EXTENDED INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO REG. (EU) 2016/679 (“GDPR”)
Pursuant to art. 13 of the European Regulation (EU) 2016/679 (hereinafter “GDPR”), and in relation to the personal data of which the firm will become available in the exercise of its business, we communicate the following.
Data controller in simple terms: who processes my data?
The data controller is SKUDOMADE.IT S.r.l. (VAT No. 12031680015), which can be contacted by writing to the email address firstname.lastname@example.org or email@example.com or by calling +39 011 56 57 685 from Italy and +39 331 856 39 82 from abroad.
Personal data processed in simple terms: what data is processed?
The owner processes the “data” of natural persons, legal persons or other entities, such as:
1- those necessary for the negotiation concerning a contract not yet signed by the Customers
2- those provided for the purpose of stipulating and executing a contract (even if relating to third parties such as employees and collaborators of our Customers)
3- those relating to suppliers, collaborators and employees
Such data, if not provided directly by the interested party, is retrieved from publicly accessible sources or obtained by browsing the internet.
The owner does not request and normally does not process “particular categories of data” of its customers (eg data revealing racial or ethnic origin, political opinions, and religious or philosophical beliefs, trade union membership, genetic data, biometric data – intended to uniquely identify a natural person, data relating to the health or sexual life or sexual orientation of the person).
Purpose of the processing and its legal basis in simple words: why are they processed?
The treatment is aimed at:
1) to the execution of a contract stipulated with the interested party (Article 6 of the GDPR, paragraph 1 letter b)
2) to fulfil a legal obligation of the owner, and in particular:
– to execute the contract and the obligations deriving from it (ex art.1467 cc) (art.6 GDPR, co 1 lett.c)
– for obligations related to the activity of employees and collaborators (remuneration, social security, health surveillance) or collaborators (remuneration) (ibid)
– for obligations of a fiscal or other similar nature, deriving from legal provisions (ibid),
3) for the pursuit of a legitimate interest of the Data Controller (Article 6 of the GDPR, co 1 letter e), such as:
– advertising and promotion and sale of products and services (marketing): in this case, the consent of the interested party is required.
Where the owner has to process “particular categories of data” for the execution of the contract, he will process it with the consent of the interested party exclusively for this purpose.
Consequence of failure to provide data in simple words: what happens if the data is not provided?
The provision of data is mandatory for the conclusion of the contract and / or for its execution (point 1 above).
The refusal to provide data in the pre-contractual phase does not allow the contractual relationship to be established.
The refusal to provide data at a later stage does not allow to fulfil the consequent obligations.
The provision of data, after obtaining consent, is also necessary for marketing activities (point 4 above): the interested party is free to give consent or not, and can revoke it at any time; the provision of data necessary for these purposes is not mandatory and the refusal to provide them does not cause any negative consequences, except for the impossibility of receiving dedicated commercial communications.
Failure to provide “particular categories of data”, or failure to provide consent relating to their processing, when such data is necessary for the execution of a contract (eg: advertising service for a politically engaged artist, also relating to a ‘work of political content) makes it impossible to perform the requested service.
Data retention period in simple words: how long does the owner keep the data?
the data, depending on their type, are stored:
2) as to the data acquired in relation to a contractual proposal: until it can reasonably be considered that the proposal will not be followed up.
3) as for the data acquired in relation to a stipulated contract (before or after the stipulation of the contract):
a) until the end of the assignment (when it is possible to determine this moment)
b) as well as for the next 10 years
there is, in the event of a dispute by or against the Customer, until the dispute is concluded and until the terms of enforceability of the appeals are exhausted.
Data recipients in simple terms: where does the data go, and who can access it?
The data can be communicated to:
– external subjects (the judicial authority or other public authorities that are entitled to obtain them)
– private subjects, on behalf of the client (collaborators and consultants, banks and insurance companies, counterparties and their lawyers …)
– private individuals who are part of the staff, internal or external (who hold the qualifications referred to in articles 28 and 29 of the GDPR), which the owner (employees, collaborators and consultants) uses
– traditional service providers (eg: carriers …) IT service providers in the interest of the owner (eg: e-mail services, cloud computing services, system consultancy …)
– additional subjects for commercial purposes, in the event of an express request from the client (for example: to obtain quotes or advice not provided by the firm).
The data may also be transferred outside the European Union in relation to the subject / provider of the service chosen for the storage of such data (eg: Google Inc., Dropbox Inc.), again after verifying the existence of a judgment. of Adequacy or in any case of the guarantees in terms of data protection granted by the European Union.
Profiling and dissemination of data in simple words: does the owner do strange things with the data?
The owner does not perform profiling or data mining with the data provided by customers.
These data is not disclosed to third parties, unless your express consent or request to do so.
Rights of the interested party in simple words: what can I ask the owner?
The interested party may ask the Data Controller for access to data concerning him, the correction of inaccurate data, the integration of incomplete data, the cancellation of personal data (upon the occurrence of one of the conditions indicated in art.17, par. 1 GDPR and in compliance with the exceptions provided for in par.3 of the same article), the limitation of the processing of your personal data (in the event of one of the hypotheses indicated in art.18, par 1 GDPR), as well as opposing the processing carried out for legitimate interest of the owner.
Furthermore, in the event that the processing is based on consent and is carried out with automated tools, the interested party has the right to receive such data in a structured format to exercise the right to their portability.
The interested party has the right to lodge a complaint with the competent supervisory authority in the Member State in which he habitually resides or works or in the State in which the alleged violation has occurred.
The interested party has the right to revoke the consent given at any time for purposes other than the execution of the contract and to oppose the processing of data processed for the same purposes: the possibility remains for the interested party who prefers to be contacted for the aforementioned purpose exclusively through traditional methods of expressing its opposition only to the receipt of communications through automated methods.
The treatment based on consent and carried out prior to the revocation of the same retains, however, its lawfulness.
All the aforementioned rights involving the Data Controller can be exercised by contacting him:
– or by registered letter with return receipt, to be sent to the physical addresses indicated in the “Data Controller”
– or by PEC sent to the address resulting from the Data Controller’s public registers.
What are cookies?
The owner uses some techniques to provide you with a better browsing experience.
These include cookies, web beacons and other similar technologies.
To help the user better understand these mechanisms, a brief description is provided below.
Cookies: small text files (generally made up of letters and numbers) that are saved in the memory of the browser or of the user’s device when they visit a site or view a message.
Web beacons: small images (also referred to as “pixel tags” or “clear GIFs”) that may be present on our sites, services, applications, systems for sending messages and tools, which normally work with cookies to identify users and their habits.
Similar technologies: technologies that store information in the browser or device using locally shared objects or local storage systems, such as flash cookies, HTML 5 cookies and other software methods for web applications.
Below, we will talk about “cookies” indiscriminately for simplicity.
The cookies and similar technologies we use are necessary for the operation of our website, to improve its performance, provide additional functionality or to allow us to send messages to the user.
– store certain browsing activities (for example: whether a widget has already been displayed or not …)
– store certain user preferences (for example: the language used)
– statistical or traffic analysis purposes on the website
– monitor conversions from Facebook to the website
None of the cookies in use monitors information that can personally identify the user.
Through Facebook, however, advertising messages may be sent in line with the preferences expressed in the context of surfing the net.
Also consult the information on behavioural advertising available on the website youronlinechoices.com:
How to disable or delete cookies
To proceed with the deactivation of cookies and / or choose the level of blocking of the same, the user can use the functionality of his browser, changing its settings.
Below are links that explain how to proceed with this operation with the main most popular web browsers:
SAFARI FOR MAC
SAFARI FOR IOS (IPHONE AND IPAD)
We also remind you that the user always has the option to manually remove the cookies already installed on their fixed or mobile device using browser functions such as “emptying the cache”, “deleting navigation data” or similar.
Information on this can be found at the following links:
SAFARI FOR MAC
SAFARI FOR IOS (IPHONE AND IPAD)
For other mobile terminals please consult the following web page and search for the model of your device: http://www.allaboutcookies.org/mobile/index.html