Who owns your data?
The "Data Controller" (hereinafter Owner) is Digitalandcopy sas, (PI 0665540096) with registered office in via Monzese, 40 - Vignate (MI). Contact information below: E-mail: firstname.lastname@example.org
Who treats them?
The complete and updated list of "data processors" (internal and external), ie the subjects who manage your data, can be requested from the Data Controller at any time, as identified above, through the contacts indicated.
What data do we process?
The Data Controller processes the following data:
personal identification data (personal data, telephone, bank ref. ...)
Why do we ask them?
Legal basis: the processing of your data is always and in any case carried out in the presence of one or more of the circumstances referred to in art. 6, paragraph 1, letter f) of the GDPR.
Execute contracts related to our services
Fulfill the obligations established by law
Marketing and commercial purposes (requires your consent)
Are you obliged to provide them to us?
The provision of data for some of the purposes referred to in the previous paragraph (B1, B2) is mandatory - in their absence, we could not guarantee the services we offer.
Who do we transfer your data to?
Your data may be made accessible for the purposes referred to in point 4 ("Why do we ask you?"):
to employees and collaborators of the Data Controller, in their capacity as persons in charge and / or internal managers of the processing and / or system administrators - the list of these subjects is always available from the Data Controller;
to third-party companies or other subjects (by way of example but not limited to: printing and prepress centers, marketing consultants, professionals in the graphic and publishing sector, etc.) who carry out outsourced activities on behalf of the Data Controller, in their capacity as external data processors - even the list of external managers is always available from the Data Controller upon simple request.
Where is your data stored?
The data are stored on IT support: precisely, on a local server located within the registered and administrative headquarters. Some of the data are stored on paper, stored in the archives at the registered and administrative headquarters.
How long do we keep them?
Your data are kept, in compliance with legislative obligations (and precisely having regard to the ordinary limitation periods), for no more than 10 years.
These are your rights:
Access: you can always obtain confirmation of the existence or not of personal data concerning you, as well as the methods of treatment, its purposes and the contacts of the Data Controller and data processor.
Correction and cancellation: you have the right to have your data always correct and updated - you can therefore ask for it to be updated, corrected or integrated. You can also request the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed;
Copy: you have the right to ask us for a copy of the processed data - in the event of further copies we may charge you a reasonable fee based on administrative costs;
Portability: you have the right to receive the personal data concerning you in a structured and commonly used format and you have the right to transmit such data to another data controller without impediments;
Opposition: you have the right to object at any time, for reasons related to your particular situation, to the processing of personal data concerning you pursuant to Article 6, paragraph 1, letters e) or f) of the GDPR;
Withdrawal of consent
Complaint: you have the right to contact the competent authority (the Guarantor for the protection of personal data).
Who can you contact?
Whether you want to assert your rights, whether you want to obtain information, you can always contact the "data controller" - that is, the person identified in the first point of this information - at the contact we have indicated.
"Data protection" management model
We point out that, to comply with the GDPR, we have prepared a privacy organizational model, identifying roles and responsibilities regarding the processing of personal data, identifying in particular the Heads of Organizational Units or Offices that deal with data protection.
This Notice contains the information required pursuant to art. 13 of Regulation (EU) 2016/679, concerning the protection of individuals with regard to the processing of personal data (hereinafter, "GDPR"), without prejudice to the changes and adaptations that will become necessary following the repeal of the Privacy Code , as well as European or national legislative interventions and / or provisions of the supervisory authorities subsequent to the publication of this letter.
Genetic data means personal data relating to the genetic, hereditary or acquired characteristics of a natural person, resulting from the analysis of a biological sample of the person in question.
Biometric data are considered personal data when they are obtained from a specific technical treatment relating to the physical, physiological or behavioral characteristics of a natural person that allow or confirm their unique identification, such as facial image or fingerprint data.
Health data includes information about the natural person collected in the course of their registration in order to receive health care services or related provision, such as: a number, a symbol or a specific element attributed to a natural person to uniquely identify him for purposes sanitary; information resulting from tests and checks carried out on a part of the body or an organic substance, including genetic data and biological samples; and any information regarding, for example, a disease, disability, risk of disease, medical history, clinical treatments or physiological or biomedical status of the data subject, regardless of the source, such as, for example, a doctor or other healthcare provider, hospital, medical device, or in vitro diagnostic test.