STEAKAROLA c/o BeriCalce Srl Unipersonale based in Via Odorico da Pordenone, 18 in Vicenza (VI) and with VAT number and tax code 04346470240 (hereafter "Owner"), as Owner of processing of personal data pursuant to Legislative Decree 196/2003 and subsequent amendments – Code regarding the protection of personal data ("Privacy Code") – and of EU Regulation 679/2016 applicable from May 25th 2018 – General Data Protection Regulation ("GDPR", hereafter "Applicable Regulations").
In compliance with the Applicable Regulations, the Owner wishes to inform you that the personal and identification data you provide will be processed in compliance with the aforementioned regulation, providing you with the necessary information regarding the processing of personal data provided. This is an information that the owner invites you to read carefully, as it contains important information on the protection of personal data and the security measures taken to ensure confidentiality in full compliance with the Applicable Regulations.
The Owner of processing informs that the processing of personal data will be based on the principles of lawfulness, correctness, transparency, purpose limitation and retention, data minimization, accuracy, integrity, and confidentiality. The personal data will therefore be processed in accordance with the legislative provisions of the Applicable Regulations and the confidentiality obligations laid down therein.
The Owner has not appointed a Data Protection Officer ("DPO"), as it is external to the conditions provided for by the Applicable Regulations regarding the appointment of the DPO.
For any information concerning the processing of personal data carried out by the data, including the list of required managers who process data on behalf of the Owner himself should contact the following e-mail address: firstname.lastname@example.org.
The processing relates to personal and identification data provided voluntarily by the interested party (by way of example but not limited to: name, surname, company name, physical address, landline, mobile or fax numbers, e-mail address, bank account details, VAT number, tax code).
"Personal information" means any information relating to an identified or identifiable individual with particular reference to an identification such as name, an identification number, location data, an online identifier or to one or more factors specific to his physical, physiological, psychic, economic, cultural or social identity.
"Processing" means any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or set of personal data, such as collection, registration, organization, structuring, preservation, adaptation or modification, extraction, consultation, use, disclosure by transmission, diffusion, or any other form of making available, alignment or interconnection, limiting, cancellation or destruction.
The data processing takes place at the headquarters of the Owner, at the operational offices and at third parties identified.
Personal data voluntarily provided will be processed by the Owner of the processing for the following purposes:
1. Administrative/accounting. For the purposes of the application of the provisions regarding the protection of personal data, the processing performed for administrative-accounting purposes are those related to the performance of organizational, administrative, financial, and accounting activities, regardless of the nature of the data processed. In particular, these objectives pursue internal organizational activities, those functional to the fulfillment of contractual and pre-contractual obligations, the management of the employment relationship in all its phases, the keeping of accounting and the application of the rules on tax matters, trade union, social security, health, hygiene and safety at work.
2. Information and promotions. The use of e-mail coordinates provided by the customer in the context of the sale of a product or service for the direct sale of their products or services, is allowed for the purpose of sending information and newsletters. The interested party, at the time of collection and at the time of sending each communication, is informed of the possibility to oppose at any time the processing, easily and free of charge (Article 130 paragraph 4 of Legislative Decree 196/03).
3. Security, pursuant to Legislative Decree. 81/2008. With particular reference to the identification data freely given by the visitor to our offices (name, surname, institution or company of belonging), the processing has the exclusive purpose of ensuring compliance with the corporate security procedures formally applied, even in force of the regulations in force (for example: annotation in the visitor register/database, assignment of temporary identification badge, applications of legal obligations in the field of safety at work).
The processing will be carried out in an automated and manual manner, with methods and instruments aimed at guaranteeing maximum security and confidentiality, by persons appointed and responsible for processing in accordance with the Applicable Regulations. The data retention period will be equal to the duration of the commercial relationship, except for legal and/or administrative/accounting/tax obligations, in which case the period will be higher.
The data object of the processing will not be diffused, unless explicit authorization of the interested party released after suitable information. The data may instead be communicated to companies contractually linked to the Owner of processing and, where necessary, also to persons inside and outside the European Union, in accordance with and within the limits of art. 42, 43 and 44 of Legislative Decree no. 196/2003. The data may be disclosed to third parties belonging to the following categories:
· subjects that provide services for the management of the information system used by the Owner of processing and telecommunications networks, and who take care of the maintenance of the technological part (including e-mail and newsletter service);
· subjects and bodies that collaborate with the Owner of processing to carry out the training courses as an example and not exhaustive: teachers, Interprofessional Joint Funds;
· freelancers, firms or companies in the context of assistance and consultancy relationships;
· subjects that carry out checks, audits and certification of the activities carried out by the Owner of processing;
· competent authorities for the fulfillment of obligations of laws and/or provisions of public bodies, upon request of the same.
The identification data processed in application of the corporate security procedures are not subject to communication, without prejudice to express and specific requests eventually made by the competent judicial and investigative Authorities.
Any further communication or diffusion will take place only with the explicit consent of the interested party. Moreover, during the ordinary processing activities, they will be able to access personal and identifying data and therefore become aware of the subjects expressly designated by the writer as responsible and/or in charge of processing, authorized according to their respective profiles.
RIGHT OF ACCESS TO DATA
At any time, you can exercise your rights towards the Owner of processing under the Applicable Regulations, then obtain confirmation of the existence or otherwise of the same data, know its content and origin, verify its accuracy, request its integration, updating, or correction.
When the conditions set forth in the Applicable Regulations are met, you have the right to request cancellation, limitation of processing, portability, and to oppose, for legitimate reasons, their processing.