INFORMATION ON THE PROCESSING OF PERSONAL DATA
This information document describes the management and treatment modalities applied by the company SO.DI.P. S.p.A. (The Data Controller) to the personal data that will be conferred using the service “Subscription” (the “Service”), accessible from our website www.sodip.it (the “Website”).
The Data Controller
The Data Controller is the company SO.DI.P. S.p.A., (VAT and tax code IT 00882460157), with registered office in (24121) Bergamo, via Monte Grappa n. 7, R.E.A. BG 397165. The data Controller can be contacted via regular mail, via e-mail at the following e-mail address: firstname.lastname@example.org
Purpose and legal basis of processing
Your personal data will be processed – in the first place – in order to provide you the provisions requested through the service, as well as for the fulfillment of the necessary administrative and fiscal obligations related and/or consequent to the supply of the requested provisions and for the fulfillment of eventual obligations provided by laws, regulations and community regulations.
After an expressed and specific consent, your personal data may also be processed in order to send you promotional or publishing communications, communications of information of activities and initiatives of SO.DI.P. S.p.A.
The processing operations will always take place in compliance with the principles of relevance, no- excess, and minimization, in relation to the aims pursued.
Recipients of the data
The data will be processed by the Data Controller, and/or by its employees, coworkers, assistants, or professionals, also external, to this purpose named authorized subjects or Data Processor, and adequately instructed in relation to the purposes and methods of processing
The data can be communicated, for the above specified aims of processing, to third parties belonging to the following groups:
i) local distributors; ii) publishers; iii) Authorities and supervisory and control bodies and in general subjects, public or private, with functions of public relevance (i.e. Communications regulatory Authority, Competition and market Authority, etc.); iv) other subsidiaries or associates to SO.DI.P. S.p.A. that provide functional provisions for the purposes indicated above; v) subjects that provide provisions for the management of the information system of SO.DI.P. S.p.A. and telecommunication networks; vi) subjects that carry out activities of transmission, enveloping, transportation, sorting, delivering of communications with the interested party; vii) subjects that carry out activities of documentation storage and data entry; viii) professional firms and companies which carry out activities of assistance and consultancy (i.e. law firms); ix) subjects that carry out activities and duties of control, revision and certification of activities of SO.DI.P. S.p.A.; x) legal or administrative authorities, for the fulfillment of legal obligations; xi) only prior to manifestation of expressed and specific consent; subject that supply per e-mail, fax or ordinary mail, promotional and/or information communications.
The subjects belonging to the above categories will operate in total autonomy, as separate Data Controllers, as Managers appointed for this purpose by SO.DI.P. S.p.A.
The data, finally, can be communicated for the fulfillment of any legal obligations.
Transfer of data
Your personal data are located on computer systems in the European Union.
In any case, it is intended that the Data Controller, if necessary, will have the right to transfer the data also on computer systems located in Third Countries. In this case, the Data Controller hereby ensures that the data will be transferred in accordance with the applicable legal regulations (prior to stipulation of the standard contractual clauses provided for by the European Commission) and prior to the adoption of appropriate and suitable guarantees. The interested party can always contact the Data Controller to obtain a copy of such data.
Your personal data will be kept for the period of the use of service, and subsequently, only for the completion of the services in progress and in any case for the time in which the Data Controller is subject to obligations of conservation for fiscal purposes or for other purposes, provided for by law or regulations.
Rights of the interested party
As an interested party, you have the right to exercise, in the cases expressly provided for by law (art. 15 and ss., EU Regulation 2016/679), the following rights:
(a) ask the Data Controller the access to personal data concerning you, and/or their eventual correction or cancellation;
(b) ask the Data Controller to limit the processing that concerns you, or oppose the treatment;
(c) require the so-called “Portability” of data (their communication in a structured format, commonly used, and readable by an automatic device), also in order to be able to communicate your personal data to another Data Controller;
(d) revoke, at any time, the consent to the processing of data concerning you (without prejudice to the lawfulness of the processing carried out before the withdrawal of consent;
(e) propose a complaint to a supervisory authority (the Authority for the protection of personal data).
Nature of the provision of data
The conferment of data must be intended as mandatory. The unsuccessful conferment of the requested data implies the impossibility for the Data Processor to provide the services.
Automated processes and profiling
Personal data conferred are not subjected to any entirely automated decision-making process, including profiling.