INFORMATION ON THE PROCESSING OF PERSONAL DATA
PURSUANT TO ART. 13 AND 14 OF EU REGULATION 2016/679
HOLDER OF THE TREATMENT
The owner of the processing of personal data is I.C.M. S.R.L. with legal and administrative headquarters Via Don Sasselli D’Era, 26 – 37041 Albaredo d’Adige (VR) (hereinafter also the owner).
PURPOSE OF THE TREATMENT
In fulfillment of the obligations established by current legislation, we inform you that I.C.M. S.R.L., carries out the processing of personal data in the context of normal business activities and in particular:
- a) for requirements relating to the stipulation of contracts;
- b) for the fulfillment of the obligations and the execution of the operations envisaged by the contracts entered into;
- c) for the issue of supply orders;
- d) for the execution of the obligations and obligations laid down by current legislation (administrative, tax, accounting, etc.);
- e) for the provision and improvement of services provided;
- f) for the management of the technical support service relating to the products marketed;
- g) to check the progress of relations with Customers and Suppliers;
The processing of data for the purposes indicated above finds its legal basis in art. 6 paragraph 1 letter a (consent), letter b (execution of pre-contractual and contractual obligations), letter c (fulfill legal obligation) of EU Regulation 2016/679.
As Data Controller of I.C.M. S.R.L., in compliance with the laws and regulations in force, will process your personal data in compliance with the principles of relevance and not excess.
METHODS AND PLACE OF DATA PROCESSING
The Data Controller adopts the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data. The treatment is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the Owner, in some cases, other subjects involved in the organization of this Application (administrative, commercial, marketing, legal, system administrators) or external subjects may also have access to the Data, also appointed, if necessary, Data Processors by of the owner. The updated list of Managers can always be requested from the Data Controller.
The data are processed at the operational headquarters of I.C.M. S.R.L. and in any other place where the parties involved in the treatment are located.
The User’s Personal Data may be transferred to a country other than the one in which the User is located.
The User has the right to obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organization under public international law or consisting of two or more countries, such as the UN, as well as regarding the security measures taken by the Data Controller to protect the Data.
The data are processed and stored for the time required by the purposes for which they were collected:
- Personal Data collected for purposes related to the execution of a contract between the Owner and the User will be retained until the execution of this contract is completed.
- Personal Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until the satisfaction of this interest. The User can obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.
When the treatment is based on the User’s consent, the Data Controller can keep Personal Data longer until such consent is revoked. In addition, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, Personal Data will be deleted. Therefore, at the end of this term, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
The company has a legitimate interest in sharing the personal data of its employees, customers and suppliers: therefore the personal data may be accessible both by the company and by the subjects authorized by them to process the data in compliance with the reciprocal data processing agreements.
The Company may also transfer personal data to suppliers and third parties who perform some services on its behalf, always in compliance with the data processing agreements and, if necessary, on the basis of the user’s consent. The data will be shared and made accessible to these external service providers only to the extent necessary to satisfy the purposes set out in this statement. The categories of external subjects that the company could use to carry out part of its business are the following:
- companies that perform banking and financial services;
- companies and / or external consultants for carrying out instrumental activities (management, collection of economic and financial information, management of information, insurance systems, management and protection of credit);
- companies and / or external consultants for the fulfillment of legal regulations (accountants, notaries, lawyers, labor consultants);
- marketing companies, agents and shippers;
LEGAL BASIS OF THE PROCESSING
The law guarantees a series of rights relating to your personal data. The Company undertakes to protect personal data and to comply with the data privacy laws in force from time to time. More information and suggestions on rights can be obtained from the national competent authority for the protection of personal data.
Rights What does this mean?
- Right to information
The user has the right to receive clear, transparent and easily understandable information on how his personal data is used and on his rights. It is for this reason that the information contained in this Policy is provided.
- Right of access The user has the right to obtain access to his / her data (if such data are being processed) and to other information (similar to that provided in this privacy statement). The aim is to ensure that the user is aware of and can verify whether his personal data is used in accordance with the data privacy law.
- Right of rectification The user has the right to have the information corrected in the event of inaccuracy or incompleteness.
- Right of erasure Also known as the “right to be forgotten”, in a nutshell, it allows you to request the deletion or removal of data where there is no valid reason to continue using it. This is not a general right to erasure, there are exceptions.
- Right to limit the processing of data The user has the right to “block” or to inhibit the further use of the information. When data processing is limited, the company can still retain the information, but cannot use it further. The company maintains lists of people who have requested the “blocking” of further use of their information to ensure that this restriction is respected in the future.
- Right to data portability The user has the right to obtain and reuse his personal data for his purposes in different services. For example, if you decide to switch to a new supplier, this right allows you to easily move, copy or transfer information between the company’s IT systems and their systems in a safe and secure way, without compromising their usability.
- Right to object to processing The user has the right to object to the processing for direct marketing purposes (carried out only with prior consent) and also to the processing that is carried out for the purpose of protecting the legitimate interests of the company.
- Faculty to make complaints The user has the right to lodge a complaint on the ways in which the company processes or processes his personal data with the national data protection supervisor.
- Right to withdraw consent If the user has given his consent to carry out any activity with his personal data, he has the right to withdraw this consent at any time (although, in this case, this does not imply illegality of what has been done up to that moment with personal data with the user’s consent). This includes the right to withdraw consent to the use of personal data for marketing purposes.
This information is effective from 25 May 2018. I.C.M. S.R.L. reserves the right to modify or simply update its content, in part or completely, also due to changes in the applicable legislation. I.C.M. S.R.L. invites the interested party to visit this section regularly to get acquainted with the most recent and updated version of the information in order to always be updated on the personal data collected and on the use that the company makes of it.