This information is provided pursuant to Article 13 of the Code for the Protection of Personal Data, EU 2016/679 Regulation.
The data processed will be those of web users.
CONTROLLER
Under the law on the protection of personal data,
Getecna S.p.A. a socio unico
Via Zuretti 102 – 40125 Milano
P.Iva e C.F. 01196080152
privacy@getecna.it
as Controller of the processing of your personal data is required to provide you with information about the use of your personal data.
DPO (DATA PROTECTION OFFICER)
The Controller has nominated as the Data Protection Officer, pursuant to Art. 37 of the European regulation on the Protection of Personal Data, EU 2016/679, and in particular as foreseen by paragraph 6, Schmidt Consulting Privacy Srl – Benefit Company, with registered office in Via Bagutta 13, 20121 Milano, who can be contacted via email at dpo@schmidtconsulting.it
NATURE OF DATA PROVISION
Providing us with your personal data is optional but if you don’t give us your details and your consent to use them, we will not be able to contact you or to send you any promotional offers for the purposes listed below. The provision for marketing purposes is optional and does not prevent being contacted for other purposes.
PURPOSES OF PROCESSING OF PERSONAL DATA AND LEGAL BASIS
- execution of obligations arising from contracts concluded with the Controller and/or obligations, prior to concluding the contract, relating to specific requests of the person concerned;
- fulfilment of obligations pursuant to the law, regulations or Community legislation and defence before the courts;
- promotional activities for marketing such as, by way of example but not limited to, sending newsletters; sending educational and information material; sending marketing material via email, newsletters, postal mail, SMS, MMS, and new communication platforms such as, for example but not limited to, WhatsApp, X, Facebook, Viber, Telegram, Skype.
With regard to purposes in points a) and b), we inform you that the processing and communication of your personal data by the Controller does not require your consent as processing is necessary for the execution of obligations under the contract and/or to perform services requested by you prior to the conclusion of the contract and for compliance with legal obligations.
With regard to the purposes in point c), you have the right to refuse the Controller, at any time, your consent to processing, without adverse consequences in the contractual relationship and/or in the performance of services you requested prior to the conclusion of the contract.
LEGITIMATE INTEREST
The Controller does not make use of legitimate interest for the processing of personal data except for the protection of their own rights, namely, to establish, exercise, or defend a right before the courts.
METHODS FOR DATA PROCESSING
The collected data is processed both in paper form and using computer tools.
Appropriate security measures are observed to prevent data loss, unlawful or incorrect uses, and unauthorised access.
WHO PROCESSES WITH YOUR DATA
The processing of personal data is carried out by authorised personnel or by duly appointed data processors. The updated list of data processors or any autonomous data controllers can be requested from the Data Controller or the Data Protection Officer (DPO).
DATA TRANSFER
The data will only be transferred only within the EU.
Some data may be transferred to the USA to those companies that are certified under the Data Privacy Framework.
No further transfers outside the EU will be made.
PERIOD OF DATA RETENTION
Personal data processed for contractual or economic purposes, such as invoicing, will be processed for the mandatory periods required by relevant laws, such as administrative accounting data for 10 years.
Data related to marketing activities will be retained for a maximum period of 24 months from the last active interaction with the user. The user is guaranteed the right to request the deletion of their data at any time, and in such case, it will be deleted immediately.
DATA SUBJECTS' RIGHTS PURSUANT TO ART. 15 EU 2016/679
Data subjects have the right to obtain from the Controller, where applicable, access to their personal data, as well as the rectification or erasure of such data, or the restriction of processing concerning them, or to object to processing (Articles 15 and following of the GDPR). Opposition for marketing purposes is always possible and free of charge. Requests should be addressed to the Data Controller at the contact details provided at the beginning of this notice.
COMPLAINTS
Data subjects who believe that the processing of their personal data through this website is in violation of the provisions of the Regulation have the right to lodge a complaint with the Supervisory Authority as provided for in Article 77 of the Regulation, or to take appropriate legal action (Article 79 of the Regulation).