Subject: Report on the treatment of your personal data according to GDPR Regulation (EU) 2016/679 bearing the code on the subject matter of protection of personal data.
We would like to inform you that for the institution and execution of current contractual relations with you, our organization is in possession of data related to you, your purchases including verbal ones made directly or through third parties, which qualify as personal data according to GDPR Regulation (EU) 2016/679 - Code on the subject matter of protection of personal data. The code in object states that whomever handles personal data is held responsible of informing the interested party on what data is handles and on each of the key elements involved in this treatment: this must be carried out with correctness, lawfulness and transparency, protecting your privacy and your rights.
In respect of this law we are providing you with the following information:
Nature of the data treated
We treat your personal and fiscal data, and also data of economical nature, which are necessary for the execution of current or future contractual relations with your company. We are not in possession of any of your data qualifying as sensitive (art. 4 letter d) of the code) or judicial (art. 4 letter e) of the code).
Purpose of the treatment
Your data is treated in relation to contractual needs, and according to consequential fulfilment of legal and fiscal obligations, and also to permit efficient management of financial and commercial relations. The data is treated for the entire duration of the contractual relationship and also after, in order to fulfil law obligations and for administrative and commercial purposes.
Means of treatment
The treatment of data takes place through the use of apposite instruments and procedures in order to guarantee the safety and privacy and can be carried out both on paper and through the use of electronic support.
Obligation or option of giving data
Concerning the data that we are obliged to know, in order to fulfil obligations provided by law, according to norms and EC regulations, that is according to provisions given by Authority to whatever is legitimized by law and by surveillance and control organs, the lack of informing us of this information on your part would involve the impossibility of establishing or continuing the relationship, being that this data is necessary for the execution of the same.
With reference to the data that we are not obliged to know, your lack of providing us with this information will be evaluated by us each time, and will determine consequent decisions by assessing what importance this requested information has for our organization.
Extent of knowledge of your data
The following categories of people can come to know your personal data in quality of being the person in charge or appointed to treat this information, nominated by the undersigned to treat personal information, controller of the treatment of personal information:
- Executives, administrators, governors
- Record keeping offices and professional accountants
- Foreign consultants and professional accountants
- Auditing Firms – auditing of accounts
- Persons in charge of accounting and invoicing
- Persons in charge of commoditization of services
- Agents and representatives
Communication and diffusion
We will not diffuse your data, meaning that we will not give this information to uncertain persons in any way, even through their availability or consultation.
Your data can be communicated, meaning that we will give this information to one or more determined persons, according to the following terms:
- To persons who can access the data according to the laws in force, EC regulations or norms, within the limits prescribed by these norms
- To persons who need to access your data in order to aid our relationship, strictly within the limits necessary to carry out this additional task (credit institutions and shipping agents are mentioned just as an indication)
- To persons who are our consultants, within the limits necessary to carry out their work with our company, prior to our written agreement that imposes their obligation of privacy and safety.
Here below we are including an excerpt of GDPR Regulation (EU) 2016/679, in order to remind you that you can exercise the following rights towards us: The interested party has the right to obtain the proof of the existence or not of personal data that concern them, even if it is not yet registered, and its communication in a comprehensible form. The interested party has the right to obtain evidence: of the origin of personal data; of the purpose and method of use; of the accuracy applied in case of use carried out with the aid of electronic instruments; of the identity details of the holder, of the persons in charge and of the appointed representative according to article 5, chapter 2; of the subjects or set of subjects to whom the data can be communicated or which can become known to in the capacity of appointed representative of the territory of the State, of the persons in charge or representatives. The interested party has the right to obtain: the updating, the amendment that is, when there is interest, and the insertion of data; the cancellation, the alteration into an unnamed form or the blocking of data used in violation of the law, including those of which retention is not necessary in relation to the purposes for which the data have been collected or subsequently used; the declaration that the operations of a) and b) have been brought to the notice, also as regards their content, of those to whom the data has been communicated or circulated, excepting the case in which compliance is impossible or carries a use of clearly disproportionate means with respect to the safeguarding of the right. The interested party has the right to object, completely or in part: for valid reasons to the use of personal data that regard them, even if relevant to the purpose of the collection; the use of personal data that concerns them with the purpose of forwarding advertising material or direct sales or to carry out market research or for commercial communication.
Company in charge of handling of data
In order to exercise the above-mentioned rights you can contact the following company in charge, nominated necessarily by us according to GDPR Regulation (EU) 2016/679: AGRIGEST S.r.l., Centro Dir. Isola E/2 Scala A – 80143 NAPOLI - Tel. +39 081 7506111 – Fax +39 081 7506199 - Email: email@example.com
The complete list of all the persons in charge of personal data, both internal and external workers, nominated by us are available upon your request in our offices.