NOTICE OF PERSONAL DATA PROCESSING IN ACCORDANCE WITH ARTICLE 13 OF EU REGULATION 2016/679
LVS SOLUTION Srl (hereinafter “Data Controller”), in accordance with Article 13 of EU Regulation n. 2016/679 (hereinafter “GDPR”) informs you that your personal data and the other data provided by you, will be processed observing the Regulation above mentioned and the privacy obligations that the Data Controller must observe.
In particular, we inform you of the following.
1. Subject of the processing
The Data Controller treats the personal data provided by the client (for example: name, surname, business name, address, telephone number, email, bank account number, tax code, VAT number, hereinafter “personal data” or “data”) for the following reasons:
- Existence of a commercial agreement between the client and the Data Controller;
- Legitimate interest.
2. Purposes and legal basis of the processing
Your personal data are processed for the following purposes:
- To fulfil the contractual and financial obligations established with you in the contract;
- To fulfil the obligations provided by law, by regulations, by the community law or by an authority order;
- To use Data Controller’s rights (for example: the right of defence in court)
Your authorization is not required for these purposes since the processing is necessary to fulfil the contractual obligations, to fulfil the services required by you, and also to observe legal obligations.
The legal basis of data processing lies in the existence of an agreement between you and the Data Controller, observing the rights and the obligations provided by law.
3. Processing methods
The processing of your personal data is achieved by following the operations referred to in Article 4 n. 2) of GDPR and, precisely by: data collection, registration, organization, conservation, elaboration, modification, selection, extraction, comparison, use, interconnection, block, communication, cancellation, and data destruction.
Data processing will be carried out in manual or automated form by authorised users, observing the safety measures referred to in Article 32 and Article 29 of GDPR.
4. Duration of the processing
The Data Controller will treat the client’s personal data for the entire duration of the contractual relationship, in order to fulfil the purposes mentioned before. The personal data will be collected for the period of time provided by law and in accordance with the period of prescription of the contractual relationship, except for the possibility to keep the data the necessary time to solve the eventual legal disputes rise up.
The duration of data preservation for the management of contracts for goods and services is, at least, of 10 years from the contract deadline.
5. Access to the data
In accordance with the purposes referred to in Article 2, your personal data may be accessible to:
- The Data Controller’s employs and partners, acting as person authorised to data processing;
- Third societies and other subjects (for example: financial institutes, professional studios, consultants, assurance societies etc.) who carry out consulting activities or outsourcing activities on behalf of the Data Controller, acting as outer person in charge of data processing;
6. Communication and spreading of the data
Except as stated in Article 5, the collected data will not be spread and it will not be communicated without your explicit consent, except for the purposes referred to in Article 2 – necessary communication for financial, administrative and legal reasons in order to fulfil the above-mentioned purposes.
7. Nature of the provision of personal data and consequences if rejected
The provision of personal data for the purposes referred to in Article 2 is mandatory. In the absence of it, the Data Controller can’t assure the contractual fulfilment of the service.
8. Rights of the participant
The client has always the right to ask the Data Controller the access to its personal data (Article 15), data rectification (Art. 16) or data erasure (Art. 17), the restriction of processing (Art. 18) or the objection to data processing based on legitimate interest (Art. 21).
If the processing is based on authorization, you will have the right to deny the consent in every moment without compromising the integrity of the processing, based on the consent given before the annulment.
You have also the right to file a complaint to the Guarantor for the privacy of your personal data, whenever you believe that your data processing is breaking the GDPR or the Italian notice (www.garanteprivacy.it).
9. Procedure for exercising rights
You may exercise your rights by sending:
- An email to: email@example.com
- A registered mail to the following address: LVS SOLUTION Srl – Titolare del Trattamento dei dati Personali – Via Annoni 5 – 20037 Paderno Dugnano (MI)