INFORMATION ON THE PROCESSING OF PERSONAL DATA IN ACCORDANCE WITH ARTICLES 13-14 OF THE GDPR (GENERAL DATA PROTECTION REGULATION) 2016/679
The undersigned Company informs you that for the management of commercial relationships, it is the Controller of your so-called “personal” data pursuant to and for the purposes of the privacy protection code (Legislative Decree no. 196/2003) and subsequent amendments and EU Regulation 2016/679 (“GDPR”).
and therefore informs you that:
1. CONTROLLER CONTACTS
The Data Controller is SC FIRENZE S.R.L. represented by the legal representative pro tempore, with registered offices in VIA DI S. NICCOLO’ 72R FIRENZE ITALIA who can be contacted by mail at these addresses or: via e-mail at firstname.lastname@example.org, or via certified e-mail at email@example.com or by phone at +39 055 094 4476.
2. PURPOSE OF DATA PROCESSING
Your personal data is processed:
without your express consent (article 24, letters a), b), and c) of the Privacy Code and article 6, letters b) and e) of the GDPR) for the following service purposes:
– conclude any requests or contracts for the services / products of the Controller;
– fulfilment of pre-contractual, contractual, and tax obligations deriving from existing relationships with you;
– fulfilment of the obligations established by Italian law, by a regulation, by European Community legislation, or by order of an Authority (for example relating to anti-money laundering);
– exercise the rights of the Data Controller, for example the right to legal defence;
3. PROCESSING METHODS
Your personal data is processed using the methods indicated in Article 4 of the Privacy Code and Article 4 (2) of the GDPR, and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation, erasure and destruction. Your personal data is processed both on paper and electronically.
Your data may be made accessible for the purposes referred to in art. 2:
Data communication Without the need for express consent (ex Article 24 letter a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data for the purposes referred to in art. 2 to Supervisory Bodies (such as IVASS), Judicial Authorities, to insurance companies for the provision of insurance services, as well as to those subjects to whom the communication is mandatory by law for the accomplishment of said purposes. These subjects will process the data in their roles as independent data controllers.
Your personal information will not be disclosed.
5. NATURE OF DATA PROVISION AND CONSEQUENCES OF REFUSAL TO RESPOND
The provision of data for the purposes referred to in Article 2 is mandatory. In their absence, we will not be able to guarantee the requested Services
The provision of data for ancillary purposes, while browsing the site, will have to be accepted in an optional way.
You can therefore decide to not provide any data or to refuse the processing of data that had been provided at an earlier date. In this case, you will not be able to receive newsletters, commercial communications, and advertising material regarding the services offered by the Controller.
6. RETENTION TIME
The Data Controller will process your personal data for the time necessary to fulfil the aforementioned purposes and for a period not exceeding 10 years from the termination of the relationship for Service Purposes and no exceeding 2 years from the date on which the data was collected for Marketing Purposes.
7. PROCESSING SITE
The data are currently processed and stored at the registered office, VIA DI S. NICCOLO’ 72R FIRENZE ITALIA. They are also processed, on behalf of the Undersigned, by professionals and/or companies appointed to carry out accounting-administrative and work consultancy activities, as indicated above.
8. RIGHTS OF THE DATA SUBJECT
As a data subject, you have the possibility to exercise all the rights recognised and guaranteed by art. 7 and subsequent of the Privacy Code and the new provisions of the European General Regulation 679/16 (so-called GDPR) with the company and, in particular, you will have the right to obtain at any time:
a) confirmation of the existence or otherwise of the processing of personal data concerning you and, if so, to gain access to personal data as well as information on the categories of personal data processed, the recipients or categories of recipients to whom personal data are or will be communicated, on the expected retention period, on the existence of the right to request rectification, cancellation or limitation of processing, on the right to lodge a claim with a supervisory authority, on the existence of an automated decision-making process, including profiling;
b) the immediate correction of inaccurate personal data and the integration of incomplete personal data;
c) the immediate cancellation of personal data concerning you when consent is revoked, they are no longer necessary for the purposes for which they were collected or otherwise processed or the legal basis for processing, has ceased, if they have been unlawfully processed or this obligation is imposed by law or judicial authorities;
d) the limitation of the processing of personal data concerning you if you contest the accuracy of the same or the processing is illegal or even if the Company no longer needs it for processing, personal data are still necessary for the verification, exercise or defence of a right in court;
e) the personal data concerning you provided to the Company in a structured format, commonly used and readable by automatic device and to transmit this data to another data controller without impediments by the Company, if the processing is done by automated means. If technically feasible, you also have the right to obtain direct transmission (so-called “Data portability”) of your personal data from the Company to another data controller;
f) the withdrawal of consent provided for the processing of sensitive data.
In addition to the rights mentioned above, it is always up to the Data Subject to submit a claim for any matter concerning the processing of their personal data before the Personal Data Protection Authority.
The above rights may be exercised by sending a written request or by e-mail to the Company using the contacts provided in paragraph 1 of this statement.
The company will inform you if it intends to further process the data you have provided for a purpose other than that for which it was collected.
As is customary on all websites, this website also utilises cookies, small text files that permit the storage of information regarding visitor preferences, to improve site operations, to simplify navigation by automating the procedures (such as for login and website language) and to analyse website use.
Session Cookies are essential in order to distinguish between Users connected to the website and they help to prevent a requested feature being provided to the wrong User, as well as for security purposes to stop cyber-attacks on the website. Session Cookies do not contain personal data and last only for the current session, being until the browser is closed. No consent is required for their utilisation. Functionality cookies utilised by the website are strictly necessary for the utilisation of the website. In particular, they are connected to an express request for functionality by the User (such as Login), for which no consent is required.
This website also acts as an intermediary for Third-party Cookies, which are utilised to provide additional services and features to Visitors. These also improve User experience of the Website via such things as buttons for social media sites, or videos. This Website has no control over Third-party Cookies, which are entirely managed by the third parties. As a consequence, information on the utilisation of these Cookies and their purpose, as well as how to disable them, are provided directly by the third parties on the pages indicated below.
Further information on Google Analytics cookies can be found at Google Analytics Cookie Usage on Websites.
The user can selectively disable data collection by Google Analytics by installing the specific component provided by Google (opt out) on the user’s browser.
cookie: test_cookie .doubleclick.net is not a permanent cookie, but is used to check if the user’s browser supports cookies.
For further information on data use and processing by Google, please read the information in the specific page provided by Google, and the page on How Google uses data when you use partner sites or apps.
This Website also incorporates plugins and/or buttons for social media networks, in order to allow easy sharing of content on your preferred social media networks. These plugins are programmed so as not to set any Cookies when users access the page in order to safeguard the privacy of Users. Cookies may be set, if so provided by the social networks, only when the user makes effective and voluntary use of the plugin. Please note that if the User browses the Website whilst logged in the social network, then he/she has already given consent to the utilisation of Cookies conveyed through this Website at the time of registration to the social media network. The collection and utilisation of the data obtained by means of the plugins are regulated by the respective Privacy Policies of the social media networks, to which reference should be made.
Transfer of Data to Non-EU Countries
This Website may share some of the data collected with services located outside the European Union area. In particular with Google, Facebook, and Microsoft (LinkedIn) through social plugins and Google Analytics. Transfer is authorised based on specific decisions of the European Union and the Guarantor for the protection of personal data, in particular, Decision 1250/2016 (Privacy Shield – here the Italian Guarantor’s information page), for which no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield.
Google is appointed data processor, processing data on behalf of the owner (Google Analytics).