Dear Customer / Supplier,
we wish to inform you that, pursuant to art. 13 of Legislative Decree. 196/2003 (Privacy Code) and art. 13 of EU Regulation 2016/679 (General Data Protection Regulation - hereinafter "GDPR 2016/679"), containing provisions to protect people and other subjects regarding the processing of personal data, the personal data supplied by you will be to be object of treatment by ACCADUEO SRL
The processing of personal data will be in compliance with the above regulations, in particular, according to the principles of lawfulness, fairness, transparency and protection of your privacy and your rights, with particular reference to integrity, confidentiality, personal identity and the right to protection of personal data.
- Data controller
- Types of collected data
The provision of personal data is necessary for the conclusion of contracts, for their modifications and any other relationship with ACCADUEO SRL
Among the personal data collected, personal data, contact data and any data for the delivery of the goods are included.
- Purposes of data processing
The personal data you provide will be used for the following purposes:
- comply with legal obligations, regulations, community regulations, civil and fiscal regulations;
- perform the required services, fulfill any contractual obligations and allow effective management of the relationship with the counterparty in order to respond to requests for information, assistance, suggestions and / or needs that you have indicated.
- Nature of the provision and legal basis of the processing
The provision of personal data is necessary for the stipulation of contracts and for their execution.
Any refusal to supply them will determine the impossibility to proceed with the work relationship or the obstacle / impediment to the continuation of the relationships in progress.
- Method of treatment
The treatment will be carried out in an automated and / or manual form, with methods and tools that comply with the security measures set forth in art. 32 of the GDPR 2016/679 and Annex B of the Privacy Code (articles 33-36 of the Code), by persons specifically appointed, in compliance with the provisions of art. 29 of the GDPR 2016/679. Security measures will be used to guarantee the confidentiality of the interested party to whom these data refer and to avoid undue access by third parties and / or unauthorized personnel.
The owner takes appropriate security measures to prevent access, disclosure, modification or unauthorized destruction of personal data.
Please note that, in compliance with the principles of lawfulness, purpose limitation and data minimization (pursuant to Article 5 of the GDPR 2016/679), the retention period of your personal data is established within a period of no more than to achieve the purposes for which they are collected and processed, while respecting the times prescribed by law (normally provided for in 10 years).
At the end of the retention period the Personal Data will be deleted. Therefore, at the end of this term, the rights of access, cancellation, rectification as well as the right to the portability of the Data can no longer be exercised.
- Rights of the interested party
At any time, you can exercise, pursuant to art. 7 of the Privacy Code and articles 15-22 of the GDPR 2016/679, the right to:
- request confirmation of the existence or not of personal data referred to you;
- obtain information about the purposes of the processing, the categories of personal data, recipients or categories of recipients to whom the personal data have been or will be communicated and, where possible, the retention period;
- obtain data correction and deletion;
- obtain treatment limitation;
- obtain data portability, ie receive them from a data controller, in a structured format, commonly used and readable by automatic device, and transmit them to another data controller without impediments;
- oppose the processing at any time and also in the case of treatments for direct marketing purposes;
- oppose an automated decision-making process concerning individuals, including profiling;
- to propose a complaint to the Supervisory Authority (Garante Privacy).
- Information not contained in this policy
It is recalled that the interested party has the right to access the data concerning him at any time, by directing your request to our designated treatment manager for the reply, using the contact details indicated below:
(The possible revocation of the consent does not affect the lawfulness of the treatment based on the consent given before the revocation)
- Scope of communication and dissemination
The collected data will not be disseminated; personal data, in relation to the aforementioned purposes, may be communicated to the following categories of recipients:
- public entities to whom the data must be communicated by law (social security and welfare agencies, financial offices, etc.);
- subjects - public or private - if the communication is necessary or functional for the performance of our activity;
- our consultants, to the extent necessary to carry out their professional duties on behalf of the undersigned company.
- Data transfer to non-EU countries
The Data Controller does not transfer personal data to non-EU countries; however it reserves the possibility to use services in cloud and in this case the service providers will be selected among those who provide adequate guarantees, as foreseen by the art. 46 GDPR 2016/679.