Information pursuant to art. 13 of the European Regulation
on data protection 679/2016 and consent
Pursuant to art. 13 of the European Regulation (EU) 2016/679, and in relation to your personal data of which IMEL SRL will become available, we inform you as follows:
THE HOLDER OF THE TREATMENT
The data controller is IMEL S.r.l. with registered office in via M. Candia 19, 20081 Morimondo (MI).
It will be possible to contact the Data Controller using the following contact details:
Tel: + 39/02 9400115
PEC email: firstname.lastname@example.org
TYPES OF DATA PROCESSED AND OBLIGATORY OR OPTIONAL NATURE OF THE PROCESSING
The personal data normally requested are personal and contact details. We process data such as name, surname, contact details, company name, tax code, address, telephone number, mobile number, e-mail, certified e-mail, bank and payment references, as well as, where necessary for the completion of the relationship.
The optional, explicit and voluntary sending of e-mails to the Company's addresses entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
Sensitive data are not processed pursuant to art. 9 Privacy Regulation, with the exception of membership of trade unions and associations for employees, which can be inferred from the information necessary for personnel management.
The computer systems and software procedures used to operate the web platforms of IMEL S.r.l., during their normal operation, use some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified data subjects, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment.
METHOD AND PURPOSE OF TREATMENT
Pursuant to art. 5 and 6 of EU Reg. 2016/679 personal data may be processed in paper format or with automated tools for the time strictly necessary to achieve the purposes for which they were collected and in any case for the sole purpose of performing the requested service.
IMEL S.r.l. processes the data for the following purposes:
execution and management of the contractual and supply relationship;
management of purchases of our products and / or provision of sales and after-sales services;
administrative, personnel management, accounting and billing activities;
fulfillment of related legal obligations, regulations and community legislation (including anti-money laundering legislation);
exercise of rights in court.
Providing data for the purposes indicated above is necessary and a refusal to provide it would prevent IMEL S.r.l. to follow up on the contractual relationship.
This information may be supplemented by further information and consent given at the time of any request for specific services.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
PROTECTION OF PERSONAL DATA
In accordance with the principle of minimization as per art. 5 paragraph 1 c) of EU Reg. 2016/679, the data controller mentioned above guarantees that the processing by electronic means is carried out by minimizing the use of personal data and identification data, limiting the use of the data to cases in which they are strictly necessary for the achievement of the purposes for which they were collected. The owner of the aforementioned data processing also guarantees the adoption and observance of specific security measures to prevent data loss, any illegal or incorrect use of the same and unauthorized access. The user's data will be archived by the data controller until the aforementioned purposes are carried out until any order for cancellation, rectification, integration, limitation, opposition and profiling pursuant to and for the purposes of Articles from 15 to 22 of EU Reg. 2016/679 by the interested party.
COMMUNICATION AND DIFFUSION OF DATA TO THIRD PARTIES
Personal data will be accessible to the bodies and employees of the aforementioned data controller, formally appointed authorized or Data Processors. The use and forwarding of personal data by external individuals and organizations acting on behalf of the data controller mentioned above are governed by contracts that provide for an adequate level of protection of personal data.
These on-line collaborations are regulated by specific contracts which presuppose an adequate level of protection of the personal data processed. In some other cases, the holder of the aforementioned data processing may also be required to release the personal data of the users of its websites / web portals, in execution of contractual obligations, in accordance with current legislation or to satisfy the request for services by of the interested party; this information release activity can take place in the following cases:
when online users have authorized the release of information;
when the aforementioned data controller needs to communicate information on users to offer services and satisfy the request of an online user;
when the owner of the aforementioned data processing needs to communicate information to its partners who perform services for online users;
when the owner of the aforementioned data processing is required, by order of the judicial authorities, to release information about users, or in accordance with a local or international law, regulation or mandate.
RIGHTS OF THE INTERESTED PARTY
Pursuant to the European Regulation 679/2016 (GDPR) and national legislation, the interested party may, according to the methods and within the limits established by current legislation, exercise the following rights by contacting the Data Controller:
request confirmation of the existence of personal data concerning him (right of access);
know its origin;
receive intelligible communication;
have information about the logic, methods and purposes of the processing;
request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected; right of limitation and / or opposition to the processing of data concerning him; right of revocation; right to data portability; in cases of consent-based processing, receive their data provided to the owner, in a structured and readable form by a data processor and in a format commonly used by an electronic device;
the right to lodge a complaint with the supervisory authorities.
The interested party can exercise his rights listed above without a formal request to the addresses and contact details of the data controller present in this information.
UPDATES TO THIS NOTICE