Information pursuant to Article 13 of the EU Regulation No. 2016/679 on the processing of personal data
According to art. 13 EU Regulation no. 2016/679 concerning the processing of personal data, the undersigned S.E.I. S.r.l. Servizio Elettronica Industriale, with registered office in Civate, Via Fiume nr.8, as data controller, informs its customers that the personal data acquired with reference to the business relationships established will be processed in compliance with the above-mentioned regulation. In accordance with the aforementioned legislation, such processing will be based on the principles of correctness, lawfulness and transparency and the protection of confidentiality, as indicated below.
Subject of processing
The personal data collected and processed by the writer are:
- identifying data (biographical data, location/address, tel., fax, e-mail, tax data, etc.).
- data related to economic and business activity (orders, bank data, accounting and tax data, etc.).
Purpose of processing
Your personal data are processed:
- without your express consent (Art. 6(b), (e) EU Regulation No. 2016/679), for the following Service Purposes:
- conclude contracts for the Holder's services;
- Fulfilling pre-contractual, contractual and tax obligations arising from existing relationships with you;
- Fulfill obligations under the law, a regulation, EU legislation or an order of the Authority (such as in the field of anti-money laundering), in accordance with Article 6 paragraph 1 letter c) of EU Regulation No. 2016/679;
- Exercise the rights of the Controller, such as the right to defense in court, in accordance with Article 6 paragraph 1 letter f) of EU Regulation No. 2016/679.
In all these cases, the provision of data for the performance of the aforementioned activities is indispensable for the exact execution of a contract to which the interested party is a party or to the execution of pre-contractual measures adopted at the request of the same, and therefore, failure to provide the data prevents the conclusion of the contract for the services of the Controller. The necessity of the provision of data for the execution of a contract to which the data subject is a party or for the execution of pre-contractual measures taken at the request of the same constitutes the legal basis for the processing of data under Article 6 paragraph 1 letters b) and c) of EU Regulation No. 2016/679.
Only with your specific and distinct consent (Articles 6 paragraph 1 letter a) and 7 EU Regulation No. 2016/679), for the following Marketing Purposes: to send you by email, mail and/or telephone contact, newsletters, commercial communications and/or advertising material on products or services offered by the Owner and satisfaction survey on the quality of services;
. The provision of data for the purposes referred to in Article 2.B) is optional. You may therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided, by revoking your consent in accordance with art. 7 paragraph 3 of EU Regulation No. 2016/679: in this case, you will not be able to receive newsletters, commercial communications and advertising material related to the Services offered by the Data Controller. You will, however, continue to be entitled to the Services referred to in Article 2.A).
We would like to point out that if you are already our customer, we may send you commercial communications relating to services and products of the Controller similar to those you have already benefited from, subject to your right to revoke the consent already given in accordance with Article 7 paragraph 3 of EU Regulation No. 2016/679), specifying in this regard that the revocation of such consent does not affect the lawfulness of the processing performed based on the consent previously given before the revocation.
Mode of treatment
The processing of your personal data is carried out by means of the operations indicated in Article 4 No. 2) EU Regulation No. 2016/679, namely: collection, recording, organization, structuring, storage, consultation, processing, adaptation or modification, selection, extraction, comparison, use, consultation, interconnection, blocking, communication by transmission or any other form of making available, restriction, deletion and destruction of data. The data acquired will be processed with electronic, computer and telematic instruments and with paper supports with logics strictly related to the above-mentioned purposes by internal collaborators and employees specially appointed for the processing or by external data processors. The data are stored on both paper and computer media in compliance with the minimum security measures provided by law, both technical and organizational, appropriate to ensure the confidentiality and privacy of personal data, taking security measures to prevent alteration, loss, processing or unauthorized access and to ensure the integrity and security of personal data. According to the principle of minimization, the data that the Data Controller may process will be adequate, relevant and limited to what is necessary according to the purposes for which they are processed and respecting in all cases the wishes of the data subject.
Pursuant to Article 13 paragraph 2 letter a) of the EU Regulation No. 2016/679, the Data Controller specifies that it will process personal data for as long as necessary to fulfill the above purposes and in any case for no longer than 10 years from the termination of the relationship for the Service Purposes (also taking into account the ordinary limitation period in contractual relationships) and for no longer than 2 years from the collection of the data for the Marketing Purposes.
Access to your data
In accordance with Article 13 letter e) of EU Regulation No. 2016/679, it is specified that personal, accounting and tax data will not be communicated, sold or exchanged with third parties, except to consultants and technicians, in the capacity of data processors or external data controllers, for the performance of functional activities for the company, such as administrative, operational, accounting, tax and legal activities.
In this case, the use by third parties must take place in full compliance with the principle of fairness, lawfulness and transparency and the current legal provisions and in particular that of Article 28 of EU Regulation No. 2016/679.
The updated list of external data controllers and data processors is kept at the registered office of the Data Controller.
Without the need for express consent (art. 6 paragraph 1 lett. b) and c) EU Regulation No. 2016/679), the Data Controller may communicate your data for the purposes referred to in art. 2.A) to judicial and/or administrative Authorities as well as to all those subjects to whom the communication is obligatory by law for the fulfillment of the said purposes. These subjects will process the data in their capacity as autonomous data controllers.
Rights of the data subject
In your capacity as data subject, in accordance with Article 13 paragraph 2 letter b) of EU Regulation No. 2016/679 You have the right to request from the data controller access to your personal data (Article 15 EU Regulation No. 2016/679), their rectification (Article 16 EU Regulation No. 2016/679), their erasure (Article 17 EU Regulation No. 2016/679), the restriction of the processing of the same data (Art. 18 EU Regulation No. 2016/679), to object to their processing (Art. 21 and 22 EU Regulation No. 2016/679) and you still have the right to data portability (Art. 20 EU Regulation No. 2016/679).
In your capacity as data subject, you may assert your rights by contacting S.E.I. S.r.l. Servizio Elettronica Industriale, based in Civate, Via Fiume nr.8 as the data controller, using the contact information below. He/she also and in any case has the right to lodge a complaint with a supervisory authority according to the rules of EU Regulation No. 2016/679 and in particular, according to Article 77 of the same Regulation, with the supervisory authority of the Member State in which he/she normally resides or works, or of the place where the alleged infringement occurred, always without prejudice to the right to apply in any case to the competent ordinary judicial authority.
Contact details of the Data Controller