Privacy Policy

Object: Privacy Notice Information pursuant to Article 13 of the (EU) Regulation 2016/679

Dear Customer/ Supplier,

We wish to inform you that, pursuant to art. 13 of Legislative Decree no. 196/2003 and of art. 13 of EU Regulation 2016/679, laying down provisions for the protection of persons and other subjects regarding the processing of personal data, personal data (personal and fiscal data) supplied by you will be processed in compliance with the aforementioned legislation and according to the principles of lawfulness, fairness, transparency and protection of your privacy and your rights, with particular reference to integrity, confidentiality, personal identity and the right to protection of personal data.

PURPOSE OF THE TREATMENT

The collection and processing of personal data are carried out in order to conduct:

  • the fulfillment of all operations imposed by regulatory obligations;

  • operations strictly connected and instrumental to the start of contractual relationships, including the acquisition of preliminary information to the conclusion of the Contract;

  • send communications regarding the services offered, newsletters and personalized news, containing promotional materials for their activities and services, using automated methods (e-mail);

  • management of relations with the supplier for administration, accounting, orders, shipments, invoicing, services, management of any dispute;

and will be subject to treatment based on the principles of correctness, lawfulness, transparency and protection of your/ your privacy and your/ your rights.

The contractual, purchase of products and services, commercial and non-commercial and promotional purposes relate to the processing of personal data of the Supplier only. The Supplier’s personal data will be processed for the entire duration of the contractual relationships established and also subsequently for the fulfillment of all legal obligations as well as for future commercial purposes.

HANDLING PROCEDURES

The data processing will be carried out in an automated and / or manual form, with methods and tools, in compliance with the security measures set forth in art. 32 of the GDPR 2016/679 and Annex B of the Privacy Code (Articles 33-36 of the Code), by persons specifically appointed, in compliance with the provisions of art. 29 GDPR 2016/679. Security measures will be used to guarantee the confidentiality of the interested party to whom these data refer and to avoid undue access to third parties or unauthorized personnel.

LEGAL BASIS

The provision of data is mandatory for all that is required by legal and contractual obligations and therefore any refusal to supply them in whole or in part may give rise to the impossibility of providing the services requested.

The company processes the user’s optional data on the basis of consent, ie through the explicit approval of this privacy policy and in relation to the methods and purposes described below.

CONSERVATION PERIOD

In compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 GDPR 2016/679, the retention period of personal data is established for a period not exceeding the achievement of the purposes for which they are collected and processed and in compliance with the deadlines prescribed by law.

DATA COMMUNICATION

The personal data processed by the Data Controller will not be disclosed, or will not be disclosed to indeterminate subjects, in any possible form, including that of their availability or simple consultation. Instead, they may be communicated to workers who work for the Data Controller and the Tax Adviser to manage administrative, accounting, etc. obligations.

They may also be communicated, to the extent strictly necessary, to persons who for purposes of processing orders or other requests or services related to the transaction or contractual relationship with the Owner, must provide goods and / or perform on behalf of the Owner services or services. Finally, it may be communicated to the persons entitled to access it under the provisions of the law, regulations, and community regulations.

In particular, on the basis of the roles and job duties performed, some workers have been empowered to process personal data, within the limits of their competences and in accordance with the instructions given to them by the Owner.

RIGHTS OF THE INTERESTED PARTY

Pursuant to European Regulation 679/2016 (GDPR) and national legislation, the interested party may, in accordance with the procedures and within the limits established by current legislation, exercise the following rights:

  • request confirmation of the existence of personal data concerning him/ her (right of access);

  • know its origin;
  • receive intelligible communication;

  • to have information about the logic, the methods and the purposes of the processing;

  • request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;

  • in cases of consent-based processing, receive their data provided to the holder, in a structured and readable form by a data processor and in a format commonly used by an electronic device;

  • the right to lodge a complaint with the Control Authority.

TRANSFER OF DATA TO THIRD COUNTRIES

The Data Controller may transfer your data to a third country for the execution of contractual / pre­ contractual measures, on the basis of contractual instruments that offer adequate guarantees (Article 26, paragraph 2 of Directive 95/46 / EC).

IDENTITY OF THE HOLDER

The Data Controller is Kelisema Sri, in the figure of its legal representative.

To assert the rights of the interested party and / or request further information, please contact the Data Controller Kelisema Sri, with registered office and processing in Via Urago 13 / B, Tavernerio (CO) – Mail: office@kelisema.it