General Privacy Information by Chiman Srl
Information provided pursuant to Reg.EU 2016/679 (GDPR), Art.13 and pursuant to Italian D.Lgs. 196/2003, as modified by Italian D.Lgs. 101/18
- GENERAL INFORMATION
The Data Subjects are informed of the following general profiles, valid for all areas of treatment:
- all the data of the subjects with whom we interface are treated in a lawful, correct and transparent manner, in compliance with the general principles set out in Art.5 of the GDPR;
- specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access, pursuant to Article 32 of the GDPR.
References and rights of the Data Subjects:
The Data Controller is the undersigned Organization, in person of the pro-tempore legal representative, to whom it is possible to contact to exercise all the rights foreseen by art.15- 21 of the GDPR (right of access, rectification, cancellation, limitation, portability, opposition), as well as revoke a previously granted consent;
Data Conteoller Name:
Chiman Srl Via Reggio Calabria 12, Loc. La Palazzina 29010 Rottofreno (PC) ITALY
Ph/Fax: 0039 (0)523 761157
In case of failure to reply to their requests, the interested parties can propose a complaint to the Supervisory Authority for the protection of personal data (GDPR – Art.13, paragraph 2, letter d).
2) DATA PROCESSING CONNECTED TO THE RELATIONSHIPS WITH CUSTOMERS AND SUPPLIERS
2.1 Object of the processing
The Company processes personal identifying data of customers / suppliers (for example, name, surname, company name, personal / fiscal data, address, telephone, e-mail, bank and payment details) and its operative contacts (name surname and data contact information) acquired and used for managing the services provided by the Company.
2.2 Purposes and legal basis of the processing
Data are processed to:
- manage contractual / professional agreements, as well as manage the necessary communications connected to them;
- fulfill the obligations established by law, by a regulation, by the community legislation or by an order of the Authority;
- exercise a legitimate interest of the Controller (for example: the right of defense in court, the protection of credit positions; the ordinary internal operating, management and accounting needs).
Failure to provide the aforementioned data will make it impossible to establish the relationship with the Controller. The aforementioned purposes represent, pursuant to Article 6, commas b, c, f, suitable legal bases for the lawfulness of the processing. If it is intended to carry out treatments for different purposes, it will be required a specific consent from the data subjects.
2.3 Methods of the processing
The processing of personal data is carried out by means of the operations indicated in Art. 4 n. 2) GDPR and exactly as: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Personal data are subjected to both paper and electronic and / or automated processing. The Data Controller will process personal data for the time necessary to fulfill the purposes for which it was collected and related legal obligations.
2.4 Scope of the processing
The data are processed by internal regularly authorized subjects and instructed pursuant to Article 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise indications on any external subjects operating as managers or independent data controllers (consultants, technicians, banks, transporters, etc.).
3) POLICY UPDATING
It should be noted that this information may be subject to periodic review, also in relation to the relevant legislation and jurisprudence. In the event of significant changes, appropriate evidence will be given in the home-page of the site for a suitable time. In any case, the interested party is invited to periodically consult the present policy.