INFORMATION ON THE COLLECTION OF PERSONAL DATA
ART. 13 OF EU REGULATION 2016/679
This information is provided to customers, whether they are natural persons or natural persons who operate in the name and on behalf of customers, legal persons, of PROFIL PORTE SRL, pursuant to art. 13 d. lgs. June 30, 2003 No. 196 – “Code regarding the protection of personal data” and art. 13 GDPR 679/2016 – “European regulation on the protection of personal data”.
Identity of the owner
The Data Controller of the customers of natural persons, or of natural persons who operate in the name and on behalf of clients, legal entities, is CABRINI ROBERTO di PROFIL PORTE SRL with headquarters in CORSO INDUSTRIA, 12, 14010 – DUSINO SAN MICHELE.
The DPO has not been designated.
The personal data processed are those provided by the interested party on the occasion of:
– visits to the offices;
– interactions through the website;
– requests for information, including via email;
– previous transactions.
Purpose of the treatment
Tax compliance, organizational management and bureaucratic fulfillment of the services requested. Management of pre-contractual negotiations and relationships. Management of the commercial activities involved in the entrepreneurial activity. Finally, all the personal data of the aforementioned interested parties will be entered in the owner’s archives and used (having regard to art. 130 paragraph 4 of Legislative Decree 196/2003 and also having regard to the General Provision of the Guarantor OJ 1 July 2008 n ° 188 / C, formulation 6, points a, b, c) for sending communications concerning products, services, news and promotions.
The legal basis is constituted by the execution of a contract of which the interested party is a part or by the execution of pre-contractual measures adopted at the request of the same. Some treatments are carried out for the legitimate interest of the owner (promotion of their commercial activities and pursuit of the statutory purposes).
Recipients of the data
The personal data processed by the Data Controller will not be disclosed, or will not be disclosed to indeterminate subjects, in any possible form, including that of making them available or simple consultation. Instead, they may be communicated to workers who work for the Data Controller and to some external subjects who collaborate with them. They may also be communicated, within the strictly necessary limits, to subjects who, for the purpose of processing purchases or other requests or services relating to the transaction or contractual relationship with the Data Controller, must provide goods and / or perform services or services. Finally, they may be communicated to subjects entitled to access them by virtue of legal provisions, regulations, community regulations. In particular, based on the roles and job duties performed, some workers have been legitimized to process personal data, within the limits of their competences and in accordance with the instructions given to them by the Data Controller.
Transfer of data
The Data Controller does not transfer personal data to third countries or to international organizations. However, it reserves the right to use cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as required by art. 46 GDPR 679/16.
The Data Controller stores and processes personal data for the time necessary to fulfill the indicated purposes. Subsequently, personal data will be stored, and not further processed, for the time established by the current civil and fiscal provisions.
Rights of the interested party
With reference to art. 7 of the legislative decree 196/2003 and to the articles 15 – right of access, 16 – right of rectification, 17 – right to cancellation, 18 – right to limitation of processing, 20 – right to portability, 21 – right to object, 22 right to object to the automated decision-making process of the GDPR 679 / 16, the interested party exercises his rights by writing to the Data Controller at the above address, or by email, specifying the subject of his request, the right he intends to exercise and attaching a photocopy of an identity document that certifies the legitimacy of the request.
Withdrawal of consent
With reference to art. 23 of Legislative Decree 196/2003 and art. 6 of GDPR 679/16, the interested party can revoke any consent given at any time. However, the processing covered by this information is lawful and permitted, even in the absence of consent, as necessary for the execution of a contract to which the interested party is a party (the supply relationship) or for the fulfillment of his requests.
The interested party has the right to lodge a complaint with the supervisory authority of the state of residence.
Refusal to provide data
Individual customers cannot refuse to provide the Data Controller with the personal data necessary to comply with the legal regulations governing commercial transactions and taxation. The provision of their further personal data may be necessary to improve the quality and efficiency of the transaction. Therefore, the refusal to provide the data necessary by law will prevent the fulfillment of orders; while failure to provide further data may compromise all or part of the processing of other requests and the quality and efficiency of the transaction itself. Persons who operate in the name and on behalf of clients are legal persons who can refuse to give their owner their personal data. The provision of personal data is however necessary for a correct and efficient management of the contractual relationship. Therefore, any refusal to provide the data may compromise the contractual relationship in whole or in part.
Automated decision-making processes
The Data Controller does not carry out treatments that consist of automated decision-making processes on the data of customers, natural persons, or of natural persons who operate in the name and on behalf of clients, legal persons.