1) Who are we and what do we do with your personal data?
Freezanz System Srl, with registered office in Ponsacco (PI), via Fossa Nuova, 104 - VAT number IT02156390508, (hereinafter referred to as the "Owner"), as personal data holder, is concerned with the confidentiality of your personal data and to guarantee the necessary protection from any event that could put them at risk of violation. For this purpose, the implements policies and practices regarding the collection and use of personal data and the exercise of the rights that are recognized by the applicable legislation. The takes care to update the policies and practices adopted for the protection of personal data whenever this becomes necessary and in any case of regulatory and organizational changes that may affect the processing of your personal data.
You can contact the at any time by sending your request by email to the address email@example.com.
2) How and why does In Giardino Srl collect and process your data?
The collects and/or receives information about you, such as: name, surname, company name, VAT number and/or tax code, place and date of birth, physical and telematic address, landline and/or mobile phone number, any data relating to your commercial and/or professional activity. The data collected are used by the to fulfil instrumental and functional purposes for the pre-contractual and/or contractual relationship and for the fulfilment of the legal and regulatory obligations to which the is required according to the activity carried out. The can transfer your personal data abroad if you give consent. Your personal data will not be disseminated or disclosed in any way to indeterminate and non-identifiable subjects, not even as third parties. Your personal information will be processed:
2.1) to respond to your requests, the management of the pre-contractual supply or service relationship and the consequent regulatory obligations. The processing of your personal data takes place to carry out the preliminary activities for the management of the supply relationship (budgeting).
The personal data that the processes for the aforementioned purposes are, among others:
- name, surname, company name, tax code or VAT number, physical and telematic address, landline and/or mobile phone number;
- for subjects having the nature of an enterprise or jobs related to commercial and/or professional activity.
2.2) for the communication to third parties and recipients.
The processing of your personal data takes place in accordance with the contract and the obligations, including by law and/or regulations, that derive from it. Your data will not be disclosed to third parties/recipients for their autonomous purposes unless you authorize it.
Your data will also not be disclosed to third parties/recipients unless:
a) the communication is necessary for the fulfilment of the obligations dependent on the contract and the laws that governs it;
b) the communication takes place towards third-party supply and IT assistance and data processing companies (e.g. web hosting, data entry, management and maintenance of IT infrastructures and services, etc.).
The personal data that the processes for this purpose are, among others:
- name, surname, company name, tax code or VAT number, physical and telematic address, landline and/or mobile phone number;
- related to your commercial and/or professional activity.
2.3) for marketing purposes.
The may process your personal data, subject to your consent, also for marketing purposes. To this end, third-party tools can be used to send emails or newsletters or other types of communication, including on paper, to inform you about its products. The uses tools that comply with the data protection directives and uses them to a strictly necessary and proportionate extent to the purposes described. The for sending newsletters for marketing purposes uses the MailChimp platform.
2.4) for IT security purposes
The processes your personal data, including computer data (e.g. logical access) or traffic collected or obtained in the case of services displayed on the website or on platforms referable to the (e.g. for the management of a reserved area), in strictly necessary and proportionate measure to guarantee the security and ability of a network or of the servers connected to it to resist, at a given level of security, unexpected events or illegal or malicious acts that compromise the availability, authenticity, integrity and confidentiality of personal data stored or transmitted. For these purposes, the provides procedures for managing the violation of personal data (data breach) in compliance with the legal obligations under which fulfilment is required.
3) What happens if you don't provide your data?
Your data, collected or otherwise obtained by the Owner is necessary and failure to provide it makes it impossible for the Owner to carry out the activities relating to the main processing, or to: answer your questions, make estimates based on your requests, the management of the relationship established, the fulfilments, also legal, that derive from the relationship established. The Owner may carry out some treatments according to certain legitimate interests that do not affect your right to privacy, such as those that:
- - make it possible to prevent contractual fraud;
- - allow to prevent IT incidents and notification to the supervisory authority or communication to users, if necessary, of the violation of personal data;
- - allow the communication of personal data to entities or administrations of the State for administrative purposes;
- - allow communication to third parties/recipients for activities related to contract management.
4) How and for how long is your data stored?
The processing of your data takes place through both electronic and manual means and tools made available to subjects who act under the authority of the Owner and for the purpose authorized and trained. The paper and especially electronic archives where your data is stored and stored are protected by effective security measures that are adequate to counter the risks of violation considered by the Owner. It provides for the periodic and constant verification of the measures adopted, especially for electronic and telematic tools, to guarantee the confidentiality of personal data for them through treaties, archived and stored.
Personal data are kept for the time necessary to carry out the activities related to the management of the contract with the Owner and for the fulfilment of the obligations, also legal, that follow. The computer archives are located within the EU borders and their connection or interaction with databases located abroad is not foreseen.
The data processing is performed through paper supports or IT procedures by specially authorized and trained subjects. These are allowed to access to your personal data to the extent and within the limits in which it is necessary for carrying out the processing activities that concern you. The Owner periodically checks the tools by which your data are processed and the security measures provided for them which are constantly updated; the Owner verifies, also through the subjects authorized for the treatment, that personal data that need not be processed are not collected, processed, archived or stored; the Owner verifies that the data are stored with the guarantee of integrity and authenticity and of their use for the purposes of the treatments actually carried out.
The data are stored in paper, IT and telematic archives located within the European economic area, and adequate security measures are ensured.
7) How long
The personal data processed by the Owner are kept for the time necessary to carry out the activities related to the management of the pre-contractual activity and up to five years and six months after its conclusion or when the rights that depend on it can be asserted (to pursuant to articles 2935 and 2947 of the civil code); as well as for the fulfilment of the obligations (e.g. tax and accounting) that remain even after the conclusion of the contract (art. 2220 of the Italian Civil Code), for which the must keep only the data necessary for their pursuit. Without prejudice to the cases in which the rights deriving from the contract should be enforced in which case, your data, only those necessary for these purposes, will be processed for the time required for their pursuit.
However, your right to object to processing based on legitimate interest for reasons related to your particular situation remains unaffected. Once all the purposes that legitimize the storage of your personal data have been exhausted, the Owner will take care to delete them or make them anonymous.
8) What are your rights?
The rights that are recognized allow you to always have control of your data. Your rights are those of: access; rectification; cancellation; limitation of treatment; opposition to the treatment; portability.
Your rights are guaranteed to you without special charges and formalities for their exercise, which is intended essentially free of charge. You have the right:
- to obtain a copy, even in electronic format, of the data for which you have requested access. If you have to request additional copies, the Owner can charge you a reasonable fee;
- to obtain the cancellation of the same or the limitation of the treatment or even the updating and correction of your personal data;
- to obtain, in the latter cases, that other Owners to whom, in case your data have been communicated or the recipients of the same, are set aside for your request and the outcome of the exercise of your rights so that they too provide to cancel, suspend or stop the treatment or to correct your data;
- to obtain any useful communication regarding the activities carried out following the exercise of your rights without delay and in any case, within one month of your request, unless extended, motivated and up to two months, which must be duly communicated to you.
For any further information and in any case to send your request, contact the Owner at the email address: firstname.lastname@example.org
Basically, at any time and free of charge and without special charges and formalities for your request, you can:
- obtain confirmation of the treatment operated by the Owner
- access your personal data and know its origin (when the data is not obtained from you directly), the purposes and aims of the treatment, the data of the subjects to whom they are communicated, the retention period of your data or useful criteria to determine it;
- update or correct your personal data so that it is always exact and accurate;
- delete your personal data from the Owner's databases and/or backup archives if, among others, they are no longer necessary for the purposes of the treatment or if this is assumed to be illegal, and always if the conditions established by law exist; and in any case if the treatment is not justified by another equally legitimate reason;
- limit the processing of your personal data in certain circumstances, for example where you have contested its accuracy, for the period necessary for the Owner to verify its accuracy. You must be informed, in reasonable times, also of when the suspension period has been completed or the cause of the limitation of the treatment has ceased, and therefore the limitation itself has been revoked;
- obtain your personal data, if received or processed by the Owner with your consent and/or if their processing takes place on the basis of a contract and with automated tools, in electronic format also for the purpose of transmitting them to another Owner.
The Owner must proceed in this direction without delay and, in any case, at the latest within one month of receiving your request. The deadline can be extended by two months, if necessary, taking into account the complexity and the number of requests received. In such cases, the Owner will have to inform you and make you aware of the reasons for the extension within one month of receiving your request.
For any further information and in any case to send your request, contact the Owner at email@example.com
9) How and when can you object to the processing of your personal data?
For reasons relating to your particular situation, you can object to the processing of your personal data at any time if it is based on legitimate interest, by sending your request to the Owner at the address firstname.lastname@example.org
You have the right to delete your personal data if there is no legitimate reason prevailing over the one that gave rise to your request.
10) Who can you complain to?
Without prejudice to any other administrative or judicial action, you can lodge a complaint with the authority responsible for the protection of personal data unless you reside or carry out your work in another Member State. In the latter case, or in one in which the violation of the legislation on the protection of personal data takes place in another EU country, the authority to receive and know the complaint will be the supervisory authorities established therein.
11) What happens if there are updates or changes to this information?
Each update of this information will be communicated to you promptly and by appropriate means and will also be communicated to you if the Owner will follow up the processing of your data for purposes other than those referred to in this information before proceeding and in time to give your consent, if necessary.
Last update: March 16, 2020