Home - Historic Company - Privacy Policy for Customers and Suppliers
DATA CONTROLLER The Data Controller, that is, the Company that will decide the purpose and means of processing your personal data, is the Company "##store_name##" with registered office at ##store_address## - ##zipcode## Moriago della Battaglia (##province##) Tel. ##phone## email privacy@doimosalotti.it PURPOSE OF PROCESSING The personal data that we need to process are necessary for: - Fulfillment of all legal (administrative, accounting, and tax) and contractual obligations. - The Company may use your personal data to send you informational material related to products that our Company can provide, as well as any other commercial initiatives promoted by us. LEGAL BASIS OF PROCESSING The legal bases of the processing are: - Legal obligation with reference to regulations (e.g. tax); - Contract with reference to the processing of personal data related to obligations based on the contract itself; - Legitimate interest with reference to soft marketing activities, such as sending newsletters or promotional material. CONSEQUENCES OF Failure to COMMUNICATE PERSONAL DATA Regarding personal data relating to the execution of the contract of which you are a part or relating to compliance with a legal obligation (e.g. obligations related to accounting and tax records), failure to provide personal data prevents the conclusion of the contractual relationship itself. CATEGORIES OF PERSONAL DATA PROCESSED In particular, we would like to inform you that we may process the following categories of personal data: - Personal and tax data; - Contact information; - Banking codes; - Data related to the types of products purchased; - Data related to any contractual breaches. ENTITIES WITH WHOM WE WOULD LIKE TO SHARE YOUR PERSONAL DATA Your personal data will be treated as strictly confidential; specifically, the following entities may have access to your data: - Public authorities (e.g. tax offices); - Agencies for processing tax documents; - Credit institutions. PLACE OF PROCESSING All processing will be carried out in the European Economic Area. More specifically, the processing will take place mainly at the data controller's premises and will be carried out by them. Subject to communications made in compliance with legal and contractual obligations, personal data collected may be transferred to non-EU countries. In this case, the Data Controller will ensure the adequacy, where possible, of the legislation in force in the destination countries. In the absence of this, the Data Controller may transfer your personal data only where strictly necessary for the execution of the employment contract, as provided for in Article 49(1)(b). DATA PROCESSORS Where applicable, external data processors are appointed as subjects (expressed in a non-exhaustive manner), such as professionals or companies providing administrative and business management services on behalf of our Company. If desired, you can obtain a list of external data processors by contacting the Data Controller as identified above. DATA PROCESSING METHODS Data processing is carried out using automated and non-automated tools, in accordance with the specified purposes and in compliance with confidentiality requirements and the most suitable security measures. We also guarantee that, as provided for in Article 5 of the GDPR 2016/679, the personal data relating to you will be: - processed lawfully, fairly, and transparently; - collected for specific, explicit, and legitimate purposes; - processed in a manner consistent with these purposes; - adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed; accurate and, if necessary, updated; - stored in a form that allows identification of the data subjects; - processed in a manner to ensure the security of personal data, including protection through appropriate technical and organizational measures against unauthorized or unlawful processing and against accidental loss, destruction, or damage. DATA RETENTION PERIOD All data will be retained for the time necessary for the purposes for which they are processed and for any further period required by current tax legislation. RIGHTS OF THE DATA SUBJECT Data subjects have the rights set out in Articles 15, 16, 17, 18, 20, 21 of the aforementioned EU Regulation, including: - The right of access, i.e., to know what personal data our Company processes; - The right to request the correction of any errors and/or omissions; - The right to obtain the deletion of data; - The right to restrict data processing; - The right to data portability, i.e., the right to receive all personal data processed by our company in a structured and readable format by a computer device; - The right to object to the inclusion of all information. Data subjects also have the right to lodge a complaint with the supervisory authority.