delfiero@delfiero.net
+39 339 8914899  |   +39 091 5083502
  • Cart
  • 0
    No products in cart
    Total Order:
    € 0,00
  • € 0,00
Home Privacy policy

PRIVACY POLICY

 
INFORMATION ON THE PROCESSING OF PERSONAL DATA
pursuant to art. 13 of Legislative Decree 30 June 2003 n. 196 and art. 13 of EU Regulation n. 2016/679

Delfiero s.r.l., with registered office at Via Galletti 136/R, 90121 Palermo (PA), VAT and Tax Code 03849710821, (hereinafter, the “Data Controller”), as data controller, informs you pursuant to art. 13 of Legislative Decree no. 196 of 30 June 2003 (hereinafter, the “Privacy Code”) and art. 13 of EU Regulation no. 2016/679 (hereinafter, the “GDPR”) that your data will be processed in the manner and for the following purposes:

1. Object of the Processing
The Data Controller processes personal, identifying data (for example, name, surname, company name, address, telephone number, email address, bank and payment details), hereinafter referred to as "personal data" or "data" communicated by you when entering into contracts for the Data Controller's services.

2. Purpose of the processing
Your personal data are processed:
a. without your express consent (Article 24, letters a), b), and c) of the Privacy Code and Article 6, letters b), and e) of the GDPR), for the following Service Purposes:
- conclude contracts for the Data Controller's services;
- fulfill pre-contractual, contractual and tax obligations arising from existing relationships with you;
- fulfill obligations established by law, by a regulation, by community legislation or by an order of the Authority (such as for example in anti-money laundering matters);
- exercise the rights of the Data Controller, for example the right to defense in court;
b. only with your specific and distinct consent (Articles 23 and 130 of the Privacy Code and Article 7 of the GDPR), for the following Marketing Purposes:
- send you via email, post and/or text message and/or telephone contacts, newsletters, commercial communications and/or advertising material on products or services offered by the Data Controller and survey the level of satisfaction with the quality of the services;
- send you commercial and/or promotional communications from third parties (for example, business partners, insurance companies, other associated or group companies) via email, post and/or text message and/or telephone contact.
We would like to inform you that if you are already our customer, we may send you commercial communications relating to the Data Controller's services and products similar to those you have already used, unless you object (Article 130, paragraph 4, of the Privacy Code).

3. Processing methods
Your personal data is processed using the operations indicated in Article 4 of the Privacy Code and Article 4(2) of the GDPR, specifically: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure, and destruction of data. Your personal data is subject to both paper-based and electronic and/or automated processing.
The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and in any case for no longer than 10 years from the termination of the relationship for Service Purposes and for no longer than 2 years from the collection of data for Marketing Purposes.

4. Access to data
Your data may be made accessible for the purposes referred to in art. 2.A) and 2.B):
- to the Data Controller's employees and collaborators in Italy and abroad, in their capacity as persons in charge and/or internal data processors and/or system administrators;
- to third-party companies or other entities (for example, credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, etc.) that carry out outsourcing activities on behalf of the Data Controller, in their capacity as external data processors.

5. Communication of data
Without the need for express consent (pursuant to Article 24, letters a), b), and d) of the Privacy Code and Article 6, letters b) and c) of the GDPR), the Data Controller may communicate your data for the purposes referred to in Article 2(a) to supervisory bodies (such as IVASS), judicial authorities, insurance companies for the provision of insurance services, as well as to those parties to whom communication is required by law for the fulfillment of the aforementioned purposes. These parties will process the data in their capacity as independent data controllers.
Your data will not be disclosed.

6. Data transfer
Personal data is stored on servers located in Italy (IT), within the European Union. It is understood that the Data Controller, if necessary, will have the right to move the servers outside the EU. In this case, the Data Controller hereby ensures that the transfer of data outside the EU will take place in accordance with applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.

7. Nature of the provision of data and consequences of refusal to respond
Providing data for the purposes referred to in Article 2(a) is mandatory. Without it, we will not be able to guarantee the Services referred to in Article 2(a). 3. Providing data for the purposes referred to in Article 2(c) is optional. You may therefore decide not to provide any data or to subsequently object to the processing of data already provided. In this case, you will not be able to receive newsletters, commercial communications, and advertising material relating to the Services offered by the Data Controller. However, you will continue to be entitled to the Services referred to in Article 2(a).

8. Rights of the interested party
As the data subject, you have the rights set forth in Article 7 of the Privacy Code and Article 15 of the GDPR, specifically the rights to:
I. obtain confirmation of the existence or otherwise of personal data concerning you, even if not yet recorded, and their communication in an intelligible form;
II. obtain information on: a) the source of the personal data; b) the purposes and methods of processing; c) the logic applied in the event of processing carried out with the aid of electronic means; d) the identification details of the data controller, data processors, and the designated representative pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR; e) the entities or categories of entities to whom the personal data may be communicated or who may become aware of it in their capacity as designated representative in the territory of the State, data processors, or persons in charge of processing;
III. obtain: a) the updating, rectification, or, where applicable, integration of the data; b) the deletion, anonymization, or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data was collected or subsequently processed; c) certification that the operations referred to in letters a) and b) have been brought to the attention, including their content, of those to whom the data was communicated or disseminated, except where such compliance proves impossible or involves a manifestly disproportionate effort compared to the right being protected;
IV. object, in whole or in part: a) for legitimate reasons, to the processing of your personal data, even if pertinent to the purpose of collection; b) to the processing of your personal data for the purpose of sending advertising or direct sales materials or for conducting market research or commercial communications, through the use of automated calling systems without the intervention of an operator, by email and/or through traditional marketing methods such as telephone and/or post. Please note that the data subject's right to object, set out in point b) above, for direct marketing purposes via automated methods extends to traditional methods and that, in any case, the data subject retains the right to object even in part. Therefore, the data subject may decide to receive communications only via traditional methods, only automated communications, or neither type of communication. Where applicable, the data subject also has the rights set forth in Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to restriction of processing, right to data portability, right to object), as well as the right to lodge a complaint with the Guarantor Authority.

9. How to exercise your rights
You may exercise your rights at any time by sending:
- a registered letter with return receipt to: Delfiero s.r.l. - Via Galletti 136/R, 90121 Palermo (PA);
- a certified email to the PEC address: delfierosrl@pecsoluzioni.it

10. Owner, manager and persons in charge/strong>
The Data Controller is Delfiero s.r.l., with registered and operational headquarters at Via Galletti 136/R, 90121 Palermo (PA). The updated list of data processors and data controllers is kept at the Data Controller's registered office.

Read the full text of the EU Regulation No. 2016/679