INFORMATION ACCORDING TO ART. 13 OF EU REGULATION NO. 679/2016
(relating to the protection of individuals with regard to the processing of personal data and the free movement of such data)
As Data Controller and according to art. 13 of EU Regulation No 679/2016, the Company E.P.F. ELETTROTECNICA S.R.L. based in Via Langhe, 24– 12061 Carrù (CN), P.IVA 00165950049 would like to inform you that your data will be processed in accordance with the principles established by the GDPR (General Regulation on Data Protection EU 679/2016) which is to say in compliance with the principles of lawfulness, fairness, transparency, purpose limitation and storage, data minimisation, accuracy, integrity and confidentiality.
OBJECT OF PROCESSING
The data being processes are:
1. Navigation data;
2. Personal, identification and contact data.
SOURCE OF PROCESSED DATA
The Data Controller processes browsing and personal data willingly provided by the interested party on the occasion of:
- visits to offices or phone calls;
- quote requests or offers;
- previous transactions
PURPOSES AND LEGAL BASIS OF PROCESSING
The personal data voluntarily provided by you will be processed for the purposes indicated below. With regard to navigation data: allow the user to navigate on the Data Controller website; without the possibility to identify the visitor, perform statistical searches/analyses on aggregated or anonymous data aimed at measuring the functioning, traffic and interest of the Site itself; fulfil legal obligations to which the Data Controller is subject.
Regarding personal, identification and contact data:
• in execution of the contract between the interested party and E.P.F. ELETTROTECNICA S.R.L. or in execution of pre-contractual measures taken by the interested party for:
- carrying out the administrative-accounting activities closely connected and instrumental to fiscal and bureaucratic requirements and organizational management of the services required;
- exchanging information, including pre-contractual and post-contractual activities;
- supplying goods and services required and protecting the credit positions deriving therefrom;
- formalizing requests for information, preparing quotes or offers, managing negotiations and pre-contractual relationships;
- formulating requests or processing requests received.
DISCLOSURE AND COMMUNICATION OF DATA
The personal data processes by the Data Controller will not be disclosed nor will it be communicated to indeterminate subjects in any possible form, including that of making them available or simple consultation.
The data shall be communicated to the recipients to the extent strictly necessary in relation to the aforementioned objectives and to workers employed by the Data Controller. In particular, on the basis of the employees’ roles and duties, some individuals have been legitimised to process personal data within the limits of their competence and in accordance with the instructions given. For the purpose of processing purchases or other requests or services related to the transaction or the contractual relationship with the Data Controller, data may also be communicated to external persons who cooperate with the Data Controller and to the subjects who have to provide goods and/or performe services. In addition, data may be communicated to persons entitled to access them by virtue of legal provisions, regulations and community regulations.
Finally, data may be disclosed to third parties belonging to the following categories:
- subjects who provide services for the management of the information system used and for the operation of the Site;
- freelancers, businesses or companies in the field of tax and labour law assistance and consultancy;
- competent authorities for compliance with legal obligations and/or provisions of public bodies, upon request.
The Data Controller does not transfer personal data to third countries or to international organisations. However, it reserves the right to use cloud services, in which case, service providers will be selected from among those providing adequate guarantees as required by art. 46 GDPR 679/16.
DATA PROCESSING METHOD
The processing will be carried out in automated and/or manual form with methods and tools designed to ensure maximum security and confidentiality by subjects specifically authorised to do so in compliance with the provisions of art. 4 and the accountability principle of G.D.P.R.
The Data Controller stores and processes personal data for the time necessary to fulfil the stated purposes or to execute what the user requests. Subsequently, personal data will be stored and not further processed for the period of time established by the current civil and fiscal provisions.
RIGHTS OF THE DATA SUBJECT
According to GDPR 679/2016, the interested party has the right of access (art. 15), right of rectification (art. 16), right of cancellation (art. 17), right to limitation of processing (art. 18), right to portability (art. 20), right of opposition (art. 21), right of opposition to automated decision-making (art. 22). In order to assert their rights, the data subject can contact the Data Controller specifying the subject of his request and the right they wish to exercise and attaching a photocopy of an identity document confirming the legitimacy of the request to the following address:
Dear E.P.F. ELETTROTECNICA S.R.L.
Via Langhe, 24
12061 – Carrù (CN)
Or e-mail: firstname.lastname@example.org
WITHDRAW OF CONSENT AND COMPLAINT PROPOSITION
The processing operations covered by this information are lawful and permitted, even in the absence of consent, as necessary for the execution of a contract to which the person concerned is a party. The person concerned has the right to lodge a complaint with the supervisory authority of the State of residence.
REFUSAL TO PROVIDE DATA
The party in question cannot refuse to provide the Data Controller with all the necessary personal data to comply with the legal regulations governing commercial transactions and taxation. The provision of further personal may be necessary to improve the quality and efficiency of the transaction. Therefore, the refusal to provide the data required by law will prevent the processing of orders; while the provision of further data may compromise in whole or in part of the processing of other requests and the quality and efficiency of the transaction. Persons operating in the name and on behalf of legal entities may refuse to provide the Data Controller with their personal data. However, the conferment of these is necessary for a correct and efficient management of the contractual relationship. Therefore, any refusal to provide the data may compromise in whole or in part the contractual relationship itself.
AUTOMATED DECISIONAL PROCESSES
The Data Controller does not carry out processing that consists of automated decision-making processes on data.
E.P.F. ELETTROTECNICA S.R.L., settled in Via Langhe, 24 – 12061 Carrù (CN), is the Data Controller.
The Data Controller guarantees the security, confidentiality and protection of the personal data in its possession at any stage of the processing process. The updated list of Internal and External Managers can be found with the Data Controller.
CHANGES TO THIS POLICY
The Data Controller will publish the updated version of this act on the Site, and from that moment it will be binding: the interested party is therefore invited to visit this section regularly.