Cartigliano, 19 September 2018
We hereby inform you that your personal data, acquired or to be acquired by Officine di Cartigliano Spa as “Data Controller (hereinafter referred to as the “Controller”), will be processed in compliance with legal requirements and your rights as data subject (hereinafter referred to as “Data Subject”).
The processing may include the following operations: collection (by telephone, via the internet or in writing), recording, organisation, storage and processing on paper or on magnetic, automated or computerized storage systems, alteration, selection, retrieval, alignment, use, interconnection, disclosure, erasure and destruction of the data, or combinations of two or more of the aforesaid operations.
The Controller may also appoint one or more Processors or persons authorised to process. Authorised in-house processors typically belong to the functional areas of this Company which need to process data for the purposes indicated in this disclosure.
The security of processing is ensured by appropriate technical and organisational measures, such as, among other things, electronic archives, access to which is restricted to authorised and periodically updated personnel profiles, protected by a firewall, anti-virus, anti-spam, backup and data recovery systems in the event of accidents, and maintenance services.
The purpose of the processing is to fulfil pre-contractual and contractual obligations (supply or purchase of goods and/or services, including the management of delivery, logistics and transport obligations relating thereto) and legal obligations (e.g. keeping accounts, tax procedures, administrative and accounting management, etc.).
The legal basis of the processing is the fact that this is required for the execution of a contract of which you are a contracting party or for the execution of pre-contractual measures, or to fulfil a legal obligation which the Controller is subject to.
In any case, it is a legitimate interest of our Company to be able to process the data in order to effectively and efficiently manage relationships with suppliers/associates and the related internal and external organisational processes.
Without prejudice to the disclosure of data to third parties in compliance with legal requirements or pursuant to regulations or other EU legislation, or at the request of judicial authorities or other third parties whose right thereto is recognised by these provisions, the data may be disclosed by us to the following categories of third-party recipients:
The Controller will proceed to appoint as data Processors, all the categories of recipients to whom the data will be disclosed, except in those cases where they act in the capacity of independent data controller in accordance with the applicable legislation.
The Controller will not transfer personal data to Third Countries or International Organisations. If this should happen in the future, we would provide a separate policy document in advance illustrating the appropriate legal guarantees that need to go with such transfer, and any request for consent to processing, where required.
Your failure to provide any data requested from you may make it impossible for the Controller to meet contractual obligations and/or those required by law.
The data will be processed for the whole period specified within the contracts and, subsequently, only for the period required for us to perform our legal obligations (normally 10 years for accounting requirements). In the event of any dispute with the data subject and/or with third parties, the data will be processed for the time strictly required to exercise the protection of the Controller’s rights.
Pursuant to Articles 15 to 22 of the GDPR 2016/679, you may, at any time, exercise the right to:
The Controller for the processing of your personal data is Officine di Cartigliano SpA, which you can contact in order to exercise the aforesaid rights via the following addresses: