Privacy Policy of https://www.samiaitaly.com Disclosure pursuant to Article 13 Regulation (EU) 2016/679 and Article 13 Legislative Decree 30.6.2003 no. 196
FOREWORD SAMIA S.p.A. Unipersonale, with registered office in via Decima Strada 15/17 – 36071 Arzignano – VI , CF and P.Iva 00476510243 (hereinafter, “Data Controller”), as data controller, informs you pursuant to Article 13 Legislative Decree 30.6.2003 no. 196 (hereinafter, “Privacy Code”) and Article 13 EU Regulation no. 2016/679 (hereinafter, “GDPR”) that your data will be processed in the following manner and for the following purposes: 1) Purpose of the processing The Data Controller processes personal, identifying and non-sensitive data (in particular, first name, last name, tax code, VAT number, email, telephone number – hereinafter, “personal data” or also “data”) communicated by you when requesting services from our organization and/or when establishing contractual agreements and/or promotional initiatives and for the purposes set out below. Some services may require the processing of sensitive data, i.e., personal data capable of detecting racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership in parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, health status and sex life. (Hereinafter referred to as sensitive data). Judicial data may be necessary for certain legislative requirements. 2) Purposes of processing Your personal data are processed: A) Without your express consent (art. 24 lett. a, b, c Privacy Code and art. 6 lett. b, e GDPR), for the following Service purposes:
To manage and maintain the services requested by the data subject and to locate the data subject for the organization of the services requested;
To fulfill pre-contractual, contractual and fiscal obligations arising from existing relationships with you;
Fulfilling the obligations required by law, regulation, EU legislation or an order of the Authority, including for Accounting, Tax aspects;
Preventing or discovering fraudulent activities or harmful abuses;
Managing spontaneous applications and possible personnel selection.
Exercising the Holder’s rights, such as the right to defense in court.
B) Only with your specific and distinct consent (Articles 23 and 130 Privacy Code and Art. 7 GDPR), for the following Marketing and/or Commercial Purposes B.1: To send you via email newsletters, commercial communications and/or advertising material on products or services offered by the organization. We would like to point out that if you are already our client, we may send you commercial communications regarding services and products similar to those you have already used, unless you disagree (art. 130 c. 4 Privacy Code). For sending informative, promotional, advertising, marketing material, B.2 Processing of data to improve services and not necessary for the performance of the operations indicated in point 2A, but aimed at improving the services requested, and in any case always obtained directly from the person concerned. B.3 Use of audio-video filming and photographs: images or their entirety, in which the interested parties are filmed, use to improve the activities and services of our organization and/or for promotional activities of the same. 3) Method and duration of processing The processing of your personal data is carried out by means of the operations indicated in art. 4 Privacy Code and art. 4 No. 2) GDPR and namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data is subject to both paper and electronic and automated processing. The Data Controller will process your personal data for as long as necessary to fulfill the above purposes and in any case for no longer than 10 years from the termination of the relationship for the Purposes under 2.A (unless other legislative requirements apply) and for no longer than 2 years from the collection of the data for the Purposes under 2B. Profiling: no data profiling is carried out 4) Data Access Your data may be made accessible for the Purposes under 2.A) and 2.B):
To employees and collaborators of the Data Controller, in their capacity as appointees and/or internal data processors and/or system administrators;
To external companies for support activities in the study of the feasibility of the client’s project, for technical management activities of the project, for the storage of personal data, etc.) or to third parties (e.g., providers for the management and maintenance of the website, suppliers, credit institutions, professional firms, etc.) that carry out outsourcing activities on behalf of the Controller, in their capacity as external data processors.
5) Communication of d