Client Advisory policy
Dear Client ,
We wish to inform you that the “European Regulation 2016/679 regarding the protection of individuals in regard to the Processing of Personal Data, as well as the free circulation of that data” (from here on “GDPR”) foresees the protection of the individual concerning the processing of data of a personal nature as a fundamental right. Therefore Unopiù S.p.A. single-member private limited liability company, in accordance with article 13 of the GDPR, supplies the following information:
A. CATEGORY OF DATA:
material processed may be your personal data such as identification data, personal data, contact and accounting data as well as information relating to interest and purchase/ requested quotes from retail stores.
B. DATA CONTROLLER:
The data controller is Unopiù S.p.A. single-member private limited liability company with legal headquarters in Via Pontaccio, 9 – 20121 Milano (MI) and operational headquarters in SS Ortana Km. 14,500 – 01038 Soriano nel Cimino (VT), VAT number 05516670964 contactable by telephone at 0761.7581 or email address [email protected].
C.SOURCE OF PERSONAL DATA:
the personal data in the possession of the Controller were sourced directly from the interested person and, only if necessary, may come from public registers.
D. PURPOSE AND LEGAL BASIS OF DATA PROCESSING:
the personal data processed by the Controller is for the following purposes:
Purpose connected to legal obligations: such as accounting, payroll, social security, welfare, insurance, tax, anti-money laundering, anti-mafia or obligations required by law, regulations and EU legislation, ...
Purpose connected to the management of contractual relationship: to fulfil contractual obligations between the parties and to exercise or defend a right in a court of law and for all purposes connected with the management of relations deriving from your role and, if necessary, to record your presence on the holder's premises.
Purposes connected to the existence of a legitimate interest on the part of the Controller: Video surveillance. Some areas of the structure are subject to video surveillance for reasons of security and protection of the company's assets and are indicated by special signs with a stylised image of a camera.
E.DATA RECIPIENTS:
within the limits relevant to the purposes, your data can be communicated to various recipients like public and private entities through legal obligation or communicated to subjects connected to the fullfilment of the above-mentioned purpose inside and outside the Controller including but not limited to, collaborators, freelancers, insurance companies, insurance intermediaries, law firms, technical partners, banks, transport companies…
F.DATA TRANSFER TO THIRD COUNTRIES:
the collected data could be subject to transfer to third extra-european countries, on the strength of a fairness decision of the Commission or in the presence of appropriate guarantees, to fullfil the above-mentioned purpose.
G.CONSERVATION PERIOD:
processed data will be conserved for a period of time no longer than that necessary to fullfil the purpose (“limitation principles of conservation”, art.5 GDPR) or as based on expiry required by law. Obsolescence checks of processed data for the fullfilment of the required purposes are carried out periodically.
H.RIGHTS OF THE INDIVIDUAL:
the individual always has the right to ask the Controller for access to his personal data, the rectification or cancellation of same, processing limitation or the option to oppose processing, to request the portability of data, to revoke agreement to processing in claiming these and other rights foreseen by GDPR through simple communication to the Controller. The individual can also present a complaint to a control authority.
I. OBLIGATION TO COMMUNICATE DATA:
for the above-mentioned purpose, the provision of your data is strictly necessary for the organisation performance and for the purposes of the establishment/execution and proper management of the relationship and is also mandatory for the fulfilment of legal obligations. Therefore, failure to provide the data will make it impossible for the organisation to carry out the aforementioned activities/establish and execute the relationship.
J.NATURE OF DATA PROCESSING:
Personal data supplied by you, will become the object of processing operations in accordance with the above mentioned legislation and the confidentiality obligations of the Controller. The data will be processed with both computer tools and on paper or any other suitable means (e.g. cloud systems, archive and conservation digital replacement systems, …) in accordance with suitable technical and organizational security measures foreseen by the the GDPR.
K.AUTOMATED DECISIONAL PROCESSES:
automated decisional processes are foreseen.
AGREEMENT TO DATA PROCESSING
In accordance with GDPR 2016/679, I declare to have controlled the above stated Policy and for further purposes declare as follows:
1. The dispatch of commercial and/or marketing communications on the part of commercial partners of the Controller
□ I consent to the data processing □ I do not consent to the data processing
The profiling activity is based on fully automized decisional processes to provide personalized services more in line with your interests and needs and to arrange personalized offers as well as send commercial and/or marketing and/or promotional initiatives and/or special offers that may have relevance, in line with your interests and needs.
□ I consent to the data processing □ I do not consent to the data processing
This agreement will be considered valid until such times as it is revoked.
Place and Date:______________________
Legible signature of client _________________________________________