Privacy Policy
Information regarding the processing of personal data
Conte Metal Mec S.r.l., with registered office in via Montello, 88 - 31044 Montebelluna (TV) - VAT no 04090030265 (hereinafter “Data Controller”), in its capacity of data controller hereby informs you that your data will be processed with the following methods and purposes, pursuant to art. 13 of the EU Regulation no 2016/679 (hereinafter “GDPR”):
- Subject of the processing
The Data Controller processes personal, identifying data (for example, name, surname, company name, address, telephone number, e-mail address, bank and payment details, hereinafter "personal data" or "data") submitted by you when entering into contracts for services with the Data Controller.
- Purpose of processing
Your personal data are processed without your express consent (art. 6 let. b), e) of the GDPR), for the following Service Purposes:
– to enter into contracts for the Data Controller's services;
– to fulfil the pre-contractual, contractual and tax obligations deriving from already existing relationships with you;
– to fulfil obligations laid down by law, regulations, community legislation or by an order of the Authorities (for example, anti-money laundering);
– to exercise the Data Controller’s rights, for example the right to legal defence.
Only for customers:
Please note that if you are already our customer, we could send you commercial information concerning products or services of the Data Controller similar to those you have already enjoyed, until you express your disagreement (art. 130 section 4 of L. Decree no 196 dated 30.6.2003 (hereinafter, "Privacy Code" and article 7 of EU Regulation 2016/679).
- Processing methods
Processing of your personal data is carried out by means of the operations indicated in art. 4 no 2) of the GDPR and specifically: collection, registration, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data is subject to both paper and electronic and/or automated processing.
The Data Controller will process the data for the time necessary to fulfil the above quoted purposes and in any case for no longer than 10 years from the end of the Service Purposes relationship.
- Access to data
Your data may be made accessible for the purposes referred to in art. 2 of this information note:
- to employees or collaborators of the Data Controller in Italy, in their capacity of internal supervisors and/or processors and/or system administrators;
- to third parties or other parties (for example, credit institutions, professional studios, consultants, insurance companies for the provision of insurance services, etc.) who carry out outsourcing activities on behalf of the Data Controller, in their capacity of external data processors.
- Data submission
Without the need for an express consent, (ex art. 24 let. a), b), d) of the Privacy Code and art. 6 let. b) and c) of the GDPR), the Data Controller may notify your data for the purposes laid down in art. 2 of this information note to Supervisory Bodies (such as IVASS), Judicial Authorities, insurance companies for the provision of insurance services, as well as to all other subjects to whom the communication is legally mandatory in order to fulfil the purposes described. These subjects will treat the data as independent data controllers.
Your data will not be disseminated.
- Data transfer
Personal data are stored on paper or digital archives within the European Union.
- Nature of data provision and consequences of refusal to respond
The provision of data for the purposes referred to in art. 2 of this information is mandatory. In their absence, we will not be able to guarantee the Services and Relationships in place with your organisation pursuant to art. 2 of this information note.
- Rights of the data subject
As data subject, you are entitled to the rights set forth in art. 15 of the GDPR and precisely the right to:
- obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and to their communication in intelligible form;
II. obtain the indication:
a. of the origin of the personal data;
b. of the purposes and methods of the processing;
c. of the logic applied in the case of processing carried out with the aid of electronic means;
d. of the identification data concerning the data controller, data supervisors and processors designated pursuant to art. 3, paragraph 1, GDPR;
e. of the subjects or categories of subjects to whom the personal data may be transmitted or who may become aware of these in their capacity of designated representative within the State, of supervisor or processor;
III. obtain:
a. the updating, rectification or, where interested, the integration of data;
b. the deletion, transformation into anonymous form or blocking of data processed in violation of the law, including those for which conservation is not necessary in relation to the purposes for which the data were collected or subsequently processed;
c. certification that the operations referred to in letters a) and b) have been brought to the attention, including as concerns their content, of those to whom the data have been transmitted or disseminated, except in the case where such fulfilment proves impossible or requires the use of means clearly disproportionate to the right being protected;
IV. fully or partially object:
a. for legitimate reasons, to the processing of personal data concerning you, even if relevant to the purpose of the collection; - to the processing of personal data concerning you for the purpose of sending advertising materials or direct sales or for carrying out market surveys or commercial communications, through the use of automated call systems without the intervention of an operator through e-mails and/or through traditional marketing methods by phone and/or mail.
Please note that the data subject's right to object, set out in point b) above, to direct marketing purposes by automated means, extends to the traditional ones and that the possibility for the data subject to exercise the right to object also remains valid even partially. Therefore, the data subject may decide to receive only communications using traditional methods or only automated communications or neither of the two types of communications.
Where applicable, he/she also has the rights set forth in Articles 16-21 GDPR (Right of rectification, right to be forgotten, right to limitation of processing, right to data portability, right to object), as well as the right to complain to the Data Protection Authority.
- Procedure for exercising the rights
You may exercise your rights at any time by sending:
– a registered letter with acknowledgement of receipt to CONTE METAL MEC S.R.L. – Registered office in Via Montello, 88 – 31044 Montebelluna (TV);
– an email to info@contemm.it
– in the case of marketing by e-mail, it is possible to oppose the processing by following a specific link in the message.
- Data Controller, Data supervisor and Data processor
The Data Controller is CONTE METAL MEC S.R.L. with registered office in Via Montello, 88 - 31044 Montebelluna (TV).
The updated list of data supervisors and processors is kept at the Data Controller’s registered office.