INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ART. 13 OF REGULATION (EU) N.2016/679
Pursuant to Art. 13 of Regulation (EU) n.2016/679 (hereinafter “GDPR”), Marco Godenzini with registered office in Via Italo Calvino 7 20063 Cernusco Sul Naviglio (MI) (hereinafter “Owner”) informs you that your personal data ( hereinafter “Data”) will be processed in compliance with the provisions of Regulation (EU) no. 2016/679 (hereinafter “GDPR) and in accordance with the following information.
Data controller. Responsible for the treatment
The Data Controller is Marco Godenzini with headquarters in Via Italo Calvino 7 20060 Cernusco sul Naviglio, Tel. +39 348 8513637, e-mail info@artworkseal.it The updated list of any data processors is available at the Data Controller’s headquarters .
Purpose and legal basis of the processing. Legitimate interests pursued
The data will be processed:
a) to fulfill the legal obligations to which the Data Controller is subject;
b) for the execution of contracts of which the Customer is a party or for the adoption of pre-contractual measures adopted at the request of the same;
c) for the assessment, exercise or defense of a right in court;
d) for sending commercial communications on products and services similar to those already purchased (so-called “soft spam”)
e) for promotional and marketing initiatives, including the sending of commercial communications on products and services, also by e-mail, sms, mms, fax, or the like and/or by means of the postal service or telephone calls with an operator;
f) to carry out profiling activities aimed at carrying out the activities referred to in letters d) and e) above;
g) for signing contracts electronically, by acquiring a graphometric signature.
The processing of Data for the purpose under a) does not require the consent of the Customer as it is necessary to fulfill the legal obligations to which the Data Controller is subject, pursuant to art. 6, c. 1, lit. c) of the GDPR.
The processing of Data for the purpose under b) does not require the consent of the Customer as the processing is necessary for the execution of the contracts of which the Customer is a party or for the adoption of pre-contractual measures adopted at the request of the same, pursuant to the ‘art.6, c. 1, lit. b) of the GDPR.
Data processing for the purposes sub c) does not require the consent of the Customer as it is necessary for the pursuit of the legitimate interest of the Data Controller, pursuant to art. 6, c. 1, lit. f) of the GDPR.
Data processing for the purposes under d) does not require the consent of the Customer as it is necessary for the pursuit of the legitimate interest of the Data Controller.
Data processing for the purposes under e) requires the consent of the Customer pursuant to art. 6, c. 1, lit. a) of the GDPR.
Data processing for the purposes sub f) requires the consent of the Customer pursuant to art. 6, c. 1, lit. a) of the GDPR.
Data processing for the purposes sub g) requires the consent of the Customer pursuant to art. 9, c. 2, lit. a) of the GDPR.
Provision of data and consequences in case of non-provision
The provision of Data for the purposes under a) and b) is optional, but necessary for the fulfillment of legal and contractual obligations.
The provision of data for the purposes under c) and d) is optional but necessary for the pursuit of the legitimate interests of the Data Controller indicated above. In all these cases, failure to provide the Data will make it impossible for the Owner to establish commercial relations with the Customer. The provision of Data for the purposes under e) f) g) is optional and failure to provide them will make it impossible for the Data Controller to carry out the functional activities to achieve the purpose in question.
Recipients or categories of recipients
The Data may be made accessible, brought to the attention of or communicated to the following subjects, who will be appointed by the Data Controller, depending on the case, as Managers or will act as independent.
companies of the group to which the Controller belongs (parent companies, subsidiaries, affiliates), employees and/or collaborators in any capacity of the Controller and/or companies of the group to which the Controller belongs;
private subjects, natural or legal persons, which the Data Controller uses to carry out the activities instrumental to achieving the aforementioned purpose or to which the Data Controller is required to communicate the Data, by virtue of legal or contractual obligations.
In any case, the Data will not be disclosed.
Data transfer to third countries
The Data will circulate exclusively within EU countries. Data will not be transferred to third countries.
Storage period
The Data will be kept for a maximum period of time equal to the limitation period of the rights that can be activated by the Data Controller, as applicable from time to time. If the Data are processed for the purposes of profiling referred to in letter f), they will be kept for a maximum period of 12 months.
Rights of access, cancellation, limitation and portability
The interested parties are entitled to the rights referred to in articles From 15 to 20 of the GDPR. By way of example, each interested party may:
obtain confirmation as to whether or not personal data concerning him is being processed;
if a treatment is in progress, obtain access to personal data and information relating to the treatment as well as request a copy of personal data;
obtain the rectification of inaccurate data and the integration of incomplete personal data;
obtain, if present, one of the conditions provided for by art. 17 of the GDPR, the cancellation of personal data concerning him;
obtain, in the cases provided for by art. 18 of the GDPR, the limitation of the treatment;
receive personal data concerning him in a structured format, commonly used and readable by an automatic device and request their transmission to another holder, if technically feasible.
Right to object
Each interested party has the right to object at any time to the processing of his personal data carried out for the achievement of a legitimate interest of the Data Controller. In case of objection, your personal data will no longer be processed, provided that there are no legitimate reasons for proceeding with the processing which prevail over the interests, rights and freedoms of the interested party or for the assessment, exercise or defense of a right in court.
Right to withdraw consent
In the event that consent is required for the processing of personal data, each interested party may also revoke the consent already given at any time, without prejudice to the lawfulness of the treatment based on the consent given before the revocation. Consent can be revoked by writing an e-mail to the address: info@artworkseal.it
Rights to lodge a complaint with the Guarantor
Furthermore, each interested party may lodge a complaint with the Guarantor for the Protection of Personal Data if he believes that the rights he holds under the GDPR have been violated, according to the methods indicated on the Guarantor’s website accessible at the address: www.garanteprivacy. it