PRIVACY POLICY UPDATED TO GDPR 679/2016
Foreword
Consortium SpA with registered office in via dell'Industria 26, 37038 SOAVE (VR), C.F. and P.Iva 02041370236 (hereinafter, "Data Controller"), as the data controller, informs you pursuant to Article 13 Legislative Decree 30.6.2003 no. 196 (hereinafter, "Privacy Code") and Article 13 EU Regulation no. 2016/679 (hereinafter, "GDPR") that your data will be processed in the following manner and for the following purposes:
The Controller processes personal, identifying and non-sensitive data (in particular, first name, last name, email, telephone number - hereafter, "personal data" or also "data") that you provide when registering on the Controller's website and/or when subscribing to the newsletter service offered by the Controller.
- Allow registration to the website;
- Manage and maintain the website;
- Allow you to subscribe to the newsletter service provided by the Owner and any additional Services you may have requested;
- Fulfilling pre-contractual, contractual and tax obligations arising from existing relationships with you;
- Fulfilling obligations under the law, a regulation, EU legislation or an order of the Authority;
- Prevent or detect fraudulent activity or abuse harmful to the website;
- Exercise the rights of the Owner, such as the right to defense in court.
- Send you by email newsletters, commercial communications and/or advertising material about products or services offered by the Controller. We point out that if you are already our customer, we may send you commercial communications regarding services and products of the Controller similar to those you have already used, unless you disagree (art. 130 c. 4 Privacy Code)
- To employees and collaborators of the Data Controller, in their capacity as appointees and/or internal data processors and/or system administrators;
- To external companies for support activities in the study of the feasibility of the client's project, for technical project management activities, for the storage of personal data, etc.) or to third parties (e.g., providers for the management and maintenance of the website, suppliers, credit institutions, professional firms, etc.) who perform outsourcing activities on behalf of the Controller, in their capacity as external data controllers.
Without your express consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data for the purposes of art. 2.A) to Supervisory Bodies, Judicial Authorities as well as to all other subjects to whom the communication is compulsory by law for the fulfillment of the said purposes. Your data will not be disseminated.
The management and storage of personal data will take place on servers located within the European Union of the Data Controller and/or third party companies contracted and duly appointed as Data Processors. Currently, our servers are located in Italy. The data will not be transferred outside the European Union. It is understood in any case that the Data Controller, should it become necessary, will have the right to move the location of the servers to Italy and/or the European Union and/or countries outside the EU. In this case, the Data Controller assures as of now that the transfer of the data outside the EU will take place in compliance with the applicable legal provisions by entering, if necessary, into agreements that guarantee an adequate level of protection and/or by adopting the standard contractual clauses provided by the European Commission.
The provision of data for the purposes of Article 2.A) is mandatory. Without them, we will not be able to guarantee you either registration to the site or the Services of art. 2.A). On the other hand, the provision of data for the purposes of Art. 2.B) is optional. You may therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, you will not be able to receive newsletters, commercial communications and advertising material inherent to the Services offered by the Owner. In any case, you will continue to be entitled to the Services referred to in Article 2.A).
- Of the origin of personal data;
- Of the purposes and methods of processing;
- Of the logic applied in the case of processing carried out with the aid of electronic instruments;
- Of the identification details of the owner, managers and designated representative under Article 5, paragraph 2 Privacy Code and Article 3, paragraph 1, GDPR; and of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as designated representative in the territory of the State, managers or appointees;
C) Getting:
- The updating, rectification or, when interested, the integration of data;
- The cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
- A) and B) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except where this proves impossible or involves the use of means manifestly disproportionate to the protected right;
D) Oppose, in whole or in part:
- For legitimate reasons to process personal data concerning you, even if relevant to the purpose of collection;
- To the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by email and/or through traditional marketing methods by telephone and/or paper mail. It should be noted that the data subject's right to object, set forth in point B) above, for direct marketing purposes through automated modalities extends to traditional ones and that, in any case, the possibility for the data subject to exercise the right to object even partially remains unaffected. Therefore, the data subject may decide to receive only communications by traditional means or only automated communications or neither type of communication.
- Where applicable, it also has the rights under Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to restrict processing, right to data portability, right to object), as well as the right to complain to the Data Protection Authority.
- A registered letter with return receipt addressed to: Consortium SpA, Via dell'Industria 26, 37038 SOAVE (VR).
- An e-mail to consortium@consortiumspa.net
- A PEC to the address: consortiumspa@cert.neispa.com
This site and the Owner's services are not intended for minors under the age of 18, and the Owner does not intentionally collect personal information referring to minors. In the event that information about minors is unintentionally recorded, the Owner will delete it in a timely manner upon users' request.
The Data Controller is Consortium SpA, via dell'Industria 26, 37038 SOAVE (VR). The updated list of data processors and processors is kept at the Data Controller's office.
This Policy is subject to change. Therefore, we recommend that you check this Policy regularly and refer to the most current version.
CONSORTIUM S.p.A. Registered office : Via dell'Industria, 26 37038 Soave VR T 045 6102888 r.a. F 045 6102877 E consortium@consortiumspa.net www.consortiumspa.net
Verona Business Register, registration no. 02041370236 Share Capital Euro 600,000.00 i.v.
