Information on data processing pursuant to EU Regulation 2016/679
BONFANTI S.R.L., with registered office in Strada Statale Briantea, 4 - 24030 Ambivere (BG) (hereinafter, “Controller”), as Controller of the process, informs you that in accordance with art. 13 EU Regulation n. 2016/679 (hereinafter also “Regulation”) that your data will be processed with the following methods and purposes:
A) METHODS AND PURPOSES OF THE PROCESS THE DATA WILL UNDERGO
The processing of the personal and particular data by you provided is directly aimed at:
- the fulfilment of the obligations arising out of the fulfilment and execution of a contract/service provided;
- answering any eventual requirements or requests for services/products;
- the fulfilment of legal obligations related to civil, fiscal and accounting provisions (administrative purposes);
- the enforcement of the Controller's rights, such as defense in court proceedings.
The processing will comply with the need and relevance, lawfulness and fairness rules as provided us by the legislation (EU Regulation), in the ways and within the limits necessary to pursue the aforementioned purposes.
The processing will happen through paper and electronic tools adapt at guaranteeing security and privacy; it may also happen through tools able to memorize, manage and transmit the data.
B) LEGAL BASIS OF THE TREATMENT
The provision of the personal data is mandatory in order to comply with the purposes at the points aforementioned, i.e. to comply with contractual and administrative obligations.
C) AREA OF COMMUNICATION AND DISSEMINATION OF DATA
As we carry out our business, the data may be communicated to:
- Public administrations, in order to comply with their institutional functions, within the limits established by law and by regulations;
- Debt collection agencies;
- Insurance firms;
- Accounting firms and to firms which elaborate data for fiscal accounting and consulting;
- Lawyers for legal assistance in case of disputes over the contract;
- Consulting firms, professionals and institutions which operate for the company in various sectors;
- Bank institutes and financial firms for the fruition of financial, banking, etc. services;
- Other authorities/institutions/firms/professionals in responsible for the connected purposes and functional to the given assignment;
- Our suppliers in order to correctly fulfill the contractual and pre-contractual obligations;
The data processing may be carried out by the identified person in charge, appointed through specific written appointment letters, whose names are available at our firm.
D) OVERSEAS DATA TRANSFER
Your personal data won’t be transferred overseas, or in any case outside of your national jurisdiction; otherwise, if needed, it will be done because of a legitimate interest of both parties and always pursuant to current legislation with regard to personal data protection.
E) RIGHTS OF THE INTERESTED PARTY
The interested parties have to right to ask the data Controller to access their personal data and the correction or cancellation of it or the sole limitation of the process it undergoes or to oppose the processing (art. 15 and following of the GDPR). Those rights can be exercised through the same contacts listed at the following point F).
F) SUBMISSION OF COMPLAINTS
The interested parties can lodge complains to the firm whenever they deem necessary, through the following contacts:
Phone: 035/90.89.11; or: mail: firstname.lastname@example.org
The interested party also has the right to lodge a complaint to the competent control authority.
G) CONTROLLER IDENTIFICATION
Controller of the processing of your personal data is BONFANTI S.R.L., with registered office in Strada Statale Briantea, 4 – 24030 Ambivere (BG).
For any information or request regarding the legislation at issue you can refer to the above-mentioned contacts.
H) PERIOD AND MODE OF DATA RETENTION
The data Controller will process the personal data for the time necessary to fulfill the purposes mentioned above and, in any case, no longer than the fiscally scheduled time by the legislation (10 years from the termination of the relationship). Expired this time the data will be erased.
I) EXISTENCE OF AN AUTOMATED DECISIONAL PROCESS, INCLUDING PROFILING REFERRED TO IN ART. 22
The Controller doesn’t perform any processes which consist in the automated decisional process of the processed data.
The data is safeguarded and controlled through the adoption of appropriate preventative security measures in order to minimize the risk of loss and destruction, of non-authorized access, and of not allowed and dissimilar processing from the purposes for which it is carried out.