According the European Regulation 2016/679
Dear customer, we would inform you that the European Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (from now on called “GDPR” General Data Protection Regulation), provides for the legal protection of persons and other subjects on the personal data processing. Our organization, as controller of the processing, according the article no 13 of GDPR, gives you the following information:
- CONTROLLER OF THE PROCESSING: the controller of the processing is Cristiania Srl – Via S. Antonio, 18 – 38024 Cogolo di Pejo TN, CF e P.IVA 00608540225, available on this phone number 0463754157 or on the email address firstname.lastname@example.org
- CATEGORIES OF DATA: the controller of the processing will process the personal data and/or details statutory required to the development of the activities related to required work and to the financial duty as well as to other legal duty.
- PERSONAL DATA SOURCE: the personal data of which the controller will own are collected at the moment of the execution of the work/service/required sale.
- PURPOSE OF DATA PROCESSING AND LEGAL BASIS: the legal basis of the processing of collected and archived data is the approval of the customer for the following purposes: customer and supplier management, internal control and analysis services, activities planning, credit rescue and insurance, assistance and support, communication of commercial, financial and accounting information, activity management regarding to requested services and contractual conditions.
- DATA SUBJECT: the data shall be communicated, as much as possible with the purpose of the processing, to partner, consultancy societies, legal consultants, firms and institutions, banks, insurances, that are mentioned by the holder of the processing. The data will not be spread in any time. Processing responsible and officials are recognized in the document for the company data management, updated at least each end of the year.
- DATA TRANSFER ABROAD: collected data shall be transferred abroad through societies that manage newsletter service. This societies are elected Responsible by the holder of the processing and located at any time in the document for the company data management.
- PRESERVATION DATA: the collected data shall be preserved for a period of time not longer to the purpose for which they are processed (“principle of limitation of preservation”, art 5, GDPR) and/or according to deadline expected by the current regulations and/or specific requests. The control of the collected data obsolescence related to the purpose for which they have been collected, will be done every end of the year.
- RIGHTS OF THE DATA SUBJECT: the data subject has always the right to ask the controller the access to his/her data, the rectification or the erasure of the same data, the restriction of the processing or the possibility to take position against this data, to ask the data portability, to revoke the consent to the processing, making his/her rights valid as expected by the GDPR, through an easy communication to the holder. The data subject can complain to a control authority.
- DATA PROVISION COMPULSORINESS OR LESS: the provision of the required data is essential to the performing of the duties same as above and their lacking consent to the processing would implicate the lacking execution of the contract.
- AUTOMATED PROCESS: collected data shall not be object of automated processes as profiling.
- DATA PROCESSING METHOD: the personal data you provided, shall be object of processing operations respecting the regulation as above written and the privacy duties. The data shall be processed both with IT devices and with paper supports and with any other useful device, respecting the appropriate technical and organizational security actions expected by GDPR.