1. European Privacy GDPR
Pursuant to and for the purposes of the provisions of art. 13 of the 2016/679 European Regulation on the protection of Personal Data ('GDPR') and national privacy legislation, we inform you that your Personal Data will be processed through electronic instruments, manual tools and social networks, in Italy and abroad.
This informative note, drawn up on the basis of the principle of transparency and all the elements required by the GDPR, is divided into individual sections each of which deals with a specific topic in order to make the reading faster, more simple and easier to understand (hereinafter the 'Policy').
2. WHO IS THE CONTROLLER?
The Controller (hereinafter 'Data Controller') is ORVED S.P.A. with registered office in Via Artigianato, 30 30024 Musile di Piave (VE) - Italy
3. DATA PROTECTION OFFICER
The Data Controller has not appointed a DPO under Article 38, however you have the possibility to contact the privacy office for all matters relating to the processing of your Personal Data and the exercise of the rights provided by the GDPR to the following data contact: email@example.com
4. WHAT IS THE LEGAL BASIS OF THE PROCESSING OF YOUR PERSONAL DATA?
The legal basis of the processing of your Personal Data is:
Obligations and contractual obligations;
Obligations of the law;
Commercial consent and use of the service;
5. WICH PURPOSES WILL YOUR DATA BE TREATED?
A) Your Personal Data will be processed for the purpose of managing the service and fulfilling legal obligations:
Invoicing the amounts due and any additional services.
Execution of the supply contract or order of supply.
Subscription and activation of the provision of the maintenance and assistance service and related services provided for in the supply contract and / or maintenance and / or assistance.
Compliance with regulatory, accounting, administrative and tax obligations.
Assistance to the Service, in some cases also through the detection of the MAC address and / or of the IP address and / or other electronic identifiers.
Management of any complaints and disputes.
Fraud prevention and management of delays or missed payments. Protection and eventual recovery of the credit, directly or through third parties (Agencies / Credit recovery companies, law offices) to which the data necessary for these purposes will be communicated.
Transfer of credit to authorized companies.
Preservation and use of accounting data relating to the punctuality of payments for reward policies and to reject future contractual relations.
Reporting and quality control.
Commercial and / or technical communications: Communication and / or sending (by e-mail, text messages, notifications, mail, telephone contact, etc.), also with automated methods, of commercial and / or technical information and material related to the management of the contract and related to the current service..
Web management for access by login to the personal area.
B) Furthermore, your Personal Data with your optional consent will be processed for the purposes of:
Commercial communications: communication and / or sending (by e-mail, text messages, mail, notifications, telephone contact, etc.), also with automated methods, of information and commercial offers, advertising and promotional material on own services and / or also of third parties.
Event communications: communication and / or sending (by e-mail, text messages, mail, notifications, telephone contact, etc.), also with automated methods, of material related to events, seminars, congresses, directly organized by us or from third-party companies. The provision of your data is necessary for the achievement of the purposes referred to in point A).
Your missed, partial or incorrect conferment could result in the inability to activate and provide the requested service or follow up the purchase contract and / or maintenance and / or assistance. Furthermore, the provision of your data for the specific purposes referred to in point A) is optional, but any refusal will make it impossible for ORVED S.P.A. to process your request and contact you. In any case and as detailed below, you can revoke your consent at any time.
In any case and as detailed below, you can revoke your consent at any time.
TO WHICH PERSONS CAN YOUR PERSONAL DATA BE DISCLOSED?
Your personal data will be processed exclusively by persons authorized to process and by persons designated as Data Processors in compliance with the GDPR in order to correctly perform all the processing activities necessary to pursue the purposes set out in this Information. Your Personal Data may be disclosed to Public Bodies or Judicial Authorities, where required by law or to prevent or suppress the commission of an offence and in any case to:
Who is the legitimate recipient of communications required by law or regulations (such as, for example, Offices and Public Authorities);
Who is the recipient of necessary communications in execution of the obligations deriving from the Service and from the signed contract;
Third-party companies specialized in the management of commercial and credit information (such as, for example, call centres, data processing centres, banks, etc.);
Companies and / or collaborators for the management of administrative services that are used to fulfil their legal or contractual obligations;
Other subjects (factories, companies, natural persons) who collaborate with the Data Controller in the field of services and supplies proposed by the same.
6. MORE INFORMATION
With your free and optional consent, the only Personal Data necessary for the pursuit of the activity (including name, surname, address, e-mail, telephone, residence and / or domicile address, date and place of birth, social security number) will be communicated by ORVED SPA to the following categories of third-party companies:
Companies active in the electronic commerce of products and services to companies;
Web Agency and Social Network only for services offered by us that involve the aforementioned subjects.
Personal Data of minors under the age of 16 is not required unless authorized by the holder of parental responsibility.
7. LEGITIMATE INTEREST OF THE DATA CONTROLLERThe Data Controller has the legitimate interest in transferring personal data to companies within the corporate structure for administrative, analytical and internal reporting purposes.
8. HOW LONG WILL YOUR PERSONAL DATA BE TREATED?
Your Personal Data will be kept for the period necessary for the pursuit of the purposes related to point A) above. In particular, your Personal Data will be processed for a period of time equal to the minimum necessary, that is until the termination of the contractual relations between you and the Data Controller without prejudice to a further retention period that may be imposed by law.Moreover, if you decide to release your optional consent related to the commercial purposes referred to in point B) your data will be retained, subject to revocation of consent.Data relating to the spontaneous delivery of the curricula will be kept for no more than two years from the date of receipt.Your data will be kept for a further period in relation to the purposes of disputes and any controversy.
9. HOW CAN YOU REVOKE THE PREDICTED CONSENT?
You have the right to revoke your consent issued to the Data Controller at any time totally and / or partially without prejudice to the lawfulness of the Processing based on the consent given prior to the revocation. To revoke your consent you can contact the Data Controller at the addresses published in this statement.
10. PERSONAL DATAYour Personal Data will be processed by the Data Controller within the territory of the European Union.
11. WHERE WILL YOUR DATA BE TREATED?If for technical and / or operational reasons it is necessary to make use of subjects located outside the European Union, we inform you from now on that these subjects will be appointed as Data Processors pursuant to and for the purposes of article 28 of the GDPR and the transfer of your Personal Data to these subjects, limited to the performance of specific treatment activities, will be governed by a specific appointment contract in accordance with the guarantees and protections provided by the GDPR.All necessary precautions will be taken to ensure the full protection of your Personal Data basing this transfer on the assessment of appropriate guarantees including, for example, decisions on the adequacy of the third country recipients expressed by the European Commission; adequate guarantees expressed by the recipient third party pursuant to Article 46 of the GDPR. In any case you can request more details from the Data Controller if your Personal Data have been processed outside the European Union requesting evidence of the specific guarantees adopted.
12. WHAT ARE YOUR RIGHTS?
We remind you that you can exercise your rights under the GDPR and in particular obtain:
The confirmation that a Personal Data Processing concerning you is being processed and obtain access to the data and the following information (purpose of the processing, categories of Personal Data, recipients and / or categories of recipients to whom the data were and / or will be communicated, retention period);
The correction of inaccurate Personal Data concerning you and / or the integration of incomplete Personal Data, also by providing an additional declaration; the cancellation of Personal Data, in the cases provided for by the GDPR;
The limitation to Processing in the cases provided for by the current Privacy Law;
The portability of data concerning you, if feasible and relevant with the service provided the opposition to the Processing at any time, for reasons related to your particular situation, to the processing of Personal Data concerning you in full compliance with the current Privacy Act.
You can exercise your rights by contacting the email address firstname.lastname@example.org attaching a copy of the identity document where necessary.
In any case you will always have the right to lodge a complaint against the competent supervisory authority (Guarantor for the Protection of Personal Data), pursuant to art. 77 GDPR, if you believe that the processing of your data is contrary to the current Privacy Law.