EU Regulation No. 2016/679 as subsequently amended
(hereinafter referred to as 'GDPR' for brevity)
1) Data Processing – data processed
The Data Controller acquires from the customer (hereinafter referred to as ‘Interested party’) personal information such as: patronymic name, surname, company name, address, telephone references, e-mail address, bank references, tax code, navigation data, computer identification data.
The Data Controller acquires from the Interested party the necessary, useful, appropriate documentation for the achievement of the corporate objects including the conclusion of contracts of commercial nature.
2) Data Processing - purpose
a. The processing of personal data (mentioned in clause 1. above) is strictly related to the activity carried out by the Company.
To the extent applicable, the provisions of Article 6 GDPR are referred to.
b. Personal data will not be processed for marketing purposes unless explicitly authorized by the Interested party’.
Should this be the case, the Interested party will be asked for specific and separate consent in accordance with Article 7 GDPR.
3) Personal data: procedures – processing period
Personal data may be processed by computer, telematic or manual means. In any case, the use of the tools will be subject to the principles of security, integrity and confidentiality. Personal data will be processed for the period necessary for the execution of the business relationship.
4) Personal data: disclosure to third parties
Personal data may be disclosed, also at their request, to: Judicial Authorities; Administrative Authorities; Mediation Organizations; advocates or professionals in negotiation proceedings; advocates or professionals of counterparties; counterparties when not assisted by professionals; Tax Authorities; Supervisory Bodies; Dispute Settlement Bodies; employees and/or collaborators of the Data Controller; Inspection Bodies.
5) Data: storage
Personal data are stored on computer systems and/or supports located within the European Union. Should personal data be stored on computer systems and/or media located in areas outside the European Union, the Data Controller will ensure that these systems comply with the applicable and/or in force regulations.
6) Interested party: rights
The interested party has the right to access the data pursuant to Art. 15 GDPR.
The interested party may exercise the rights referred to in Articles 16 (Right to rectification), 17 (Right to erasure), 18 (Right to restriction of data processing) of the GDPR.
The interested party may exercise the rights referred to in Articles 20 (Right to data portability), 21 (Right to object) of the GDPR.
The interested party may, at any time, exercise the right to withdraw the consent initially given. In that case, the withdrawal shall not have retroactive effect.
The interested party has the right to lodge a complaint with the Supervisory Authority.
7) Interested party: how to exercise the rights
The interested party may exercise their rights against the Data Controller by written statement sent to:
- by registered post to the following address: UNIVER S.p.A Via Eraclito, 31 - 20128 Milano
- by Certified email to the address: email@example.com
8) Data Controller: identification
The Data Controller is identified as follows:
UNIVER S.p.A. (Company)
Via Eraclito, 31 - 20128 Milano
Tel. +39 02 25298.1
P. IVA 06107080159
Certified email: firstname.lastname@example.org