Code regarding personal data protection

Privacy policy according to General Data Protection Regulation EU 2016/679 art.13

Pursuant to and for the effects of GDPR EU 2016/679 art.13 regarding personal data protection, Kompunet Informatica S.r.l., as Data Controller, informs this website’s users that the acquired personal data will be subject to processing in accordance of the above mentioned regulation. In compliance with this legislation, processing of such data shall follow the principles of correctness, lawfulness and transparency and protection of confidentiality, as indicated below.

1. Object of treatment Personal data acquired and processed are: personal data, location/address, telephone number, fax, e-mail, referential names, VAT number.

2. Purposes of treatment Your personal data are treat only with your specific consent (art. 6 paragraph 1 let. a) and 7 of Regulation EU 2016/679), for sending (by e-mail, post, phone contact, sms) answers to the request received by Data Controller and/or advertising material on products and services offered by the same. The conferment of such data is non-mandatory. Therefore you may decide to do not give any data or to deny at a later time the treatment of data already provided, by revocation of consent under art. 7 paragraph 3 of Regulation EU 2016/679. In such cases, you won’t receive any answer/communication referred to the request. If you are already a customer of us, we could send commercial communications about services and products of the Data Controller similar to those already received, without prejudice to your right to revoke the consent already given under art. 7 paragraph 3 of Regulation EU 2016/679. More precisely the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

3. Method of processing Processing of your personal data is carried out by means of operations listed in Art. 4, n. 2) of Regulation EU 2016/679 and more precisely: collection, recording, organisation, storage, consultation, processing, adaptation or alteration, selection, retrieval, comparison, application, interconnection, interruption, disclosure by transmission, dissemination or otherwise making available, restriction, erasure and destruction of data. Data acquired will be processed by electronic and telematic means and on paper support with logics strictly related to the above mentioned purposes by collaborators and internal employees specifically designated of the treatment or external processors of the treatment. Data are stored on paper and electronic supports in compliance with the minimum security systems required by law. Such security systems are suitable to grant confidentiality, integrity and security of personal data both technically and organisationally and to prevent alteration, loss, unauthorised treatment or access. According to principle of data minimization, that data collected and processed should be used only if adequate, relevant and limited to what is necessary for the purposes for which they are processed and in any case according to the will of the person involved. Under art. 13 paragraph 2 let. a) of Regulation EU 2016/679, the Data Controller will retain the data only for as long as is necessary to fulfil the above mentioned purposes and in any case not later than 2 years from their collection.

4. Access to Personal Data Under art. 13 let. e) of Regulation EU 2016/679 it should be noted that the collected data shall not be divulged, sold to, or exchanged with third parties with the exception of consultants and IT technicians, as persons in charge of the treatment or external processors of the treatment to allow the performance of activities functional to the company. In this case, the use of the data by third parties must takes place in full compliance with the principle of correctness, lawfulness and transparency and pursuant to the law in force and, in particular, the one under art. 28 of Regulation EU 2016/679. The updated list of external processors and persons in charge of the treatment is kept at the headquarter of Data Controller. Without your express consent (art. 6 paragraph 1 let. b) and c) of Regulation EU 2016/679), Data Controller may communicate your personal data for the purposes of art. 2.A) to judicial and/or administrative authorities as well as to subjects to whom the communication is mandatory by law to fulfill such purposes. Said parties will treat data as autonomous Data Controller.

5. Data Subject’s rights As Data Subject, under art. 13 paragraph 2 let. b) of Regulation EU 2016/679 you have the right to freely access the data (art. 15 of Regulation EU 2016/679), to update them (art. 16 of Regulation EU 2016/679), to erase them (art. 17 of Regulation EU 2016/679), to limit their processing (art. 18 of Regulation EU 2016/679), to oppose their treatment (art. 21 and 22 of Regulation EU 2016/679), and the right to data portability (art. 20 of Regulation EU 2016/679). As Data Subject, you may exercise your rights by contacting Kompunet Informatica S.r.l. based in Senigallia, Strada della Marina 2/7, as Data Controller, using data hereinafter indicated. Moreover and in any case, you have the right to lodge a complaint with a supervisory authority according to Regulation EU 2016/679 and in particular, under its art. 77, with the competent authority of the Member State where you regularly reside or work, or where the alleged violation occurred, without prejudice to the right to appeal to the competent ordinary judicial authority.

Data Controller contact details: 
Kompunet Informatica S.r.l. placed in Senigallia (AN), VAT number 01588770428.