Object: information on the processing of your personal data pursuant to art. 13 Reg EU 2016/679
Pursuant to and for the purposes of the provisions of Legislative Decree of 30 June 2003, n.196 Code on the protection of personal data (hereinafter the “Code”) and the EU Regulation 2016/679 on Data Protection, we inform you that your personal data will be processed by the Data Controller of the Data Processing as indicated below.
For clarity we list the following definitions:
Processing: any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, registration, organization, structuring, preservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction.
Personal data: any information relating to an identified or identifiable natural person («data subject»); a natural person who can be identified, directly or indirectly, with particular reference to an identifier such as the name, shall be considered identifiable, an identification number, location data, an online identifier or one or more elements characteristic of its physical, physiological, genetic, psychological, economic, cultural or social identity.
1 – DATA PROCESSING HOLDER (hereinafter also referred to as the “Holder” for the sake of brevity)
Legal Name: DEMETRA FORMAZIONE S.R.L
Address: via Meuccio Ruini, 12- 42124 Reggio Emilia (RE)
VAT nr: 02493650358
2 – CONTACT DATA OF THE DATA PROTECTION OFFICER – DPO
3- INTERESTED PARTIES TO DATA PROCESSING
4 – OBJECT, AIMS AND LEGAL BASIS OF DATA PROCESSING
- Browsing data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. These are data of the following types: IP addresses, the type of browser used and other parameters relating to the user’s operating system and IT environment.
These data can be processed, as well as by us, by our external managers for the maintenance of the company information systems.
The processing of your personal data is legitimate as it is necessary to provide you with access and navigation of the site pursuant to art. 6 paragraph 1 letter B and C of EU Regulation 2016/679 on Data Protection. Refusal to this treatment will make it impossible for us to complete the service.
- Contact Form / Request for information
The data that you send from our website for requests for information and contacts: we process this data in order to provide you with the best response. The processing of your personal data is legitimate as it is necessary to provide you with the service you have specifically requested from us pursuant to art. 6 paragraph 1 letter B of EU Regulation 2016/679.
5 – RECIPIENTS OF PERSONAL DATA
Your Personal Data can be made accessible, for the purposes mentioned above or in fulfillment of legal obligations or for carrying out activities instrumental to the purposes mentioned, as well as to Independent Data Protection officers and two other categories of subjects:
- to the workers of the Data Protection Officer, specifically appointed and authorized for this purpose, also as managers, for specific treatments.
- to third-party companies or other third parties who carry out outsourced activities on behalf of the Data Protection Officer, in their capacity as external data processors, specifically appointed and authorized for specific treatments.
The agreements signed with these subjects are aimed to allow only essential treatments and to guarantee the confidentiality, security, and integrity of the data.
Categories of External Data Processors that can be appointed:
- Subjects who perform services of a technical, organizational, professional, and operational nature on behalf of the Data Officer for the achievement of the stated purposes
- Persons who perform IT, legal, administrative-accounting, financial and insurance services, technical and managerial consultancy, verification, control and auditing services on behalf of the Owner to support the achievement of the stated purposes.
- Subjects who perform commercial and marketing services on behalf of the Owner in compliance with the limits and constraints set out in the previous paragraphs.
Personal Data may be transferred to Independent Data Controllers such as Banks, Insurance Companies and Public Control or Supervisory Authorities
6 – TOOLS AND LOGICS OF PERSONAL DATA PROCESSING
In relation to the purposes mentioned here, the processing takes place using manual, IT and telematic tools with logic strictly related to the aforementioned purposes and, in any case, in such a way as to guarantee the security and confidentiality of the data.
7 – PERSONAL DATA STORAGE DURATION
The data are kept for 10 years from the interruption of the relationship or, in the event of regulatory changes or jurisprudential orientation, until conservation is necessary to assert a right of both parties. A periodic check on data obsolescence is carried out.
8 – RIGHTS OF INTERESTED PARTIES
You can exercise all the rights mentioned below through the contact details of the data controller indicated in the beginning of the document paragraph 1.
- You have the right to request access to your personal data from the data controller.
- You have the right to request the rectification / cancellation / limitation of your personal data from the data controller.
- You have the right to ask the data controller to object to the processing of your personal data.
- You have the right to receive the complete list of data processors.
- You have the right to receive your personal data stored in a structured, commonly used and readable format.
- The right to lodge a complaint with a supervisory authority such as the Privacy Guarantor at the contact details given at the following link https://www.garanteprivacy.it/home/footer/contatti
There is no automated decision-making process, including the profiling referred to in article 22, paragraphs 1 and 4 of the European privacy regulation 2016/679
9 – TRANSFER OF DATA ABROAD
Your Personal Data will be processed both within the European Union and stored on servers located within the European Union and processed and stored in countries outside the European Union when an adequate level of protection is guaranteed. This level is to be considered adequate in the presence of a specific adequacy decision by the European Commission in relation to the recipient country or if adequate guarantees of a contractual or pact nature are provided by the foreign Data Controllers and Managers involved, including standard contractual data protection clauses (art. 46, paragraph 2, letter c and letter d of EU Regulation 2016/679 on Data Protection). This said only in compliance with the confidentiality and purposes described herein. These guarantees are available for consultation at the Demetra Formazione srl office or provided by e-mail. Requests can be forwarded using the contact details of the Data Controller.
This information may undergo changes and additions over time, so we suggest that you check it periodically. In particular, in the case of long-lasting relationships, we will do everything to promptly inform you of the changes made.