Personal Data Protection – EU Regulation 2016/679 – Information for individuals and companies
The goals of this law are to protect personal information (names, addresses etc.), forbidding incorrect or unlawful uses of the above mentioned information and imposing to verify the correctness and completeness of the data, in order to avoid any damage even on the image point of view.
All the owners of the personal information treatment or/and all the people in charge who could access to the personal information archives for any working reasons should pay utmost attention in data treatment. They shouldn’t popularize (make known or publish) any information, except if agreed with the Direction and/or with the involved person and in the authorized cases.
The involved person could exercise all the rights, as for the art. 7 of the lgs. decree n. 196/2003 (among them, the rights of accessing, rectifying, updating, opposing to the treatment and cancelling the data), sending his request to the address:
Via Del Commercio, 22/F
61032 FANO (PU)
Customer & Supplier Personal Data Protection – EU Regulation 2016/679 – Information for customer and suppliers
Personal data collected by the controller SmartSystem Srl, are processed in printed, computing and telematic form for the performance of contractual and lawful obligations as well as for the effective handing of business relations, also for future use.
The non-submittal of data, where not compulsory, will be evaluated from time to time by the controller and the resulting decisions to be made will take into account the importance of the requied data in respect of the business relation management.
Data may be disclosed, strictly in accordance with the above-mentioned purposes, and consequently processed, only in relation to the said purpose, by the other subjects :- our agents organization – factoring companies – banks – credit recovery companies – credit insurance company – business information companies – professional and consultants – statistic companies
In relation to the same purposes, data may be processed by classes of executors.
The data collected will be treated for the duration of contractual and lawful obligations as well as for the effective handling of business relations, also for future use.
The data subjects may exercise all the rights set forth in EU Regulation 2016/679 (including the rights of data access, updating, objects to data processing and cancellation).
The processor is SmartSystem Srl.
Section 7: Right to Access Personal Data and Other Rights 1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
2. A data subject shall have the right to be informed a) of the source of the personal data; b) of the purposes and methods of the processing; c) of the logic applied to the processing, if the latter is carried out with the help of electronic means; d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
3. A data subject shall have the right to obtain a) updating, rectification or, where interested therein, integration of the data; b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. A data subject shall have the right to object, in whole or in part, a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.
Section 8: Exercise of Rights 1. The rights referred to in Section 7 may be exercised by making a request to the data controller or processor without formalities, also by the agency of a person in charge of the processing. A suitable response shall be provided to said request without delay.
2. The rights referred to in Section 7 may not be exercised by making a request to the data controller or processor, or else by lodging a complaint in pursuance of Section 145, if the personal data are processed: a) pursuant to the provisions of decree-law no. 143 of 3 May 1991, as converted, with amendments, into Act no. 197 of 5 July 1991 and subsequently amended, concerning money laundering; b) pursuant to the provisions of decree-law no. 419 of 31 December 1991, as converted, with amendments, into Act no. 172 of 18 February 1992 and subsequently amended, concerning support for victims of extortion; c) by parliamentary Inquiry Committees set up as per Article 82 of the Constitution; d) by a public body other than a profit-seeking public body, where this is expressly required by a law for purposes exclusively related to currency and financial policy, the system of payments, control of brokers and credit and financial markets and protection of their stability; e) in pursuance of Section 24(1), letter f), as regards the period during which performance of the investigations by defence counsel or establishment of the legal claim might be actually and concretely prejudiced; f) by providers of publicly available electronic communications services in respect of incoming phone calls, unless this may be actually and concretely prejudicial to performance of the investigations by defence counsel as per Act no. 397 of 7 December 2000; g) for reasons of justice by judicial authorities at all levels and of all instances as well as by the Higher Council of the Judiciary or other self-regulatory bodies, or else by the Ministry of Justice; h) in pursuance of Section 53, without prejudice to Act no. 121 of 1 April 1981.
3. In the cases referred to in paragraph 2, letters a), b), d), e) and f), the Garante, also following a report submitted by the data subject, shall act as per Sections 157, 158 and 159; in the cases referred to in letters c), g) and h) of said paragraph, the Garante shall act as per Section 160.
4. Exercise of the rights referred to in Section 7 may be permitted with regard to data of non-objective character on condition that it does not concern rectification of or additions to personal evaluation data in connection with judgments, opinions and other types of subjective assessment, or else the specification of policies to be implemented or decision-making activities by the data controller.