The data holder is Simem S.p.A. with registered and operating offices at Viale dell’Industria, 24 – 37046 Minerbe (Verona) (hereinafter the Holder).
PURPOSE OF DATA PROCESSING
In accordance with the obligations of the regulations in force, we inform you that Simem S.p.A processes personal data for performing standard company activities, such as the following:
a) for drawing agreements;
b) for fulfilling the obligations and executing the operations given in the signed agreements;
c) for placing supply orders;
d) for fulfilling the obligations and the tasks given by the law in force (i.e. administrative, fiscal, accounting obligations and etc,);
e) for supplying and improving the provided services;
f) for managing the technical support service for our traded products;
g) for checking the trends between customers and suppliers;
h) for checking the public lists concerning economical penalties and frauds;
i) for marketing activities such as sending information or promotional materials after getting the consent of the concerned person and according to the law in force.
The data processing for the above-mentioned purposes is based on art. 6 paragraph 1 letter a (consent), letter b (fulfillment of the pre-contractual and contractual obligations), letter c (fulfillment of the legal obligations) of EC Regulations 2016/679.
The data Holder, Simem S.p.A, will process the personal data in accordance with the law provisions in force as well as the principles of adequacy and minimization.
METHODS AND PLACE OF DATA PROCESSING
The Holder adopts the proper security measures to prevent the access, diffusion, modification or destruction of Personal data. The processing is carried out by IT and/or telematic equipment according to organizational and logical methods related to the given purposes. In addition to the Holder, in some cases, other subjects involved in the organization of this Application might access the data (such as administrative, marketing, legal staff and system administrators) or other external subjects that the Holder might appoint as Data Managers. The updated list of the Data Managers can be requested to the Data Holder.
The data is processed at the operating offices of Simem S.p.A. and wherever the involved parts are located.
The User’s personal data might be transferred to a country other than that in which the User is located. The User is entitled to get information relevant to the law concerning the data transfer out of the European Union or the transfer to public international organizations made up by two or more countries, such as the UN, or to get information about the security measures adopted by the Holder to protect personal data.
Data is processed and kept for the time that is necessary to achieve the scope it is collected for, such as the following:
• The personal data collected for purposes connected to the execution of a contract between the Holder and the User will be kept until the execution of the agreement is completed.
• The personal data collected for legitimate interests of the Holder will be kept until the interests themselves are satisfied. The User can get further information concerning the legitimate interest of the Holder by reading the relevant section of this document or by contacting the Holder.
When the processing is based on the User’s consent, the Holder may keep the Personal Data for a longer period unless the consent is withdrawn. The Holder might be forced to keep the data longer in compliance with a legal obligation or an order from an Authority.
At the end of the processing period, the personal data will be deleted. Therefore, at the end of this period, the right of access as well as right of cancellation, modification or transferability can no longer be exercised.
The company is entitled to share the personal data of their employees, customers and suppliers; therefore, the personal data can be accessible by subjects authorized by the company in accordance with the mutual agreements taken for processing personal data.
• Companies that provide financial services;
• Companies and/or external consultants for carrying out other activities (such as managerial operations, collection of economical and financial information, management of IT systems, insurances and management and protection of credit);
• Companies and/or external consultants for fulfilling law regulations (such as accountants, notaries, work consultants);
• Marketing companies, agents and forwarders.
LEGAL BASIS OF DATA PROCESSING
The law guarantees a series of rights relevant to personal data. The company commits to protect the personal data and follow the laws relevant to the privacy of data that are in force. Further information and advice relevant to the rights are given by the Italian Authority for the protection of personal data.
Rights: What does it mean?
1. Right to information
The user is entitled to receive clear, transparent and understandable information about the methods its personal data is used for. That is why information contained in this information note is given.
2. Right of access
The user is entitled to get access to his personal data (if his data is being processed) and other similar information (similar to the information is given in this document). The scope is that the user can know and check if his personal data is used according to the privacy law.
3. Right to Rectification
The user is entitled to have his data corrected if it is incorrect or incomplete.
4. Right to Cancellation
Known as the “right to be forgotten”, it allows one to ask for the cancellation or deletion of data if there is no valid reason to continue using it. It is not a general right to have data deleted; there are exceptions.
5. Right to limit the data processing
The user is entitled to block or prevent further uses of his personal data. When the data processing is limited, the company can keep the information but can’t use it. The company keeps the list of people who requested the “blocking” of further uses of their personal data so that the obligation can be also be respected in the future.
6. Right to transfer the data
The user can get and use his personal data for his purposes in different services. For example, if the user decides to change his suppliers; this right allows one to easily transfer, copy or move the information between IT systems in a safe and secure way and maintain its usability.
7. Right to refuse the processing
The user has the right to object to the treatment of data processing for direct marketing purposes (unless his authorization has been given) and for the processing of data that is carried out for the purpose of protecting the legitimate interests of the company.
8. Right to claim
9. Right to withdraw the consent
If the user has authorized any activities with his personal data, he can withdraw this consent at any time (but, in this case, that does not mean that the data processing carried out with the user’s authorization up to that moment has been illegal). That includes the right to withdraw the use of personal data for marketing purposes.