Privacy

Information for data processing

EU REGULATION No 2016/679/EU on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

In accordance with the Regulation on the protection of individuals with regard to the processing of personal data and on the free movement of such data (EU Regulation of the European Parliament and of the Council of 27 April 2016, n. 2016/679/EU – GDPR).

Data Controller: ZANASI GROUP SRL with registered office in MARANELLO (MO) in VIA FARINA 31 Fiscal Code and P. VAT 02732390360 Tel. 0536 941018 PEC zanasi@cert.cna.it as “Data Controller”, provides you with this information as “Data Controller” of personal data concerning you in accordance with Articles 13 and 14 of the above Regulation.

ZANASI GROUP SRL has appointed a DPO Avv. Chiara Ciccia Romito dpo@zanasigroup.it to whom you can contact for any need.

Data processed: Customer and supplier identification data, contact details (e-mail, telephone), addresses, accounting data.

Purposes of data processing: your data are processed for the fulfilment of legal obligations provided for by tax and fiscal regulations; for the execution and management of the contract, protection of contractual rights; internal statistical analysis; costumer care activities, sending material in digital and paper format concerning products or services similar to those covered by the existing business relationship.

Legal basis of the treatment: the legal basis of the treatment is the contractual relationship, the law for the purposes of treatment of accounting, fiscal and fiscal nature, as well as the legitimate interest of the data controller of the treatment for the sending of promotional and advertising material concerning products or services similar to those covered by the existing business relationship.

Recipients of the data

Your data may also be communicated to third parties, for technical and operational needs strictly related to the purposes set out above and in particular to the following categories of subjects:

  1. entities, professionals, companies or other structures entrusted by us with the processing related to the fulfilment of administrative, accounting and management obligations linked to the ordinary performance of our economic activity, also for credit recovery purposes;
  2. public authorities and administrations for purposes related to the fulfilment of legal obligations or persons entitled to access them by virtue of provisions of law, regulations, EU regulations;
  3. banks, financial institutions or other subjects to whom the transfer of the above mentioned data is necessary for the performance of our company’s activity in relation to the fulfillment, on our part, of the contractual obligations assumed in your relations.
  4. suppliers of installation, assistance and maintenance services for computer and telematic systems and systems and all services functionally connected and necessary for the performance of the services covered by the Contract.

The list of data processors is available on request.

Data retention times

We will keep your data in a form that allows their identification for a period of time not exceeding the achievement of the purposes for which the data were collected; they will therefore be kept until the existence of the existing contractual relationship and no longer than 10 years from the termination of the contract (art. 2946 of the Italian Civil Code regarding limitation). The data strictly necessary for tax and accounting purposes, once the purpose for which they were collected has ceased to exist, will be kept for a period of 10 years as required by the relevant regulations(art. 2220 of the Italian Civil Code).

Data transfer

The Data Controller does not transfer personal data to third countries or international organisations.

However, it reserves the right to use cloud services; in this case, the service providers will be selected among those who provide adequate guarantees, as provided for by art. 46 GDPR 679/16.

Rights of the data subject party

Pursuant to Articles 13, paragraph 2, and 15 to 21 of the Regulations, we inform you that you may exercise the following rights with regard to the processing of your personal data:

  1. Right to obtain access to personal data
  2. Right of rectification and integration of personal data;
  3. Right to have data erased (‘right to be forgotten’) if there is one of the following grounds:
    • the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
    • the data subject opposes the processing and there are no prevailing legitimate reasons for processing;
    • the personal data have been processed unlawfully;
    • personal data must be erased in order to comply with a legal obligation under Union law or the law of the Member State to which the data controller is subject.

    If the data controller has disclosed personal data to the public and is obliged to delete them, the data controller should inform the other data controllers processing personal data of the request to delete any link, copy or reproduction of its data.

  4. Right to limitation of processing in case:
    • the data subject contests the accuracy of the personal data, for the period necessary for the data controller to verify the accuracy of the personal data;
    • the processing is unlawful and the data subject objects to the deletion of the personal data and requests instead that its use be limited;
    • although the data controller no longer needs them for the purposes of processing, the personal data are necessary for the data subject to ascertain, exercise or defend a right in court;
    • the data subject has opposed the processing, pending verification that the legitimate reasons of the data controller take precedence over those of the data subject.
  5. Right to lodge a complaint with the Guarantor for the protection of personal data, following the procedures and indications published on the official website of the Authority www.garanteprivacy.it.
  6. Right to the portability of the data of the data subject or the right to receive in a structured, commonly used and readable format the personal data concerning him/her provided to a data controller and possibly transmit them to another data controller, if the processing is based on consent or on a contract and is carried out by automated means. Where technically possible, the data subject has the right to obtain direct transmission of the data from one data controller to another.
  7. Right to object at any time to the processing of personal data, including profiling, in particular in cases where:
    • the processing is carried out on the basis of the legitimate interest of the data controller, after giving the reasons for the opposition;
    • personal data are processed for direct marketing purposes.

Methods of exercising rights

The interested party may at any time exercise the rights by sending:

  • a registered letter with return receipt to ZANASI GROUP SRL – 41053 – MARANELLO (MO) in VIA FARINA 31
  • an e-mail to info@zanasigroup.it

Data Protection Officer

ZANASI GROUP SRL has appointed a DPO Avv. Chiara Ciccia Romito dpo@zanasigroup.it to whom you can contact for any need

Acknowledgement of the information and rights that can be exercised.

PDF Version