PRIVACY POLICY
1. Data Controller.
New Eurotecnica Srl, with registered office in Viale Alfa Romeo, 49, 80038 Pomigliano d'Arco (NA), CF and VAT number 05626671217 (hereinafter, “Owner” or “New Eurotecnica”), as Data Controller, informs pursuant to articles 13 and 14 of EU Regulation no. 2016/679 (hereinafter, “GDPR”) that the Data of natural persons resident in the European Union (hereinafter “Customer” or “Interested Party”), of which the company has come into possession during the performance of its activity, will be processed in the following ways and for the following purposes.
2. Object of the Processing.
The Data Controller processes personal data (for example name, surname, tax code, email, telephone number, etc. hereinafter, "personal data" or even "data") acquired also verbally or communicated by the interested party during registration on the site web and/or when registering for the Owner's newsletter service or when executing a contract in which the interested party is a party.
3. Legal basis and Purpose of the Processing.
Personal data is processed:
A) without the express consent of the interested party (art. 6 letter B of the GDPR), to achieve the corporate purpose of the Data Controller, in particular:
fulfill pre-contractual, contractual and fiscal obligations deriving from existing relationships with the Customer;
fulfill the obligations established by law, by a regulation, by community legislation or by an order from the Authority;
allow subscription to the newsletter service provided by the Owner and any additional Services requested;
exercise the rights of the Owner.
B) subject to specific consent of the interested party (art. 6 letter A of the GDPR), through specific information separate from this, for the purposes indicated therein.
It should be noted that New Eurotecnica customers may be sent commercial communications relating to the Data Controller's services and products similar to those which the Customer has already used, unless the interested party expressly disagrees.
4. Methods of Treatment.
The processing of the Customer's personal data is carried out by means of the operations indicated in the art. 4 no. 2 of the GDPR and precisely: collection, recording, organisation, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data is processed both on paper and electronically.
The Data Controller will process personal data for the time necessary to fulfill the purposes referred to in the art. 3 of this information and in any case for no more than 10 years from the termination of the relationship with the Customer. The data collected and not subject to retention determined by law will be kept for no longer than 2 years from the termination of the relationship with the interested party.
The data will also be processed in compliance with the principle of confidentiality and security, in particular, all technical, IT, organizational and procedural security measures will be adopted so that the adequate level of data protection indicated by the art. 32 of the GDPR.
5. Access to Data.
The Customer's data may be made accessible for the purposes referred to in the art. 3.A) and 3.B) of this information:
a) to employees and collaborators of the Data Controller, in their capacity as internal data processors and/or managers and/or system administrators;
b) to third parties (for example, providers for the management and maintenance of the website, suppliers, credit institutions, professional firms, etc.) who carry out outsourced activities on behalf of the Data Controller, in their capacity as external data controllers.
6. Data Communication.
Without express consent of the Customer (art. 6 letter b) and c) of the GDPR), the Data Controller may communicate the data for the purposes referred to in the art. 3.A) of this information to Supervisory Bodies, Judicial Authorities as well as to all other subjects to whom communication is mandatory by law or necessary for the fulfillment of the aforementioned purposes.
7. Data Transfer.
The management and storage of personal data will take place on the Data Controller's servers located within the European Union and/or on third-party companies appointed and duly appointed as Data Processors. The servers are currently located in Italy. The data will not be transferred outside the European Union. In any case, it is understood that the Owner, if necessary, will have the right to move the location of the servers to Italy and/or the European Union and/or non-EU countries. In this case, the Data Controller hereby ensures that the transfer of non-EU data will take place in compliance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and/or adopting the standard contractual clauses provided for by the European Commission.
8. Nature of the provision of Data and consequences of refusal to respond.
The provision of data for the purposes referred to in art. 3.A) of this information is mandatory. Failure to provide data will make it impossible for New Euotecnica to follow up on the existing relationship with the interested party.
9. Rights of the interested party.
As an interested party, the Customer has the rights referred to in the articles. 15 - 21 of the GDPR and precisely the rights of:
I. obtain confirmation of the existence or otherwise of personal data concerning him, even if not yet registered, and their communication in an intelligible form;
II. get the indication:
a) the origin of the personal data;
b) the purposes and methods of processing;
c) of the logic applied in case of processing carried out with the aid of electronic instruments;
d) the identification details of the owner, managers and designated representative;
e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representatives in the territory of the State, managers or agents;
III. obtain:
a) the updating, rectification or, when interested, integration of the data;
b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
c) certification that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the case in which this requirement is proves impossible or involves a manifestly disproportionate use of means compared to the protected right;
IV. oppose, in whole or in part:
a) for legitimate reasons to the processing of personal data concerning him, even if pertinent to the purpose of the collection;
b) to the processing of personal data concerning him for the purposes of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by email and/or by traditional marketing methods by telephone and/or paper mail. Please note that the interested party's right of opposition, set out in the previous point b), for direct marketing purposes using automated methods, extends to traditional ones and that in any case the possibility for the interested party to exercise the right of opposition also remains only partially. Therefore, the interested party can decide to receive only communications via traditional methods or only automated communications or neither of the two types of communication.
Where applicable, the Customer therefore has the rights referred to in the articles. 15-21 of the GDPR, i.e. the right of access, the right of rectification, the right to be forgotten, the right to limit processing, the right to data portability, the right to object, as well as the right to complain to a Supervisory Authority.
10. Method of exercising rights.
The Customer may exercise their rights at any time by sending:
- a registered letter with return receipt to New Eurotecnica Srl, Viale Alfa Romeo, 49, 80038 Pomigliano d'Arco (NA)
- a PEC to ferramentaeurotecnica.fe@gmail.com
11. Minors.
The Owner's Services are not intended for children under 18 and the Owner does not intentionally collect personal information relating to minors. In the event that information on minors is involuntarily recorded, the Data Controller will delete it promptly, upon request of the interested party.
12. Owner, manager and appointees.
The Data Controller is New Eurotecnica Srlin, name of its legal representative.
The updated list of data controllers and persons in charge of processing is kept at the headquarters of the Data Controller.
13. Changes to this Policy.
This information may be subject to change. It is therefore advisable to regularly check this information on our website and refer to the most updated version.
New Eurotecnica Srl, with registered office in Viale Alfa Romeo, 49, 80038 Pomigliano d'Arco (NA), CF and VAT number 05626671217 (hereinafter, “Owner” or “New Eurotecnica”), as Data Controller, informs pursuant to articles 13 and 14 of EU Regulation no. 2016/679 (hereinafter, “GDPR”) that the Data of natural persons resident in the European Union (hereinafter “Customer” or “Interested Party”), of which the company has come into possession during the performance of its activity, will be processed in the following ways and for the following purposes.
2. Object of the Processing.
The Data Controller processes personal data (for example name, surname, tax code, email, telephone number, etc. hereinafter, "personal data" or even "data") acquired also verbally or communicated by the interested party during registration on the site web and/or when registering for the Owner's newsletter service or when executing a contract in which the interested party is a party.
3. Legal basis and Purpose of the Processing.
Personal data is processed:
A) without the express consent of the interested party (art. 6 letter B of the GDPR), to achieve the corporate purpose of the Data Controller, in particular:
fulfill pre-contractual, contractual and fiscal obligations deriving from existing relationships with the Customer;
fulfill the obligations established by law, by a regulation, by community legislation or by an order from the Authority;
allow subscription to the newsletter service provided by the Owner and any additional Services requested;
exercise the rights of the Owner.
B) subject to specific consent of the interested party (art. 6 letter A of the GDPR), through specific information separate from this, for the purposes indicated therein.
It should be noted that New Eurotecnica customers may be sent commercial communications relating to the Data Controller's services and products similar to those which the Customer has already used, unless the interested party expressly disagrees.
4. Methods of Treatment.
The processing of the Customer's personal data is carried out by means of the operations indicated in the art. 4 no. 2 of the GDPR and precisely: collection, recording, organisation, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data is processed both on paper and electronically.
The Data Controller will process personal data for the time necessary to fulfill the purposes referred to in the art. 3 of this information and in any case for no more than 10 years from the termination of the relationship with the Customer. The data collected and not subject to retention determined by law will be kept for no longer than 2 years from the termination of the relationship with the interested party.
The data will also be processed in compliance with the principle of confidentiality and security, in particular, all technical, IT, organizational and procedural security measures will be adopted so that the adequate level of data protection indicated by the art. 32 of the GDPR.
5. Access to Data.
The Customer's data may be made accessible for the purposes referred to in the art. 3.A) and 3.B) of this information:
a) to employees and collaborators of the Data Controller, in their capacity as internal data processors and/or managers and/or system administrators;
b) to third parties (for example, providers for the management and maintenance of the website, suppliers, credit institutions, professional firms, etc.) who carry out outsourced activities on behalf of the Data Controller, in their capacity as external data controllers.
6. Data Communication.
Without express consent of the Customer (art. 6 letter b) and c) of the GDPR), the Data Controller may communicate the data for the purposes referred to in the art. 3.A) of this information to Supervisory Bodies, Judicial Authorities as well as to all other subjects to whom communication is mandatory by law or necessary for the fulfillment of the aforementioned purposes.
7. Data Transfer.
The management and storage of personal data will take place on the Data Controller's servers located within the European Union and/or on third-party companies appointed and duly appointed as Data Processors. The servers are currently located in Italy. The data will not be transferred outside the European Union. In any case, it is understood that the Owner, if necessary, will have the right to move the location of the servers to Italy and/or the European Union and/or non-EU countries. In this case, the Data Controller hereby ensures that the transfer of non-EU data will take place in compliance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and/or adopting the standard contractual clauses provided for by the European Commission.
8. Nature of the provision of Data and consequences of refusal to respond.
The provision of data for the purposes referred to in art. 3.A) of this information is mandatory. Failure to provide data will make it impossible for New Euotecnica to follow up on the existing relationship with the interested party.
9. Rights of the interested party.
As an interested party, the Customer has the rights referred to in the articles. 15 - 21 of the GDPR and precisely the rights of:
I. obtain confirmation of the existence or otherwise of personal data concerning him, even if not yet registered, and their communication in an intelligible form;
II. get the indication:
a) the origin of the personal data;
b) the purposes and methods of processing;
c) of the logic applied in case of processing carried out with the aid of electronic instruments;
d) the identification details of the owner, managers and designated representative;
e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representatives in the territory of the State, managers or agents;
III. obtain:
a) the updating, rectification or, when interested, integration of the data;
b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
c) certification that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the case in which this requirement is proves impossible or involves a manifestly disproportionate use of means compared to the protected right;
IV. oppose, in whole or in part:
a) for legitimate reasons to the processing of personal data concerning him, even if pertinent to the purpose of the collection;
b) to the processing of personal data concerning him for the purposes of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by email and/or by traditional marketing methods by telephone and/or paper mail. Please note that the interested party's right of opposition, set out in the previous point b), for direct marketing purposes using automated methods, extends to traditional ones and that in any case the possibility for the interested party to exercise the right of opposition also remains only partially. Therefore, the interested party can decide to receive only communications via traditional methods or only automated communications or neither of the two types of communication.
Where applicable, the Customer therefore has the rights referred to in the articles. 15-21 of the GDPR, i.e. the right of access, the right of rectification, the right to be forgotten, the right to limit processing, the right to data portability, the right to object, as well as the right to complain to a Supervisory Authority.
10. Method of exercising rights.
The Customer may exercise their rights at any time by sending:
- a registered letter with return receipt to New Eurotecnica Srl, Viale Alfa Romeo, 49, 80038 Pomigliano d'Arco (NA)
- a PEC to ferramentaeurotecnica.fe@gmail.com
11. Minors.
The Owner's Services are not intended for children under 18 and the Owner does not intentionally collect personal information relating to minors. In the event that information on minors is involuntarily recorded, the Data Controller will delete it promptly, upon request of the interested party.
12. Owner, manager and appointees.
The Data Controller is New Eurotecnica Srlin, name of its legal representative.
The updated list of data controllers and persons in charge of processing is kept at the headquarters of the Data Controller.
13. Changes to this Policy.
This information may be subject to change. It is therefore advisable to regularly check this information on our website and refer to the most updated version.