Information on Privacy data treatment

Information Document article 13 Reg. UE 2016/679- GDPR

Information on the processing of personal data collected from the interested party

In compliance with the provisions of EU Reg. 2016/679 (European General Data Protection Regulation) we hereby provide the necessary information regarding the processing of personal data provided.

The information must not be considered valid for other websites that may be consulted through links on the internet sites of the domain holder, who is not to be considered in any way responsible for third party websites.

This is information provided pursuant to art. 13 of EU Reg. 2016/679 (European General Data Protection Regulation) and is also inspired by the provisions of Directive 2002/58 / EC, as updated by Directive 2009/136 / EC regarding Cookies, and as provided for by the Authority for the protection of personal data on 08.05.2014 on the matter of cookies.

1. DATA SUBJECTS

DATA CONTROLLER, pursuant to articles 4 and 24 of EU Reg. 2016/679 is Romanopietra srl, in its capacity of owner and legal representative.

2. SCOPE AND LAWFULNESS OF THE TREATMENT

The personal data provided will be processed in compliance with the conditions of lawfulness pursuant to art. 6 EU Reg. 2016/679 and for the following purposes:

a) Management of Data treatment inherent to (article 6, letter b):

navigation on the current website;

possible data collection form filing to be sent as information request to the data controller;

fulfilment of contractual obligations, of the law, and of administrative-accounting purposes. For the purposes of applying the provisions on the protection of personal data,

  the processing carried out for administrative-accounting purposes are those related to the performance of organisational, administrative, financial and accounting activities

  despite the nature of the data processed.

  Specifically, activities which pursue said objectives are: internal organisational activities; activities functional for the fulfilment of contractual and pre-contractual obligations; information activities

              

3. RECIPIENTS OR CATEGORIES OF DATA RECIPIENTS  

The personal data provided may be disclosed to recipients, named by ex art. 28 of EU Reg. 2016/679, which will process data as managers and/or as natural persons acting under the authority of the Data Controller and the Data Processor, in order to comply with related contracts or purposes. Precisely, the data may be disclosed to recipients belonging to the following categories:

Subjects providing services for the management of the information system and of the communication networks of Romanopietra srl (including e-mail);

–  Studies or companies as part of assistance and consultancy relationship;

Competent authorities for compliance with legal obligations and/or provisions of public bodies, upon request;

In case of administrative and accounting purposes, the data may eventually be transmitted to commercial information companies for the assessment of solvency and payment history and/or to subjects for credit recovery purposes.

The subjects belonging to the aforementioned categories perform the function of Data Processing Manager, or operate in complete autonomy as separate Data Controllers.

The list of designated data processors is constantly updated and available at the headquarters of Romanopietra srl.

4. TRANSMISSION OF DATA TO A THIRD COUNTRY AND/OR AN INTERNATIONAL ORGANISATION

Personal data provided shall not be transmitted abroad neither within nor outside of the European Union.

5. RETENTION PERIOD AND CRITERIA

Data processing will be carried out in an automated and/or manual way, by means of methods and instruments aimed at guaranteeing maximum security and confidentiality, by subjects specifically appointed to do so.

In compliance with the provisions of art. 5, paragraph 1, letter e of Reg. UE 2016/679 the personal data collected will be stored in a form that allows identification of data subjects for a period of time not exceeding the achievement of the purposes for which such personal data are processed. To be informed on the criteria set as base of the data retention period, please write to info@romanopietra.it

6. NATURE OF DATA PROVISION AND DENIAL

Apart from what specified in regards to navigation data, the user is free to provide personal data in dedicated areas on the website.

The provision of personal data for the purposes referred to in paragraph a) of this information document is necessary so as to refine the specific features and use of the services offered by the Data Controller, for instance, in order to receive feedback on the request for information submitted. Failure to provide consent to the treatment of personal data may make it impossible to obtain the requested service, or to use the services offered by the website.

7. RIGHTS OF THE INTERESTED PARTIES

It is possible to assert one’s rights as expressed in articles 15, 16, 17, 18, 19, 20, 21, 22 of EU Regulation 2016/679, by contacting the Data Controller at info@romanopietra.it

You have the right, at any time, to ask the Data Controller to access your personal data, to rectify it, to cancel it or limit its processing.

Furthermore, you have the right to object, at any time, to the processing of your data, including automated processing (e.g. profiling) as well as to the portability of your data.

Without prejudice to any other administrative and judicial appeal, should you believe that the processing of data concerning you violates the provisions of EU Reg. 2016/679, pursuant to art. 15, letter f) of the aforementioned EU Reg. 2016/679, You have the right to submit a complaint with the Authority for the protection of personal data and, in reference to art. 6, paragraph 1, letter a) and art. 9, paragraph 2, letter a), have the right to revoke the consent given at any time.

In the case of a request of data portability, the Data Controller shall provide the personal data concerned by means of an automated device in a structured format, which is of common and legible use, without prejudice to paragraphs 3 and 4 of the art. 20 of the EU Reg. 2016/679.

Date updated: 24/05/2018