PURSUANT TO ART. 13 OF EU REGULATION 2016/679
It should be noted that:
– personal data (pursuant to art. 4, para. 1, No. 1) GDPR) means ‘any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person’;
– processing of personal data (pursuant to art. 4, para. 1, No. 2) GDPR) means ‘any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.’
1. Data Controller and contact details
The Data Controller, pursuant to art. 24 GDPR, i.e. the person who determines the purposes and means of processing, is Beta Utensili S.p.A., with registered office in Sovico (MB), 20845, Via Volta 18 – Tel.: 03920771. – E-mail address: firstname.lastname@example.org.
2. Data processed
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the communication protocols of the Internet.
These data are not collected to be associated with identified data subjects, but by their very nature could, through processing and associations, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who access the site, URIs (Uniform Resource Identifiers) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and IT environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data may be used to ascertain liability in the event of any cybercrimes committed against the site.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site, as well as the completion of the contact form or the transmission of data through other sections of the site, involves the subsequent acquisition of the sender’s address, necessary to respond to requests, and any other personal data entered by the user.
3. Purpose of Processing and Legal Basis
3.1 Your personal data, subject to processing, are used for the following purposes:
a) to respond to your specific requests;
b) to fulfil legal and/or regulatory obligations of a tax, administrative and accounting nature;
c) to fulfil pre-contractual, contractual and tax obligations relating to the execution and/or performance of contracts to which you are a party;
d) to protect credit.
3.2 The processing of your personal data is based on art. 6, para. 1 letters b) and c) GDPR.
4. Nature of data provision
5. Processing Methods
6. Data Recipients
Data Recipient means, pursuant to art. 4, para. 1, No. 9) GDPR, ‘a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing’.
It should be noted that, in relation to the purposes indicated above, personal data may be disclosed to recipients within the framework of a cooperation with the Data Controller or to fulfil legal obligations. These recipients are bound to absolute confidentiality with regard to any information of which they may become aware; the categories of data recipients are set out below by way of example.
– Authorities, public administrations and supervisory and control bodies for their institutional purposes.
– Employees and/or associates of the Data Controller, Associated Companies, persons, advisors, consultancy firms who cooperate with the Data Controller to achieve the purposes indicated above and to fulfil legal obligations.
– Persons who provide services for the management of the Data Controller’s IT system.
– Qualified professionals for the purpose of studying and resolving any legal and contractual issues.
– Banks or similar organizations;
7. Place of data processing and transfer of data outside the EU, if any
The data processing is carried out within a member state of the European Union (EU) or within a member state of the European Economic Area (EEA).
However, the data processing may involve the transfer of data to a non-EU or non-EEA state. In this case, the Data Controller hereby guarantees that the transfer, if necessary, will be carried out only under the specific conditions laid down in articles 44 et seq. GDPR.
8. Disclosure and dissemination of data
Your personal data will not be disclosed or transferred.
Any disclosure to third parties, other than the Data Controller and the Data Processors – in- house or external to the Data Controller’s organizational structure – identified and appointed in accordance with articles 24 and 28 GDPR, is provided for where necessary.
In any event, the processing by third parties will be carried out in accordance with the principles of fairness, proportionality and necessity, as well as in compliance with the applicable legal provisions.
9. Retention period
10. Data Security
The Data Controller shall adopt all appropriate technical and organizational measures to protect data in order to prevent data loss, unlawful or incorrect use and unauthorized access.
11. Data subject rights
Please note that, in accordance with art. 13, para. 2, letter b) GDPR, in relation to the processing of personal data in question, to ensure a fair and transparent processing, the following rights may be exercised:
11.1. Right of information and access (under art. 15 GDPR): to obtain information from the Data Controller on the existence or otherwise of data processing concerning you as well as access to your personal data and information on the purposes of the processing and the recipients or categories of recipients to whom the data are transmitted.
11.2. Right to rectification (under art. 16 GDPR), erasure (under art. 17 GDPR) and restriction (under art. 18 GDPR): to request from the Data Controller the rectification and erasure of your personal data and the restriction of processing.
11.3. Right to portability (under art. 20 GDPR): to receive the personal data concerning you that you provided to the Data Controller in a structured, commonly used and machine-readable format and to have the right to transmit such data to another data controller, provided that such operation is technically feasible.
11.4. Right to object (under art. 21 GDPR): to object to the processing of your data.
For the exercise of the rights referred to in art. 13, para. 2, letters b) and e) GDPR, you may write to Beta Utensili S.p.A., via Volta 18, 20845, Sovico (MB), or to the following e-mail address email@example.com or contact the Data Controller at the following telephone number 039.20771.
12. Right to lodge a complaint or an appeal
In accordance with art. 13, para. 2, letter d) GDPR and art. 140 bis of the Italian Legislative Decree No. 196/2003, as amended by the Italian Legislative Decree No. 101/2018, please note that, if you consider that the data processing is in breach of the European Regulation or the Italian Personal Data Protection Code, you may lodge a complaint with the Italian Data Protection Authority, in accordance with art. 77 GDPR or, alternatively, an appeal with the Judicial Authority.
13. Changes and updates