PRIVACY POLICY - ART. 13 EUROPEAN REGULATION NR. 2016/679
(General Data Protection Regulation)
1. Data controller
The Data Controller is Rise S.r.l. (VAT 03482500240), in person of the legal representative pro tempore, with registered office in Velo d’Astico (VI) - Italy, via della Tecnica, 10, www.riseweb.it , hereinafter "the Holder".
The Data Controller intends to provide the data subject with complete information on the purposes and methods of processing personal data.
2. Methods of processing personal data
Personal data (eg personal data, telephone number, e-mail, etc.) are processed on computer media or in any case with the aid of computerized or automated tools in compliance with the minimum security measures and, in any case, in order to guarantee the integrity, security and confidentiality of the data.
3. Purpose of the processing
The Data Controller will process your personal data for the following purposes:
1) performance of contractual and pre-contractual activities
2) compliance with tax or legal obligations
3) direct and indirect marketing and market research;
4) distributing commercial / promotional information in newsletters using software dedicated solely to this activity;
5) profiling consumption and purchasing habits;
The consent you have expressed is the legal basis of the processing pursuant to art. 13, paragraph 1), letter c) of the GDPR.
4. Nature of the contribution
The provision of your data for the purposes referred to in paragraphs 1) and 2) of Article 3 does not require any formal consent as a preliminary and essential to any contractual or pre-contractual relationship.
The provision of your data for the purposes referred to in points 3), 4), 5), 6) of art. 3 is optional and requires your express consent. Failure to consent will entail the consequences described below: the impossibility of carrying out direct and indirect marketing activities, surveys and market research, of sending newsletters and commercial/promotional documents through specific software, suitable only for sending newsletters, consumption profiling, buying habits.
In any case if you have given the express consent to authorize the holder to pursue the purposes set out in points 3), 4), 5), of the art. 3, will remain free at any time to revoke it, without formalities sending a clear communication to that effect to the email address privacy gdpr@beninca.com.
Following receipt of this opt-out request, the Data Controller will promptly remove and delete the data from the databases used for processing for the purposes indicated in points 3), 4) and 5) of art. 3. The simple receipt of the cancellation request will automatically be valid as confirmation of cancellation.
5. Recipients or category of recipients of personal data
The personal data you have provided, for the purposes described above, may be brought to the attention of employees and / or collaborators of the Data Controller and communicated to the following subjects:
a) AUTOMATISMI BENINCA’ S.P.A., Myone S.r.l., Hi-Motions S.r.l., APROMIX RFID S.r.l., Seav S.r.l., as joint Controllers;
b) third-party companies possibly appointed by the Owner to provide for the execution of the obligations assumed by the latter for the implementation of the treatments provided for by the purposes set out in points 1) and 2) of Article 3;
c) all subjects (including Public Authorities) who have the right to access data under regulatory or administrative provisions;
d) third-party companies appointed by the Data Controller for processing the data provided for in the purposes set out in points 3), 4), 5), of art. 3;
e) third-party companies that provide essential support services for processing and have direct or indirect access to your data;
All the collaborators or suppliers used by the Data Controller for the processing of your personal data have been appropriately and legally authorized and empowered on the methods and purposes of the treatments attributed to them and will act in compliance with and in accordance with this information.
The personal data you have provided, for the purposes described above, may be transferred to business partners for processing data provided for the purposes set out in points 3), 4), 5) of article 3;
The personal data you provide and that are subsequently processed in relation to managing the service are not subject to disclosure.
As regards the subjects indicated in points b) and d), only the category of recipients is indicated, as the list is subject to frequent updates and revisions. Given this, Data Subjects can obtain the updated list of recipients by contacting the Data Controller via the channels indicated in art. 1 of this privacy information note.
6. Data retention times
Your personal data will be kept for the times defined by the relevant legislation, which are specified below pursuant to art. 13, paragraph 2, letter a) GDPR:
1) for the purposes indicated in points 1), 2) of article 3 for the times prescribed by the laws in force and in any case for a period not less than 10 (ten) years
2) for the purposes indicated in points 3), 4) of the art. 3 for 3 (three) years from the time of consent to treatment.
3) for the purposes referred to in point 5) for 12 (twelve) months from the moment of providing consent to the processing.
7. Exercise of rights by the interested party
Pursuant to article 13, paragraph 2, letters b) and d), 15, 18, 19 and 21 GDPR, the interested party is informed that he has the right to:
a) Access to personal data: obtain confirmation of whether data concerning you are being processed and, in this case, access to the following information: the purposes, the categories of data, the recipients, the retention period, the right to lodge a complaint with a supervisory authority, the right to request rectification or cancellation or limitation of processing or opposition to the processing itself and the existence of an automated decision-making process;
b) Request for rectification or cancellation of the same or limitation of the processing that concerns you; "limitation" means the marking of data stored with the aim of limiting its processing in the future;
c) Opposition to processing: to oppose for reasons connected with your particular situation to the processing of data for the performance of a task of public interest or for the pursuit of a legitimate interest of the Controller;
d) Data portability: in the case of automated processing carried out on the basis of consent or in execution of a contract, to receive data concerning you in a structured format, commonly used and readable by automatic device; in particular, the data will be provided by the Data Controller in .xml format;
e). Revocation of consent to processing for marketing purposes, both direct and indirect, market research and profiling; the exercise of this right does not prejudice in any way the lawfulness of the processing carried out before the revocation;
f) Propose a claim pursuant to art. 77 RGPD to the competent supervisory authority based on your habitual residence, workplace or place of violation of your rights; for Italy, the Guarantor for the protection of personal data is competent, which can be contacted via the contact details on the website http://www.garanteprivacy.it.
The aforementioned rights may be exercised by sending a specific request to the Data Controller through the contact channels indicated in art. 1 of this information.
Requests relating to the exercise of your rights will be processed without undue delay and, in any case, within one month of the request; only in cases of particular complexity and in the number of requests, this deadline may be extended by a further 2 (two) months and obtaining data portability;
We inform you specifically and separately, as required by art. 21 GDPR that if personal data are processed for marketing purposes, the data subject has the right to object at any time and that if the data subject objects to the processing, personal data can no longer be processed for these purposes.
The exercise of rights is not subject to any form constraint and is free. The e-mail address for the exercise of rights is privacy gdpr@beninca.com.
Data Protection Officer (DPO)
In view of the processing activities carried out, the Controller has deemed it necessary, pursuant to art. 37 GDPR, to appoint Top Management Consulting Srl with registered office at Via Divisione Folgore 7, Int. 11, 36100 Vicenza, Tax Code 03947550244, in the person of Maurizio Squaiella its legal representative, as the Data Protection Officer or “DPO” which may be contacted for information and/or requests by sending an e-mail to: gdpr@beninca.com