Centauro

Share |
Linkedin Centauro
  • IT
  • EN

Home > PRIVACY POLICY

To: Customers intended as natural persons or one person companies or partnership/natural persons employed by the Customer

 

PERSONAL DATA INFORMATION NOTICE FOR THE PROTECTION OF PERSONAL DATA PURSUANT TO ART. 13 D.LGS. 196/2003 AND TO THE REGULATION 679/2016

 

In compliance with the D. Lgs. 196/2003 and with the Regulation 679/2016 (hereinafter, “GDPR”), [●], whose headquarter is [●], (hereinafter, the “Company”) and acting as the Controller of the processing of data, renders all relevant information about the processing to which the personal data of the company [●], or of Mr. [●] acting as a natural person (hereinafter, alternatively referred to as “Client”), or the personal data of the natural persons employed by the Client, will be subject. Regarding this particular aspect, the Client commits to transmitting this information notice to the employees with whom the Company will get in touch. The processing of the personal data will respect the principles of fairness, lawfulness and transparency, and will be carried out in a manner that protects the fundamental rights and freedoms of the data subjects, pursuant to the current legislation on the security and protection of personal data.

Purpose of the processing of data

The personal data will be processed for the following purposes: 1.compliance with obligations under the national law (including the drafting of the contract and the correct identification of the Client’s legal representative or of the Client’s main contacts), under the regulations or under the European laws, as well as under the orders issued by the authorities or by the empowered bodies. The provision of the personal data necessary for these purposes is necessary and the refusal to provide the personal data will imply the impossibility to establish a legal relationship with the Company; 2. purposes connected to and useful for the establishment, the performance and the management of the contractual relationship between the Company and the Client and the Client’s employees. Specifically, the personal data will be processed to perform the obligations of the contract or to comply with specific requests of the data subject, even before the drafting of the contract itself. The personal data might also be used to fulfil the duties connected to the implementation of the economic activity and of the contract, and connected to the related accounting, administrative and fiscal operations. Some of these activities might also be implemented by third subjects, specifically empowered by the Controller of the processing. The provision of the personal data necessary for these purposes is necessary and the refusal of the Client or of the Client’s employee to provide the personal data might imply the impossibility for the Company to provide the Client with some of the required services or to correctly establish the contractual relationship with the Client. 

Legal basis

The legal basis of the processing is the implementation of the work contract and the necessity to adhere to legal obligations. Your personal data, required for points (1) and (2), shall be stored for a period of time established by law, for contractual and fiscal requirements, but no more than 10 years from the termination of the work contract between the Client and the Controller, due to statute barred limitations. This time frame (10 years) is required for the management/review of the various phases of the contractual period and for the resolution of other matters that may arise (for example, disputes and the eventual defense of the Client's and Controller's rights) as well as the legal obligation of conserving such data for said period of time. The storage of such data may be prolonged in the measure / time frame necessary to close all open issues.

Modality of the processing and storage of data

The processing will be implemented through manual and/or IT means, according to the described purposes, and will be, in any way, adequate to guarantee the security and confidentiality of personal data, in compliance with the laws that impose the adoption of measures appropriate to ensure a minimum level of security.

Within the Company’s organization, the processing will be carried out by employees and partners, specifically appointed by an official mandate as persons authorized under the direct authority of the Controller or Processor, or as Processors, and they will operate within the limits and the instructions issued by the Controller.

The data will be stored until the necessary period pursuant to the relevant laws connected to fiscal and contractual requirements.

Data communication and field of dissemination of the data

The data subject’s personal data might be communicated to persons who, for business, commercial or contractual requirements, are involved in the distribution of the products and the services of the Company (such as partners and external advisors, public institutions, insurance companies, banking and financial institutes, companies entrusted with the logistics, legal advisors). The complete and up-to-date list of the Processors, as well as of the other persons to whom the personal data might be communicated, is retained by the Controller at the headquarter office and can be freely obtained upon request. 

Rights of the data subject

In relation to the aforementioned processing of personal data, you shall exercise the rights granted by article 13 GDPR 679/16, as better stated in articles 15-16-17-18-20-21 and 22 GDPR 679/16, and specifically you shall have the right to:  

1)    obtain confirmation as to whether or not personal data concerning your person exists, even if not registered yet, and that the communication is in an intelligible format;

2)    request the Controller the access to your data, as well as the right to data portability;

3)    obtain updates, the correction and, whenever required, the integration of the data;

4)    object, wholly or in part: a) for legitimate reasons, to the processing of personal data concerning your person, even if they are pertinent with the scope of the data collection; b) to the processing of your personal data for sending advertising materials, for direct marketing purposes, for market research or commercial communication purposes.

5)    obtain the erasure, the anonymization or the block of your processed personal data in infringement of the legislation, including data whose storage is not necessary in relation to the purposes for which the data was collected or later processed;

6)    withdraw your consent at any time without questioning the lawfulness of the data processing based on consent given before its withdrawal, according to the law;

7)    lodge a complaint with a supervisory authority.

8)    obtain official documentation certifying that the operations set out above in numbers 4 and 6 have been made available, also in their content, to those whom the data have been communicated or transmitted to, except in the case when such a compliance proves impossible or would involve a disproportionate effort compared to the right granted.

 

Centauro Srl – Via Euclide, 4 - 20864 Agrate Brianza (MB) - ITALY
VAT Number 00706060969 - C.F. 01197310152
Corporation Stock €100.000 I.V. - R.S.Trib.Monza 29099 - C.C.I.A.A.Milano 522973