EMME 1972

Privacy Policy

CUSTOMER-SUPPLIER INFORMATION PURSUANT TO ART. 13 REGULATION (EU) 679/2016 

EMME 1972 S.p.A., pursuant to and for the purposes of Article 13 of Regulation (EU) 679/2016, hereby informs the interested parties of the purposes and methods of the processing of personal data collected, their scope of communication and dissemination, as well as the nature of their provision. 

1) DATA CONTROLLER 

The Data Controller is EMME 1972 S.p.A., in the person of its legal representative, with registered office in 20121 Milan, via Bigli 28, e-mail address privacy@emme1972.com 

The updated list of internal contact persons, data processors appointed by the Data Controller pursuant to Article 28 EU Regulation 679/2016, is available at the Data Controller’s office local unit in Magreta di Formigine (MO) locality Via Igino Zambelli 29-39 

2) PERSONAL DATA PROCESSED AND PURPOSE OF PROCESSING 

Personal Data, the object of the processing, namely, identification, administrative, accounting and fiscal, commercial, and possibly computerised Data, directly referring to the customer or, for essentially identification and computerised Data, to interested parties (such as collaborators, employees, contact persons, etc.) communicated by the latter in the execution and performance of relations with the data controller and in compliance with and in accordance with the provisions on the processing and protection of Personal Data, are used for: 

1. a) to fulfil obligations provided for by national law, regulations or EU legislation and for the fulfilment of accounting and tax obligations as well as to allow an effective administrative management of the relationships 
2. b) to allow the regular execution of the supplies and services requested/offered and to give/receive information regarding the supplies and services requested or in any case subscribed or confirmed by letter, also sent by fax or telematically, and to provide for invoicing and consequent tax fulfilments 
3. c) to fulfil contractual obligations or in relation to contractual requirements or for the acquisition of pre-contractual information 
4. d) when the processing is necessary for establishing, exercising or defending a right of the Data Controller in court 
5. e) the sending of informative messages and commercial and promotional communications relating to the Controller’s activities, products and services, by automatic means, such as e-mail and SMS, as well as by traditional means, such as telephone contact with operator, in full compliance with the principles of lawfulness and correctness and with the provisions of the law. 

3) NATURE OF CONFERMENT AND LEGAL BASIS FOR PROCESSING 

Personal Data are acquired directly from the customer/supplier or otherwise obtained within the scope of the Company’s activity and their provision is compulsory for the purposes set out in point 2, letters a), b), c), d), and, where applicable, is considered indispensable in order to be able to proceed with the subsequent fulfilments. Any refusal to provide them or to communicate them, in whole or in part, and in the form requested, may make it impossible for the Company to provide the services or services related thereto, to process requests, to execute the contract and/or to continue the relationship. 

Pursuant to Art. 6 lett. b, c of the EU Regulation no. 679/ 2016, the processing of Data is lawful for the purposes set out in point 2, lett. a), b), c), d). 

The provision of the Data relating to the processing for the purposes referred to in point 2, letter e) is, on the other hand, optional and failure to provide it will not entail any consequences 

It should be noted that the data subject has the right at any time to object, in whole or in part, to such processing, by contacting the e-mail address privacy@emme1972.com 

4) TREATMENT MODALITIES 

The processing of the Data is carried out with or without the aid of computer procedures or, in any case, telematic means and paper supports, with or without the aid of automated processes by persons, internal or external, specifically appointed and authorised for this purpose and committed to confidentiality. The Data shall be processed and stored with instruments suitable to guarantee their security, integrity and confidentiality through the adoption of adequate security measures as provided for by law. The processing shall be carried out by means suitable for storing, managing and transmitting the Data and shall include all the operations or set of operations necessary for the processing in question, including the processing management of your Data in the Company’s management programs and through the communication of such data to subjects. 

5) COMMUNICATION AND DISSEMINATION, ADDRESSEES 

No dissemination of Personal Data for a purpose other than that for which it was collected/considered is envisaged. The Data may be communicated to third parties only for the performance of obligations related to the purposes set out in point 2) above. In particular, the Data thus collected and processed may be communicated, in the forms, manner and within the limits permitted by law, to third parties: 

– in order to fulfil contractual and pre-contractual obligations (e.g. in order to fulfil contractual and pre-contractual obligations (e.g. communication of your data to couriers for the delivery of goods or to external companies for various processing operations); 

– in order to fulfil tax, legal and similar obligations to subjects in charge of tax, accounting, legal and contractual, IT management; 

– in order to fulfil obligations provided for by current regulations, to public authorities or administrations for tax or legal fulfilment; 

– in order to fulfil contractual obligations to subjects carrying out processing, recording and filing of Data for third parties (e.g. companies supplying hardware and software); – in order to fulfil contractual obligations to subjects carrying out processing, recording and filing of Data for third parties (e.g. companies supplying hardware and software); – in order to fulfil contractual obligations to subjects carrying out processing, recording and filing of Data for third parties (e.g. companies supplying hardware and software). companies that supply hardware and software); 

– to Companies belonging to the corporate group of which the Company is a member; 

– to Insurance Companies and Credit Institutions for exclusively management purposes relating to collections and payments or the issuing of any guarantees provided for the execution of contracts; credit recovery companies, Business Organisations to which the Company is a member. 

– to Insurance Companies and Credit Institutions for purely managerial purposes relating to collections and payments or the issuing of any guarantees provided for the execution of contracts; credit recovery companies, Business Organisations to which the Company belongs. 

Your Data may be known and processed by our in-house appointees for the above purposes. Each appointee is subject to the obligation of confidentiality of your Data. Furthermore, your Data may be viewed by external subjects in charge of the control and maintenance of hardware and software during the interventions necessary for the correct functioning of the same. All those who are not appointed as Data Processors are to be considered autonomous Data Controllers. 

6) TRANSFER OF DATA ABROAD TO COUNTRIES OUTSIDE THE EUROPEAN ECONOMIC AREA 

Since EMME 1972 S.p.A. operates globally, it may be necessary to transfer Personal Data to other countries, in particular to our head office, for management purposes. It may also be necessary to make transfers to other countries in which we operate. When we export Personal Data to another country, we will take the necessary steps to ensure that such transfer of Personal Data complies with applicable laws and regulations. We have required binding corporate rules in accordance with the process approved by the European Commission and the General Data Protection Regulation. These clauses constitute contractual commitments between the companies of EMME 1972 S.p.A. that bind them to protect the privacy and security of Personal Data. 

Similarly, when we use third party service providers and their services involve transfers of Personal Data outside the country where the Personal Data were initially collected, we make sure that the third party service provider has adequate mechanisms in place for the transfer of Data, such as Data processing clauses and/or standard contractual clauses to allow for the transfer. 

7) STORAGE TIMES 

The Data shall be processed and kept for the time necessary for the fulfilment of administrative, accounting, legal and tax purposes relating to the contractual relationship existing between the Controller and the data subject and for the fulfilment of the relative obligations and also arising from the obligations provided for by law, in any case within the prescriptive terms provided for by law for the rights and obligations underlying the processing for the exercise of the rights arising from the contractual relationship even after its final termination and those necessary for the definition of the dispute arising in the meantime, if longer. 

With reference to the processing for the purpose of sending commercial and promotional communications of the Controller’s own activities, products and services and for sending information messages relating to the Controller’s business, the data will be retained for two years after the last contact with the Controller and in any case until the data subject exercises his/her right to object through the methods made available for this purpose. 

The data subject may exercise the following rights 

1. a) right of access: to obtain at any time confirmation that your Data is being processed and to receive information about such processing; 

2. b) right of rectification: to obtain without undue delay the rectification of inaccurate Data concerning him/her or the integration thereof; 

3. c) Right to erasure: to obtain without undue delay the erasure of your Data; 

4. d) right of limitation: to obtain the limitation of the processing to storage only; 

5. e) Right to portability: to receive your Data in a structured, commonly used and machine-readable format and to obtain that your Data be transferred to another data controller indicated by you; 

6. f) right to object: to object to the processing of your Data. 

The data subject may contact the Data Controller to exercise the rights recognised by the GDPR by sending a request to the following email address privacy@emme1972.com 

We will respond to the request within a reasonable period of time, normally within one month of receipt, and inform the data subject of the action taken. 

With regard to the processing of your Data and the exercise of your rights, you may always lodge a complaint with the Garante per la protezione dei dati personali, Piazza di Monte Citorio n. 121 -00186 Roma – www.gpdp.it – www.garanteprivacy.it. 

9) CHANGES AND UPDATES 

This notice may be subject to amendments and additions, also as a consequence of the updating of the applicable legislation on the protection of natural persons with regard to the processing of personal data and the free movement of such data.