It informs that the relationships established with DataConSec s.r.l. (Data Controller) may entail the processing of personal data, in compliance with the following general principles::
DATA UNDERGOING PROCESSING
The Controller processes personal identification data of the client/supplier (e.g. name, surname, company name, personal/tax data, address, telephone number, e-mail, bank and payment reference data) and of his/her representatives (name, surname and contact details) acquired and used during the provision of services by the Controller.
LEGAL BASIS AND PURPOSES OF THE PROCESSING
Data are processed:
A non-provision of said data will prevent the establishment of the relationship with the Controller. In accordance with Article 6 paragraphs b,c,f, the above-mentioned purposes provide an appropriate legal basis for the lawfulness of the processing. Should the processing be carried out for different purposes, specific consent shall be required from the data subjects.
Personal data are processed by means of the operations indicated in Article 4 no. 2) GDPR, more specifically: collection, recording, organisation, storage, consultation, processing, alteration, selection, retrieval, alignment, use, combination, denial, disclosure, erasure and destruction of data. Personal data are processed both by paper and by electronic and/or automatic means. The Controller shall process personal data for the amount of time required to fulfil the purposes for which they have been collected and the related legal obligations.
SCOPE OF THE PROCESSING
Data are processed by internal individuals, who are duly entitled and instructed to the processing in compliance with Article 29 of the GDPR. The scope of disclosure of personal data may also be requested, obtaining precise indications as to whether there are external individuals acting in the capacity of autonomous Processors or Controllers (consultants, specialists, bank institutions, carriers, etc.). It is also hereby stated that personal data may be subject to an intercompany disclosure among the Group’s companies. Data are not disclosed or handed over to extra-EU countries. Should it be necessary, within the context of tender procedures or contracts or for the fulfilment of regulatory obligations (e.g.: joint liability, anti-corruption, anti-mafia, anti-money laundering, etc.) acquiring from clients/suppliers their employees’ personal data, the parties hereby agree that the undersigned company shall be authorised to the processing of such data in the capacity of External Processor (Article 28 of the GDPR) or of authorised subject (Article 29 of the GDPR). Within such relationship, the undersigned company commits itself to processing such data in compliance with the compliance requirements provided for by the GDPR, ensuring that it will only disclose data to other subjects within the context of specific legal obligations.
RIGHTS OF THE INTERESTED PARTY
DataConSec S.r.l., guarantees to be able to exercise at any time the rights provided by the art. 12 of the GDPR. In particular, you have the right:
The exercise of these rights can be exercised by communication to the Data Controller whose addresses are: e-mail email@example.com, Tel +39 0521 771298.