Privacy Policy

INFORMATION ON THE PROCESSING OF BUSINESS PARTNER PERSONAL DATA

Pursuant to Article 13 of EU Regulation 2016/679 of 27/04/2016, hereinafter referred to as RGPD (General Regulation for the Protection of Personal Data), DONELLI GROUP S.R.L., with registered office in via De Marini, 1 – 16149 Genoa, as owner of the processing of personal data, informs you of the following:

Holder of the treatment
The data controller is DONELLI GROUP S.R.L., with registered office in via De Marini, 1 – 16149 Genoa.

Purpose of the processing
The personal data you provide will be processed exclusively for the following purposes:
1. Stipulation and execution of the contract and all related activities, such as, by way of example, invoicing, credit protection, administrative, management, organizational and functional services for the execution of the contract;
2. Fulfillment of the obligations established by law, regulations, applicable legislation and other provisions issued by authorities invested by law and by supervisory bodies and the processing of personal data for the aforementioned purposes does not require your express consent (Article 6 letter . b) and e) of the GDPR).

Mandatory or optional nature of providing data and consequences of a refusal to provide personal data
The data required for the purposes referred to in letters a) and b) above must be provided for the fulfillment of legal obligations and / or for the conclusion and execution of the contractual relationship and the provision of the requested services. Therefore, your refusal, even partial, to provide such data would make it impossible for the Supplier to establish and manage the relationship itself and to provide the requested service.
The provision of personal data necessary for the purposes referred to in letters c) and d) above is optional, therefore your refusal to provide such data would make it impossible to carry out the activities described therein.

Data processing methods

The processing of personal data is carried out by means of the operations indicated in art. 4 n. 2) RGPD, for the aforementioned purposes, both on paper and computer, by means of electronic or automated tools, in compliance with current legislation in particular regarding confidentiality and security and in compliance with the principles of correctness, lawfulness and transparency and protection of the Customer’s rights.
The processing is carried out directly by the owner’s organization, by its managers and / or agents.

Communication and Dissemination
Your personal data may be communicated, within the limits strictly relevant to the obligations, tasks and purposes referred to above and in compliance with current legislation on the subject, to the following categories of subjects:

1. Subjects to whom this communication must be made in order to fulfill or to require the fulfillment of specific obligations under laws, regulations and / or community legislation;
2. Companies belonging to the Owner’s Group or parent companies, subsidiaries or associates pursuant to Art. 2359 of the Italian Civil Code, who act as data processors or for administrative and accounting purposes (purposes related to the performance of internal organizational, administrative, financial and accounting activities, in particular, functional to the fulfillment of contractual and pre-contractual obligations) ;
3. External natural and / or legal persons who provide services that are instrumental to the activities of the Data Controller for the purposes referred to in point 1. above (eg call centers, suppliers, consultants, companies, organizations, professional firms). These subjects will operate as managers of the
Personal data will not be disseminated in any way.
Retention period of personal data
Personal data will be kept for the entire duration expressed by the contract stipulated with the Data Controller, which concluded that the data will be kept for the fulfillment of the terms required by law for the conservation of administrative documents, after which they will be deleted.

Data transfer
Personal data is stored on servers located within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU. In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission.

Rights of the interested party
In your capacity as an interested party, you have the rights referred to in art. 15 GDPR and precisely the rights of:

1. Obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
2. Obtain the indication: a) of the origin of personal data; b) the purposes and methods of the processing; c) the logic applied in case of processing carried out with the aid of electronic tools; d) the identification details of the owner, managers and designated representative pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;
3. Obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data which need not be kept for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated, except in the case in which this fulfillment proves impossible o involves the use of means that are manifestly disproportionate to the protected right;
4. To object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of the collection; Where applicable, it also has the rights referred to in Articles. 16-21 RGPD (Right of rectification, right to be forgotten, right to limitation of processing, right to data portability, right of opposition), as well as the right of complaint to the Guarantor Authority.
For the exercise of the rights referred to in art. 15 of the RGPD or for questions or information regarding the processing of your data and the security measures adopted, you can in any case forward the request to our company at the following address:

DONELLI GROUP S.R.L.

via De Marini, 1 – 16149 Genova Telephone: + 39-040.6732935

E-mail: administration.trieste@donelligroup.com