GEMM Srl, based in Codognè (TV), via del Lavoro 37 – fraz. Cimavilla, tel. 0438.778504, as personal data processing Controller (hereinafter Controller), hereby issues this policy to the interested party in compliance with European and Italian regulations on personal data protection.
Processing Purposes and Legal Basis
The Data Controller processes personal data for various purposes:
- 1) respond to requests sent through this form, for example to obtain information on its products or services (including sending the brochure, catalogue and/or other company information material), to get a quote, etc.: in this case, consent is not required because the processing is necessary to respond to such requests;
- 2) use the contact details of the interested party (e-mail address, landline and mobile telephone number, postal address) to conduct opinion and satisfaction surveys, send commercial communications containing information on its products or services, as well as promotions or invitations to events in which the Data Controller will participate: for this purpose, the express consent of the interested party is required.
Data retention period
The Data Controller intends to process the data according to the following time criteria:
- if information is requested, the data will be processed for the time necessary to give feedback; if a quote is requested, however, the data will be processed for a maximum time equal to double the period of effectiveness of the proposal, without prejudice to further storage for the time necessary for the settlement (however reached) of any disputes that may have arisen;
- for the purposes referred to in point 2), the data will be processed for twenty-four months from the last communication, regardless of the channel used: the interested party may withdraw consent or in any case oppose the processing at any time;
Nature of the provision of data and consequences in case of refusal
The provision of data for the purposes referred to in point 1) is necessary and therefore any refusal to provide it in whole or in part may make it impossible for the Data Controller to pursue the aforementioned purposes. The provision for further purposes is optional: if not provided, the Data Controller will not be able to carry out the corresponding activities but will still be entitled to pursue the purposes referred to in point 1).
Categories of recipients
The Data Controller will not disclose the data, but intends to communicate it to internal figures authorized to process the data according to their respective duties, as well as to commercial agents, credit institutions, credit insurance, credit recovery, commercial information, factoring and consultancy companies, associations and/or business organizations, professionals or service companies, as well as to public and private bodies, also following inspections and verifications.
Should said recipients process data on behalf of the Data Controller, they will be appointed as data processors with a specific contract or other legal deed.
Data transfer to a third country and/or an international organization
Personal data will not be transferred either to non-European third countries or to international organizations.
Rights of interested parties
Interested parties have the right to ask the Data Controller to access their personal data and to rectify it if inaccurate, to delete it or limit processing thereof if the conditions are met, to oppose processing for legitimate interests pursued by the Data Controller, as well as to obtain the portability of data personally provided only if subject to automated processing based on consent or contract Interested parties also have the right to revoke the consent given for the processing purposes that require it, without prejudice to the lawfulness of processing carried out up to the time of revocation.
To exercise their rights, interested parties can use the form available here and send it to the Data Controller at the following address: email@example.com. Interested parties also have the right to file a complaint with the competent supervisory authority on the subject, the Guarantor for the protection of personal data (www.garanteprivacy.it).