Privacy Policy

EBANISTERIA MARELLI S.R.L.
TREATMENT OF PERSONAL DATA
PRIVACY POLICY
INFORMATION MADE PURSUANT TO ARTICLE 13 OF THE GDPR (GENERAL DATA PROTECTION REGULATION) 2016/679

 

In compliance with the provisions of EU Reg. 2016/679 (European Regulation for the protection of personal data) we provide you with the necessary information regarding the processing of the personal data provided. The information is not to be considered valid for other websites that may be consulted through links on the websites of the owner, who is not to be considered in any way responsible for the websites of third parties. This is an information that is provided pursuant to art. 13 of EU Reg. 2016/679 (European Regulation for the protection of personal data) and is also inspired by the provisions of Directive 2002/58 / EC, as updated by Directive 2009/136 / EC, on the subject of Cookies as well as provided for by the Provision of the Guarantor Authority for the protection of personal data of 08.05.2014 regarding cookies.

 

SPECIFIC INFORMATION

Specific information may be presented on the pages of the Site in relation to particular services or processing of the Data provided.

Cookies - For more information on the cookies used by this website, see the cookies policy at the following link.

 

THE HOLDER OF THE TREATMENT

Pursuant to art. 4 and 24 GDPR, the Data Controller is Ebanisteria Marelli s.r.l. with registered office in Viale Lombardia 100, 22063 Cantù (Co), in the person of the pro-tempore legal representative. The contact email of the Data Controller is: info@ebanisteriamarelli.it

 

DATA PROCESSED, PURPOSE AND LEGAL BASIS OF THE PROCESSING

Processable personal data: "personal data": any information relating to an identified or identifiable natural person ("data subject"); the natural person is considered identifiable who can be identified, directly or indirectly, with particular reference to an identifier such as the name, an identification number, location data, an online identifier or one or more characteristic elements of his physical identity, physiological, genetic, psychic, economic, cultural or social.

As part of the activity, personal identification data are processed, such as name and surname, social security number, address, telephone / fax, e-mail, bank and payment references, for the following purposes:

  1. fulfill the pre-contractual and contractual obligations connected to the requested service;
  2. fulfill the obligations established by laws or regulations, by community legislation, by requests from the judicial authorities;
  3. exercise the rights of the owner, including, for example, the right to defense in court;
  4. only in the presence of specific consent, for marketing purposes (sending e-mails, text messages, newsletters to promote products or services offered by the Data Controller).

The legal basis that legitimizes the processing of the data referred to in point 1. is the execution of the contract of which the customer is a party, or the performance of pre-contractual activities at the request of the customer; for point 2. the legal basis is represented by the fulfillment of legal or regulatory obligations; for point 3. the legal basis is represented by the pursuit of the legitimate interest of the data controller. For point 4., otherwise, the legal basis is the consent freely given by the Customer.

 

NATURE OF THE PROVISION

The provision of personal data relating to the processing is optional. However, failure to provide the data, partial or total, may result in the partial or total impossibility of establishing or continuing the relationship with the Customer, to the extent that such data are necessary for the execution of the same. The provision of data for marketing purposes is also optional. The customer can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case he will not be able to receive newsletters, commercial communications and advertising material in general relating to the services offered by the Data Controller.

 

RECIPIENTS OR POSSIBLE CATEGORIES OF RECIPIENTS OF THE PERSONAL DATA

The processing of customer data is carried out by the Data Controller's internal staff (employees, collaborators, etc.), identified and authorized for processing according to instructions that are given in compliance with current legislation on privacy and data security. If this is necessary for the purposes listed above, the Customer's personal data may be processed by third parties appointed as Data Processors (pursuant to Article 28 of the GDPR) or "independent" Data Controllers, and more precisely: by professionals, companies, associations o professional firms that provide the Owner with assistance or advice for administrative, accounting, tax purposes; by all Public Institutions established by law and more generally by all Bodies provided for by the current accounting and tax legislation as recipients of mandatory communications; by banks for collections and payments as well as by any professionals, for the management of payments by credit cards or electronic payment tools in general, postal couriers and for any credit recovery. In any case, the Customer's personal data are not subject to disclosure.

 

TRANSFER OF DATA TO A THIRD COUNTRY OR INTERNATIONAL ORGANIZATIONS

As part of the management of the contractual relationship, no transfer of Customer data to third countries outside the EU or to international organizations is envisaged.

 

DATA RETENTION PERIOD OR CRITERIA FOR DETERMINING THE PERIOD

The processing will be carried out in an automated and manual form, with methods and tools aimed at guaranteeing maximum security and confidentiality.

In compliance with the provisions of art. 5 paragraph 1 letter. e) of EU Reg. 2016/679, the personal data collected will be stored according to the terms of the law, unless otherwise requested by the interested party.

 

RIGHTS OF THE INTERESTED PARTY

In his capacity as interested party and in relation to the treatments described in this Notice, the Customer has the rights referred to in articles 7, from 15 to 21 and 77 of the GDPR and, in particular, the:

  • right of access - Article 15 of the GDPR: the right to obtain confirmation as to whether or not personal data concerning the Customer is being processed and, in this case, to obtain access to such personal data, including a copy of the same;
  • right of rectification - Article 16 of the GDPR: the right to obtain, without undue delay, the rectification of inaccurate personal data concerning the Customer and / or the integration of incomplete personal data;
  • right to cancellation (right to be forgotten) - Article 17 of the GDPR: right to obtain, without undue delay, the cancellation of personal data concerning the Customer;
  • right to limitation of treatment - Article 18 GDPR: right to obtain the limitation of treatment, when: the interested party disputes the accuracy of personal data, for the period necessary for the Data Controller to verify the accuracy of such data; the processing is unlawful and the interested party opposes the deletion of personal data and instead requests that its use be limited; personal data are necessary for the interested party to ascertain, exercise or defend a right in court; the interested party opposed the processing pursuant to art. 21 GDPR, in the period of waiting for the verification of the possible prevalence of legitimate reasons of the Data Controller with respect to those of the interested party;
  • right to data portability - article 20 GDPR: right to receive, in a structured format, commonly used and readable by an automatic device, the personal data concerning the Customer provided to the Data Controller and the right to transmit them to another Data Controller without impediments, if the processing is based on consent and is carried out by automated means. Furthermore, the right to obtain that the Customer's personal data are transmitted directly to another Data Controller if this is technically feasible;
  • right to object - article 21 GDPR: the right to object, at any time for reasons connected to your particular situation, to the processing of personal data concerning the User based on the condition of lawfulness of the legitimate interest or the execution of a task of public interest or the exercise of public powers, including profiling, unless there are legitimate reasons for the Data Controller to continue the processing that prevail over the interests, rights and freedoms of the interested party or for the assessment, exercise or defense of a right in court. Furthermore, the right to object to processing at any time if personal data are processed for direct marketing purposes, including profiling, to the extent that it is connected to such direct marketing;
  • right of revocation - article 7 of the GDPR: the Customer has the right to revoke his consent at any time. The withdrawal of consent does not affect the lawfulness of the processing based on consent before the withdrawal;
  • right of complaint - Article 77 GDPR: the Customer has the right to lodge a complaint with the Guarantor Authority for the protection of personal data, Piazza Venezia 11, 00187, Rome (RM).

The Customer may at any time exercise his rights by sending a registered letter with return receipt. to: Ebanisteria Marelli Srl, Viale Lombardia 100, 22063 Cantù (Co), or an email to: info@ebanisteriamarelli.it

The exercise of rights by the Customer is free of charge pursuant to Article 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Data Controller may charge the Customer a reasonable fee, in light of the administrative costs incurred. to handle your request, or deny the satisfaction of your request.

 

LEGISLATIVE REFERENCES AND USEFUL LINKS

The processing of your personal data is carried out by Ebanisteria Marelli s.r.l. in full compliance with the regulations on the matter provided for by the General Data Protection Regulation (EU) 2016/679, the rules on the processing of Italian personal data and the provisions of the Italian Supervisory Authority (http: //www.garanteprivacy. it).

 

CHANGES TO THE PRIVACY POLICY

The owner reserves the right to modify, update, add or remove parts of this privacy policy at its discretion and at any time. The interested party is required to periodically check for any changes to this page.

 

Information updated on: 07/16/2019

To Top