Information upon the processing of your Personal Data
in accordance with art. 13 of the EU Regulation 2016/679 (“GDPR”)
For SCAGLIA S.r.l. (from now on referred to as, the “Company” or “Controller”) the protection of its customers’ personal data, even prospective, and of users of its company website (from now on “Personal Data”) is essential and of utmost importance.
The processing, either automatized or handmade, of Personal Data is made by SCAGLIA S.r.l. in full compliance with rights and protections set by the EU Regulation 2016/679 (from now on referred to as the “Regulation”) and with additional rules applicable in all matters related to the protection of Personal Data.
1. Why is SCAGLIA S.r.l. serving you this information?
According to the Regulation, before starting to process Personal Data, the person whose data refer to must be informed by the Controller about the purposes the data are requested for and the ways such data are used.
You have a Glossary of main terms referred to in this information, containing simple and understandable explanations, as to allow you to understand the matter.
2. Who will process your Personal Data?
Your Personal Data will be processed by SCAGLIA S.r.l., company registration nr. 08589770158 and Vat id code 01795330164 with registered address in Via Guglielmo Marconi 42 zip code 24012, Val Brembilla (province of Bergamo) Italy (from now on referred to as the “Controller”).
3. Which are the purposes your Personal Data are processed for?
3.1. Main purpose
For enabling the reply to the requests of contact and data you entered by means of the “Online Form for Request of Contact”, SCAGLIA S.r.l. needs to collect some of your Personal Data.
The processing of your Personal Data will be upon the Controller in order that you could either receive the requested information or eventually benefit from other services offered from time to time by SCAGLIA S.r.l. website.
3.2. Additional purposes
The Controller could deploy to your attention even promotional, advertising and/or marketing activities (the so called “direct marketing” purposes).
Among them are all of the activities carried out as to promote and advertise products, services, either sold and/or delivered by the Controller of the processing, assuming it has a lawful interest to do so on the basis of its statutory and bylaws objectives.
Direct marketing activities carried out by the Controller is made regardless of your consent, unless you express a formal denial (par. 47 of the Preambles of the Regulation; Art. 6, par. 1, point f) of the Regulation).
The ways/means you could be approached for direct marketing purposes could be either automatized (email), or manually made by personnel (phone calls by duly instructed operators; postage mailing; emailing; social network notification). Nevertheless, as better explained at par. 6 underneath in this Information, you could ever revoke your consent, even partially in relation to some of the purposes. As a mere example, you could keep your consent only for direct marketing activities carried out manually, while revoking the consent for those automatized.
4. Will your Personal Data be communicated to/shared with other entities?
For the correct deployment of all of the activities involved in the processing of your Personal Data for the purposes set in this Information, your Personal Data could be processed by natural persons, being employees or professionals, duly appointed/delegated/committed by the Controller for the execution of specific activities regarding the processing of your Personal Data.
Your Personal Data could be communicated even to:
- Third parties (sales representatives and agents; authorized distributors and dealers operating in the area where the Data Subject is located) who take care of part of the processing and/or by executing subsequent or preparatory or beneficial activities to the first, on behalf of the Controller.
These persons are appointed and act as “Processors” (see art. 4, point 8 of the Regulation)
- Public Entities and Jurisdictional Courts, whenever imposed by law or in order to prevent or to repress criminal events.
As to correctly deploy any of the activities involved in the processing for the purposes set in this Information, your Personal Data could be processed by natural persons, employees of professionals duly appointed/delegated/committed by the Controller, who were assigned to the execution of specific activities related to the processing of your Personal Data.
5. How long will your Personal Data be processed by the Controller??
For the purposes set at par. 3.1 of this Information, your Personal Data will be processed for the shortest period of time, as stated at point 39 of the Preambles in the Regulation; this meaning until the contractual relationship between you and the Controller expires, and except for the case when an additional period of processing is requested by the law as well as stated at point 65 of the Preambles in the Regulation.
For the achievement of the purposes set at par. 3.2 of this Information, the Controllers could lawfully process your Personal Data until when you are to express your will, in any manner as disclosed in this Information, to revoke your consent for one or for all of the purposes the data were requested for.
The eventual revocation of your consent will oblige the Controller to stop any processing to the extent of the revoked purposes.
6. When and how is possible to retire/revoke a formerly expressed consent to the processing?
Whenever you want, totally and/or partially, regardless of the validity and lawfully processing of your Personal Data based on the former consent given before your revocation, by sending an email to the Controller at the address email@example.com, or by clicking the button “unsubscribe” always available in the emails that you are likely to receive at the email address formerly communicated by you.
7. Does the Regulation grant you any right?
Yes, the Regulation grants you basically the possibility to have access to your Personal Data, requesting for their amendment/their update in case they are lacking or erroneous, requesting for their deletion in case the processing happened unlawfully with regard to the Regulation or even to any other laws applicable in this matter, or even to oppose to the processing for whichever lawfully and motivated reason.
In particular, here underneath you find the list of all of the rights you could exercise, whenever you want, to the Controller:
- Right to have access to;
- Right to amend;
- Right to erase;
- Right to restrict somehow the processing;
- Right to the portability;
- Right to make opposition;
- Right to file a claim to the Supervisory Authority;
For the proper exercise of above listed rights you could easily contact the Controller by email at the email address firstname.lastname@example.org.
8. Where will your Personal Data be processed?
Your Personal Data will be processed by the Controller in the territory of the European Union.
> Personal Data
Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (art. 4 n. 1 GDPR).
As a mere example, natural person could be associated to specific online informatic identifiers produced by devices, applications, tools and protocols used, as well as IP addresses, cookies, or identifiers of other nature, as well as rfid tags.
Those identifiers could lead, when matched with other univocal identifiers or other data received on servers, to the construction of natural person profiles and even to the identification of a specific natural person (point 30 in the Preambles of the Regulation)
Is the Regulation UE n. 2016/679 – “General Data Protection Regulation”.
The whole set of information given to the Data Subject by the Controller upon the processing deployed by this last.
> Data Subject
The natural person, as defined by Italian and European laws and regulations, whose data refer to.
Is the entity, either natural or legal persona, who determines the purposes and means of the processing of personal data, here included even the security standard adoption.
> Processing of Personal Data
Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.