INFORMATION IN IMPLEMENTATION OF THE 2016/679 EU REGULATION
Pursuant to art. 13 of the European Regulation (EU) 2016/679 (hereinafter GDPR), and in relation to the personal data that Personal Service Srl (hereinafter: "Data Controller") will come into possession, we inform you of the following:
Data controller and responsible for the protection of personal data
The data controller is Personal Service Srl in Via Copernico, 6 - 37059, Campagnola di Zevio (VR) with telephone +39 045 8732342 with email: email@example.com. The Data Controller has not appointed a person responsible for the protection of personal data (RPD or, Data Protection Officer, DPO).
Purposes of data processing
The processing is aimed at the correct and complete execution of the activity relating to the contractual relationship and your data will be processed in order to:
- fulfill the obligations envisaged for tax and accounting purposes;
- comply with the obligations incumbent on the company provided for by current legislation;
- establish, manage and terminate a contractual and commercial relationship;
Methods of data processing
The treatment is carried out by means of the operations indicated in art. 4 GDPR: collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication, transmission, dissemination, or any other form of making available, comparison or interconnection, limitation, cancellation and destruction of data.
The operations can be carried out with or without the aid of electronic or automated tools. The processing is carried out by the Data Controller or by external Managers or by those authorized to process. Personal data are processed in a manner strictly necessary to meet the purposes indicated above.
Legal basis of the processing
The Data Controller processes your personal data lawfully, where the processing:
- it is necessary for the execution of an order or contract of which you are a party or for the execution of pre-contractual measures adopted upon request;
- it is necessary to fulfill a legal obligation incumbent on the Data Controller;
Consequences of failure to communicate personal data
With regard to personal data relating to the execution of the contract of which you are a party or relating to the fulfillment of a regulatory obligation (for example the obligations related to the keeping of accounting and tax records), the failure to communicate personal data prevents the completion of the contractual relationship itself.
Data transfer to third countries
The management and storage of personal data will take place on servers located within the European Union, owned by the Data Controller or by third-party companies appointed and duly appointed as Data Processors. It is understood that the Data Controller, if necessary, will have the right to move the location of the servers to Italy and / or the European Union and / or non-EU countries. Personal data may be transferred even outside the EU to subjects with whom a collaboration is underway for the establishment and management of the assignment received by the Data Controller. In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in compliance with the applicable legal provisions, stipulating, if necessary, agreements that guarantee an adequate level of protection, and / or adopting the clauses standard contracts provided by the European Commission. In any case, it is hereby specified that the Data Controller will never transfer the personal data collected to third parties.
Your personal data, which are processed for the purposes indicated above, will be kept for the duration of the contract and, subsequently, for the time in which the Data Controller is subject to conservation obligations for tax or other purposes, required by law or regulation.
Your personal data may be disclosed to:
- consultants, accountants or lawyers who provide functional services for the purposes indicated above;
- banking and insurance institutions that provide functional services for the purposes indicated above;
- subjects that process data in compliance with specific legal obligations;
- Judicial or administrative authorities, for the fulfillment of legal obligations.
Profiling and dissemination of data
Your personal data are not subject to dissemination or to any fully automated decision-making process, including profiling.
Rights of the interested party
The rights recognized to you by the GDPR include those of:
- ask the Data Controller for access to your personal data and information relating to them; the correction of inaccurate data or the integration of incomplete ones; the deletion of personal data concerning you (upon the occurrence of one of the conditions indicated in art.17, paragraph 1 of the GDPR and in compliance with the exceptions provided for in paragraph 3 of the same article); the limitation of the processing of your personal data (if one of the hypotheses indicated in art.18, paragraph 1 of the GDPR occurs);
- request and obtain from the Data Controller - in the cases in which the legal basis of the processing is the contract or consent, and the same is carried out by automated means - your personal data in a structured and readable format by automatic device, also for the purpose to communicate such data to another data controller (so-called right to the portability of personal data);
- oppose the processing of your personal data at any time in the event of particular situations that concern you;
- withdraw consent at any time, limited to the cases in which the processing is based on your consent for one or more specific purposes and concerns common personal data (for example date and place of birth or place of residence), the treatment based on consent and carried out prior to the revocation of the same, however, it retains its lawfulness;
- lodge a complaint with a supervisory authority (Authority for the protection of personal data - www.garanteprivacy.it).