PRIVACY POLICY
Information Document Article 13 Reg. EU 2016/679- GDPR - Privacy policy for personal data collected from the data subject
In respect of the provisions of Reg. EU 2016/679 (European General Data Protection Regulation) we hereby provide you with the due information on personal data processing. This privacy policy is provided in accordance with Art. 13 of Reg. EU 2016/679 (European General Data Protection Regulation).
DATA CONTROLLER - MANTERO SETA SPA, with registered office in 22070 Grandate (CO) – Via Riccardo Mantero no. 15, Tax Code/VAT no. 02387120138, in the person of Privacy Manager. Controller's contact details: e-mail privacy@mantero.com.
Personal data that may be processed: "personal data": any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; (C26, C27, C30).
PROCESSING PURPOSES | LEGAL BASIS | DATA STORAGE PERIOD | NATURE OF PROVISION
|
PROCESSING PURPOSES |
LEGAL BASIS |
DATA STORAGE PERIOD |
NATURE OF PROVISION |
|
Processing necessary as part of a contract or for the purposes of concluding a contract and related administrative, accounting and pre-contractual activities |
Contract Art. 6, par. 1, letter b) GDPR: processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
Legal obligation Art. 6, par. 1, letter c) GDPR: processing is necessary for compliance with a legal obligation to which the controller is subject.
|
10 years or different legal obligation
Art. 2220 of the Italian Civil Code
|
Necessary for the purposes of entering into the contract and managing the fulfilment of the related administrative/accounting obligations. Any failure to provide the data will not allow for the conclusion/performance of the contract.
|
DATA RECIPIENTS OR CATEGORIES OF RECIPIENTS - The personal data provided will be communicated to recipients, who will process the data in the capacity of processors (Art. 28 of Reg. EU 2016/679) and/or in the capacity of natural persons acting under the authority of the Controller and Processor (Art. 29 of Reg. EU 2016/679), for the purposes listed above. More specifically, the data will be communicated to:
- entities that provide services for management of the information system and communication networks (therein including email);
- firms or companies as part of assistance and consultancy relationships;
- competent authorities for fulfilling legal obligations and/or requirements of public bodies, upon request;
- for administrative-accounting purposes, the data may be sent to commercial information companies for the assessment of solvency and payment habits and/or to entities for credit recovery purposes.
The entities belonging to the aforementioned categories perform the role of Processor, or operate in total autonomy as separate Controllers.
TRANSFER OF DATA TO A THIRD COUNTRY AND/OR AN INTERNATIONAL ORGANISATION AND SAFEGUARDS - The personal data provided will not be transferred abroad to non-EU countries.
RIGHTS OF THE DATA SUBJECTS - The data subjects have the right to obtain from the Controller, in certain circumstances, access to the personal data and the rectification or erasure of the same or the restriction of processing relating to them or to object to the processing (Articles 15 et seq. of Regulation EU 679/2016). You may object to the processing based upon the legitimate interest at any time. You have the right to withdraw consent provided at any time and you have the right to withdraw the consent provided at any time without prejudice to the lawfulness of the processing based upon consent before the withdrawal. To exercise the rights, you may contact the Controller at the email address privacy@mantero.com. If you no longer wish to receive automated direct marketing communication (e-mail), write an email at any time to the address privacy@mantero.com entering in the subject “erasure from automated marketing” or use our automatic erasure systems provided only for e-mail. If you no longer wish to receive traditional direct marketing communications (telephone calls with operator), write an email at any time to the email address privacy@mantero.com entering in the subject “erasure from traditional marketing”. Data subjects who believe that the processing of personal data relating to them is occurring in violation of the provisions of the Regulation have the right to lodge a complaint with the Supervisory Authority (https://www.garanteprivacy.it/), as envisaged by Art. 77 of the Regulation, or to take legal action (Art. 79 of the Regulation).
Date: 22nd April 2022
MANTERO SETA SPA
PRIVACY MANAGER