have the right to request confirmation that your personal data is being processed or not, access personal data concerning you and in relation to them you have the right to request
rectification, the deletion, notification of corrections and deletions to those to whom the data may have been transmitted by our Organization, the limitation of processing in the cases provided for by the rule, the portability of personal data – provided by you – in the cases indicated by the rule, to oppose the processing of your data and, specifically, has the right to oppose decisions concerning it if based solely on automated processing of your data , profiling included. In the event that you believe that the treatments concerning you violate the GDPR rules, you are entitled to lodge a complaint with the Guarantor pursuant to art. 77 of the GDPR. If you intend to request further information on the processing of your personal data or for the possible exercise of your rights, you may contact SINEGLOSSA in writing
6. Data Controller
Data controller, pursuant to art. 4 of the GDPR, is
Via Marconi, 41 – 60125 Ancona (AN)
Tel. e fax: +39 071.2412416 | E-mail: email@example.com
P. IVA : 02413030426
The Data Controller