IN.I.VE. of Sperotto Ing. Denis & C. s.a.s., with registered office in Via Rialto, 26 - 36030 Fara Vic.no (VI), P.IVA 0712690247 (hereinafter, "IN.I.VE."), as data controller, informs you pursuant to art. 13 of Legislative Decree no. 196 of 30.6.2003 (hereinafter, "Privacy Code") and art. 13 of EU Regulation no. 2016/679 (hereinafter, "GDPR") that your data will be processed in the following ways and for the following purposes:
1. Object of data processing
IN.I.VE. processes the personal, identifying data (for example, name, surname, company name, address, telephone, e-mail, bank and payment references - hereinafter, "personal data" or even "data") communicated by you when concluding contracts for IN.I.VE. services.
2. Purposes of the treatment
Your personal data are processed without your express consent (art. 24 letter a), b), c) Privacy Code and art. 6 letter b), e) GDPR), for the following Service Purposes:
- to conclude contracts for IN.I.VE. services;
- to fulfill pre-contractual, contractual and fiscal obligations arising from existing relationships with you;
- to fulfill obligations provided for by law, regulation, EU legislation or an order of the Authority (such as anti-money laundering);
- exercise the rights of the IN.I.VE., for example the right of defence in court.
3. Methods of treatment
The processing of your personal data is carried out through the operations indicated in art. 4 Privacy Code and art. 4 n. 2) GDPR and precisely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subject to both paper and electronic and/or automated processing. IN.I.VE. will process your personal data for the time necessary to fulfill the above purposes and in any case for no longer than 10 years from the termination of the relationship for the Purposes of Service.
4. Access to data
Your data may be made accessible for the purposes set forth in art. 2:
- to employees and collaborators of IN.I.VE., in their capacity as internal data processors and/or system administrators;
- to third party companies or other subjects (by way of indication, credit institutions, professional studios, consultants, insurance companies for the provision of insurance services, etc.) who carry out outsourcing activities on behalf of IN.I.VE., in their capacity as external data processors.
5. Data communication
Without the need for express consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), IN.I.VE. may communicate your data for the purposes set forth in art. 2 to Supervisory Bodies (such as IVASS), judicial authorities, insurance companies for the provision of insurance services, as well as to those subjects to whom the communication is required by law in order to fulfill the said purposes. These subjects will process the data in their capacity as independent data controllers. Your data will not be disclosed.
6. Security
The data are stored and controlled through the adoption of appropriate preventive security measures, aimed at minimizing the risks of loss and destruction, unauthorized access, unauthorized processing and processing that is not permitted and does not comply with the purposes for which the processing is carried out.
7. Data transfer
The management and storage of personal data will take place in the territory of the European Union.
8. Rights of the interested party
In your capacity as interested party, you have the right as per art. 15 GDPR and precisely the rights to: i. obtain confirmation as to whether or not personal data concerning you exist, even if not yet recorded, and their communication in an intelligible form; ii. obtain indication of: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in case of processing carried out with the aid of electronic instruments; d) the identity of the owner, manager and the representative appointed under art. 5, paragraph 2 Privacy Code and art. 3, paragraph 1, GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State territory, managers or agents; iii. obtain: a) the updating, rectification or integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected; iv. oppose, in whole or in part for legitimate reasons, the processing of personal data concerning you, even if pertinent to the purpose of collection. Where applicable, you also have the rights set forth in Articles 16-21 GDPR (Right of rectification, right to be forgotten, right to limitation of processing, right to data portability, right to object), as well as the right to complain to the Guarantor Authority.
9. How to exercise the rights
You may exercise your rights at any time by sending a communication: 1. by e-mail to: info@afonica.it
2. or by mail A.R., a: IN.I.VE. di Sperotto Ing. Denis & C. s.a.s., Via Rialto, 26 - 36030 Fara Vic.no (VI)
10. Owner, manager and persons in charge
The Data Controller is IN.I.VE. di Sperotto Ing. Denis & C. s.a.s.. The updated list of data processors and persons in charge of processing is kept and can be consulted at the headquarters of the Data Controller.