INFORMATION ON THE PROCESSING OF PERSONAL DATA
PURSUANT TO ARTICLE 13 OF THE GDPR 2016/679
In compliance with the provisions of the GDPR 2016/679, hereby we inform you, as the “Data Subject”, about the purposes of data collection and about the processing of personal data relating to your company/person, which have been obtained from you even through the use of this site, to enable us to carry out our activity according to the current provisions.
We hereby provide you with the correct information on the processing of personal data, as specified below.
Please note that this information is not provided for other websites that may be visited by the user through links or sharing tools, such as widgets and applications that allow you to connect and share content on social networks or platforms independent from www.artuso-tt.it
- IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER
- CATEGORIES OF PERSONAL DATA
Personal data processed are the following:
a) personal data of the Data Subject;
b) contact details of the Data Subject;
c) navigation data.
- PURPOSES OF THE PROCESSING
Without prejudice to the obligations established by laws, regulations and European provisions, collected data will be processed by us for the following activities:
- performance of the contract or of the pre-contractual measures, or for the compliance with a legal obligation to which the Controller is subject;
- administrative and accounting management of customers and suppliers, in particular:
- customer/supplier administration;
- management of the contractual relationship;
- online/offline order, services and requests management;
- receipts and payments;
- credit recovery.
- anonymous statistical analysis on the use of this site and verification of its correct functioning.
- LEGAL BASIS OF THE PROCESSING
The legal basis of the processing is constituted by the fulfillment of pre-contractual/contractual and/or legal obligations.
- RECIPIENTS OR CATEGORIES OF RECIPIENTS OF THE PERSONAL DATA
If necessary for the purposes above indicated, personal data may be communicated by us exclusively to the third parties indicated below:
- accounting, tax, legal advisors;
- IT consultant;
- debt recovery companies, only if necessary;
- banking institutions;
- public entities, judicial, financial and other institutions, if required by laws, regulations, European provisions.
The specific identification data of the abovementioned third parties may be known by you at any time through the exercise of the right of access recognized to you and without prejudice to any legal limitations in this regard.
Personal data shall not be disseminated.
- AIM OF THE CONTROLLER TO TRANSFER PERSONAL DATA TO A THIRD COUNTRY OR INTERNATIONAL ORGANISATION
The Data Controller does not have the aim to transfer personal data to a third country or international organization.
- THE PERIOD FOR WHICH THE PERSONAL DATA WILL BE STORED
Collected data will be stored as follows.
a) Necessary Data for the purpose of the pre-contractual relationship: for the time strictly necessary for the possible finalization of the contractual relationship and, in any case, for a period of time not exceeding 1 year from the collection.
b) Necessary Data for the fulfillment of the contractual relationship: for the entire duration of the contractual relationship and for a further period of 5 years after its termination.
c) Necessary Data for the online/offline management of orders, services and requests: for the time strictly necessary for the execution/management of orders, services and requests.
d) Accounting records, invoices and correspondence: 10 years, as established by law.
e) Necessary Data for credit recovery activity: up to completion of this activity.
f) Necessary Data for the management of any litigation: up to the definition of the dispute itself.
g) Navigation data: the cancellation occurs immediately after processing and, in any case, after 7 days from collection.
Any longer period of conservation remain in the event that these derive from legal, accounting and/or tax obligations.
After the retention period, as described above, we will proceed to the entire elimination of data provided by you.
- RIGHTS OF THE DATA SUBJECT
The GDPR 2016/679 acknowledges the following rights to the Data Subject:
a) Right of access – art. 15;
b) Right to rectification – art. 16;
c) Right to erasure (‘right to be forgotten’) – art. 17;
d) Right to restriction of processing – art. 18;
e) Right to data portability – art. 20;
f) Right to object – art. 21;
g) Right to automated individual decision-making – art. 22;
h) Right to withdraw the consent at any time without affecting of the lawfulness of processing based on consent before its withdrawal – art. 7;
i) Right to lodge a complaint with a supervisory authority – art. 77;
j) Right to an effective judicial remedy against a supervisory authority (art. 78) and against the Controller or processor (art. 79).
For the exercise of the abovementioned rights from a) to h) the Data Subject has to contact the Data Controller.
- LEGAL NATURE OF THE DATA COLLECTION
The provision of personal data by the Data Subject, even though unnecessary, is a contractual requirement for the fulfillment of the abovementioned purposes. In case of failing in providing such data the contractual obligation may not be fulfilled.
It is up to the Data Subject to promptly notify the Data Controller of any changes concerning personal data.
- AUTOMATED DECISION-MAKING, INCLUDING PROFILING
Collected data will not be subject to automated decision-making, including profiling.
- THE DATA PROCESSING
Collected data will be processed as follows in compliance with the GDPR 2016/679 provisions:
a) the access to data and files will be allowed to the processors and the external parties designated as responsible;
b) the protection and systematic monitoring of personal data through appropriate actions;
c) the collection online/offline of personal data directly from the Data Subject;
d) the data recording and processing through information systems or files or paper means and organization of paper and computer files;
e) the review and change of personal data on a possible request from the customer/supplier.
This website may contain links to other sites not directly managed by the Data Controller. There may also be links to advertisers, sponsors or business partners. The website www.artuso-tt.it and its managers cannot carry out checks on third parties to whom these links may be postponed. Access to other sites and adherence to third-party initiatives are governed by the privacy policies and conditions they may have established. The Data Controller does not assume any responsibility regarding the aforementioned privacy policies and conditions established by third parties.
- RIGHT TO LODGE A COMPLAINT WITH THE SUPERVISORY AUTHORITY
The Data Subject has the right to lodge a complaint with the supervisory authority in the event of any kind of violation of the GDPR 2016/679.
The supervisory authority is the Garante per la Protezione dei dati personali