- General information
Gruppo Sinergia S.r.l., with registered office in Viale Artigianato, 32 – 37064 Povegliano Veronese (VR), registered with the Verona Chamber of Commerce under number VR – 372994, tax code and VAT number 03879570236 (hereinafter also referred to as the “Company” for brevity) hereby informs you (hereinafter also referred to as the “User”) that, for the purposes set out below, it will process your personal data (or that of the company/firm you represent if acting on behalf of the same), which you provided. Only the data necessary for the pursuit of the purposes indicated in this policy shall be requested and processed. Please note that you must only provide your data and/or data of the Company represented by you. If you are acting on behalf of a Company, the activities envisaged in this policy shall be carried out in relation to the Company using the data you have provided, thus consenting to the processing (where consent is required) on behalf of the Company you represent./p>
- Purpose and legal basis
The Company will be processing your data:
- A in order to, with your consent, be able to address your request for information and do everything necessary to fulfil your request; the legal basis of the data processing is consent.
- B in order to fulfil an obligation imposed by law, regulation or EU legislation ; the legal basis is fulfilling a legal obligation;
- C for legitimate interests such as to assert or defend a right of the Company; the legal basis of the data processing is the pursuit of legitimate interests.
- Compulsory provision of data
The provision of data for the purposes referred to in point 2, lett. A of the policy is optional, however failure to provide such data will make it impossible to address your request. The provision of data necessary for the purposes referred to in point 2, lett. B and C of this policy is necessary; failure to provide such data will make it impossible to process the data and therefore to address your request.
- Categories of data recipients
The data collected and processed for the purposes referred to in point 2, lett. A may be shared with forwarding agents, where a request to receive informative material in hard copy is submitted. For the purposes of point 2, lett. B of this notice, the data may be disclosed, if necessary, to public bodies, judicial bodies and police forces.
For the purposes of point 2, lett. C of this policy, the data may be disclosed, if necessary, to lawyers-legal advisers, public bodies, judicial and police bodies and to the post office (which may have access to the relevant address to be able to send written notices)
The Company shall only disclose data that are indispensable for the pursuit of the individual purposes set out in this policy.
The Company may then appoint (and, thereby disclose the data to) all those specifically delegated to data processing to process the data on its behalf, each one only processing indispensable data (employees of the sector to which the request is addressed, employees in charge of managing the site, also external to the Company, consultants, also external to the Company – e.g. legal consultants, computer technicians, employees of information systems, also external to the Company, employees in charge of relations with the public, also external to the Company). The Company has also identified Data Processors (also appointed by the Company), who may only have access to the data required to carry out the tasks assigned to them (such as IT outsourcing and site management companies, call centers and, more generally, companies or firms that carry out activities that are instrumental to those of the Company such as, for example, consulting companies or firms). The list of such data processors can be obtained by contacting the Company using the contact details provided in point 6 of the policy.
- Data retention
Your data may be stored and processed by the Company for as long as required for pursuing the purposes set out herein. The retention period is as follows:
– in relation to legal obligations, regulations and EU legislation, data may be retained for the time periods required by these regulatory sources;
– in relation to the purposes referred to in point 2 lett. A of this policy, the data may be retained until the request for information has been fulfilled;
– in any case, all data may be retained for a period necessary to enforce or defend a right of the Company under Italian and European law.
- Data Controller and Data Protection Officer
The Data Controller is Gruppo Sinergia S.r.l., with registered office in Viale Artigianato, 32 – 37064 Povegliano Veronese (VR), registered with the Verona Chamber of Commerce under number VR – 372994, tax code and VAT number 03879570236, e-mail: firstname.lastname@example.org
We hereby inform you that the GDPR allows the data subject to request to the Company (using the contact details provided above) full access to its personal data and the rectification of such data, the data erasure, a restriction to the data processing, and the right to data portability; the data subject may also object to the processing of its data, again by contacting the Company, and exercise the other rights set forth in Chapter 3, Section 1 of the GDPR, including that of revoking consent, where envisaged: revocation of consent shall not however affect the lawfulness of the processing based on the consent given before revocation.
If the User believes that the processing of its personal data violates the provisions of the GDPR and privacy regulations, it may in any case lodge a complaint with the Italian Data Protection Authority, whose contact details may be found at www.garanteprivacy.it.
- Processing procedures
We hereby inform you that the data will be processed on the basis of computerised and paper/manual instruments, and that suitable protection systems will be adopted to safeguard confidentiality. All data shall be stored and processed in a manner that will fully protect confidentiality in compliance with all the regulations in force (and therefore also in accordance with the principles of fairness, lawfulness and transparency and protection of confidentiality and rights) and strictly in the pursuit of the purposes set out in this policy. Only the operations necessary to pursue the purposes set out in this policy shall be carried out on the data. The data shall be stored, as far as the Company is concerned, at its headquarters or server farm and as far as the data processors are concerned, at their headquarters or server farms. Any data disclosed to third parties will be stored and processed by them independently. The data will also be arranged in databases, including computerised databases.
Policy updated as of 12/04/2022