According to the art. 13 of the EU Regulation n. 2016/679 ("GDPR 2016/679"), laying down provisions for the protection of Persons and other subjects regarding the processing of Personal Data, we wish to inform you that Personal data you provide will be processed in compliance with the aforementioned law and the confidentiality obligations to which AEC SOLUZIONI is bound.
1 - DATA CONTROLLER
The Data controller is AEC SOLUZIONI SRL, based in Turin (Italy), Corso Montevecchio 46, 10129. Email Data Controller: firstname.lastname@example.org.
2 - Types of data collected
The Data controller processes Personal Identification Data (for example: name, surname, email, telephone number - hereafter, "Personal Data" or even "Data"), data relating to your work and professional position, to the company to which you belong, to specific interests of the company itself, provided directly by you when completing the visitor registration form, during your visit to the AEC Soluzioni stand.
3 - Purposes of processing collected data
The collection and processing of personal data is carried out for the preparation, subject to consent, of commercial, promotional, advertising and marketing initiatives, as well as the sending of advertising and / or informational material on the Company's products, services and initiatives, through traditional contacts (such as paper mail, telephone, etc.) and telematics.
4 -Legal basis for processing collected data
The processing of data for the aforementioned purposes is carried out on the basis of consent.
5 - Mode and place of processing collected data
A - Methods of data processing
The Data Controller treats Users Personal Data by taking appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of such Personal Data. Processing is carried out using IT and/or telematic tools, with organizational methods and with related logics to the purposes indicated. In addition to the Data Controller, members of the AEC Soluzioni staff, indicated by the Data Controller as Data Officers, may also have access to the data described above. The updated list of Data Officers can be requested from the Data Controller. The Personal Data Bank is accessible only by the personnel appointed by the Data Controller. (Management of FTP accesses for domains with Aruba hosting service) and through non-automated means (paper archives). Both modes are equipped with appropriate security measures such as custom passwords with exclusive access.
B - Scope of communication and dissemination of data
Personal data processed will not object of dissemination but of communication to well-defined individuals. Based on the roles and tasks performed, internal and external personnel are entitled to treatment within the limits of their competences and in accordance with the instructions given by the Data Controller. The same data will be communicated to the legitimized subjects in accordance with Laws, Regulations and Legislations.
C- Data processing place
Data is processed at the Data Controller operative office and there is no transfer of personal data to countries outside the EU. For more information, please contact the Data Controller at email@example.com.
D - Data processing time
The personal data provided are kept for 60 months.
6 - Nature of data conferment
The data conferment for the aforementioned purposes is optional.
7 - Further information on the data processing
A - Defense in court
The User’s Personal Data may be used for the defense by the Data Controller in court or in the preparatory stages leading to its eventual establishment, by abuses in the use of the same or related services by the User. The User declares to be aware that the Data Controller may be required to disclose the data at the request of Public Authorities.
More information in relation to the processing of Personal Data may be requested at any time to the Data Controller using the contact information.
C - Person concerned rights
The subjects to whom the Personal Data refer have the right to data portability (Article 20 “Right to portability”) and, at any time, to:
- inform the Data Controller of any change related to their Personal Data (Article 15 “Right of access”)
- ask the Data Controller to update, correct or supplement any of their Personal Data in his possession (Article 16 “Right of rectification”)
- ask the Data Controller to cancel, block or limit the processing of their personal data in his possession (Article 17 “Right to cancel”). The User has the right to withdraw the consent at any time. The withdrawal of consent does not affect the legitimacy of any treatment based on consent given before such termination
- to oppose, for legitimate reasons, the way in which their Personal Data are processed (Article 18 “Right to limit the processing”)
Furthermore according to Article 21 “Right to oppose the automated decision-making process of the GDPR 2016/679” the User may exercise his rights writing to the Data Controller at: firstname.lastname@example.org.
D - Complaint
User has the right to lodge a complaint (Article 77 “Right to lodge a complaint with the supervisory authority”) at the Supervisory Authority in the event that his requests for information addressed to the Data Controller have not determined satisfactory answers.
The Authority of reference is the Garante per la protezione dei dati personali: website of Garante Privacy.
8 - Questions
In case of questions or doubts concerning the management of Personal Data or if someone want to exercise the rights provided for in this policy, it’s possible to contact the Data Controller at email@example.com.
A - Legal references