INFORMATION TO DATA SUBJECTS pursuant to art. 13 of Legislative Decree no. 196 of 30 June 2003
Legislative Decree no. 196 of 30 June 2003, entitled “Code for the protection of personal data” (hereinafter “Privacy Code”), envisages a system of guarantees to protect the processing of personal data. In particular, art. 13 of the aforementioned Legislative Decree requires certain information regarding the purposes and methods of personal data processing to be provided at the moment of data collection.
Therefore, in relation to the personal data processed, we would like to inform you of the following.
1) PURPOSE OF DATA PROCESSING
The processing of personal data:
is aimed at registration and at the management and correct fulfilment of purchase orders, as well as completion of the consequent administrative tasks, including accounting records and entries, the fulfilment of contractual relations and compliance with the obligations required by law or by European Community regulations and by the provisions issued by authorities designated for this purpose by law and by the supervisory and control bodies;
INTERNET NAVIGATION DATA
The ICT systems and the relative software procedures responsible for the functioning of this web site acquire personal information as part of their normal operation, the transmission of which is implicit in the use of internet communication protocols. This category of data includes, for example, IP addresses or domain names of the computers used by users to connect to our web site and other navigation information. This information is used by Bemils S.r.l. on an “anonymous” and “aggregate” basis exclusively for statistical purposes and for operation of the web site (for e.g., login pages, logout pages, etc.).
DATA PROCESSING METHODS
The processing of data will take place within the limits and in accordance with the conditions set forth by art. 11 of the “Privacy Code” and, in particular:
a) is carried out via the actions or set of actions indicated under art. 4, paragraph 1, letter a) of the Privacy Code: collection; registration and organisation; processing, including modification, comparison/interconnection; use, including consultation, disclosure; storage; cancellation and destruction; security and protection, including accessibility and confidentiality, integrity, and safeguarding;
b) is carried out also through use of electronic or automated means and in compliance with the minimum security measures envisaged by the Privacy Code;
c) is carried out directly by the company of the Data Controller and by external services companies in accordance with the regulatory provisions governing this issue.
COMMUNICATION OF DATA
The data may also be disclosed, in strict relation to the purposes indicated above, to the following parties or categories of parties:
for the purposes envisaged by aforementioned points 1: to internal/external collaborators of our Company for consulting and accounting/administrative requirements, or as a result of warrants following administrative/legal disputes; to couriers or transport companies to send the material ordered; to any other parties to which the disclosure of information is obligatory as a result of legal and/or contractual regulations in force;
SUPPLY OF DATA
Providing personal data for processing under points 1.B) and 1.C) above is optional, while the supply of personal data for processing under point 1.A) above is mandatory in order to proceed with registration and with management of an order.
DISSEMINATION OF DATA
We will not disseminate personal data.
TRANSFER OF DATA ABROAD
Data may be transferred abroad for purposes connected with providing the services requested.
DATA SUBJECT’S RIGHTS
Art. 7 of the Privacy Code grants the interested party specific rights, including the right to obtain from the Data Controller confirmation of the existence or otherwise of their personal data and communication of said data in an intelligible form; the right to be informed of the origin of the data, as well as the principles on which the processing is based and its purposes; the right to obtain the cancellation, transformation into anonymous form or blockage of data processed in violation of the law, as well as the updating, amendment or, if so desired, addition of data; the right to object to the processing, for legitimate reasons.
The Data Controller is the company Bemils Srl, with registered office in Via Ferri, 3, Cinisello Balsamo (MI).
For any additional information on the processing of personal data, the “Personal data protection” Department of our Company may be contacted directly at firstname.lastname@example.org, where the updated list of “Data Processors” is also kept.