WEB INFORMATION PURSUANT OT GDPR 2016/679 (European Regulation concerning the protection of personal data)
This information is provided to customers who are natural persons and to natural persons who operate in the name and on behalf of legal person, pursuant to Article13 GDPR 2016/679 (European Regulation on the protection of personal data).
CONTACT DETAILS OF THE DATA CONTROLLER
The Data Controller is:
Europass s.r.l., based in Via delle Mimose, 2/A - 31033, Castelfranco Veneto (TV) Italy
PURPOSE AND LEGAL BASIS OF DATA PROCESSING:
We process your data in order to:
a) Fulfil our obligations arising from a contract to which you are party or to fulfil your specific requests, before and after the execution of the contract;
b) Fulfil legal obligations of and administrative, accounting, civil or fiscal nature boud by EU and non-EU regulations and legislation;
c) Undertake customer management (gathering pre-contractual data and information; customer administration; reliability and solvency control to prevent fraud, insolvency and/or default; administration of contracts, orders, shipments and invoices;
d) Manage litigation (breaches of contract, injunction, transactions, recovery of debts, arbitration, judicial disputes);
e) Undertake access and management controll at our sites;
f) Send newsletters, commercial communications and/or advertising material on products or services offered by the Data Controller by email, post and/or text message and/or telephone;
g) Assess the degree of satisfaction concerning the quality of services;
With regard to points (f) and (g) we inform you that your data will be entered in the archives of the Data Controller and used to send technical and commercial communications about services similar to your previous purchases or subject to your specific requests. In particular, they will be usd to send, by email or post, information and communications concerning technical and commercial services, value-added services, interactive pre- and post-sakes services, news and promotions.
Your data will be processed on paper and electronically and we assure you that we have put in place all the measures deemed necessary and/or appropriate to maintain the integrity of your data, and to prevent its loss and any abusive access.
RECIPIENTS OF PERSONAL DATA
The personal data processed will not be disseminated but communicated to well defined subjects. Based on the roles and work tasks performed, internal and external personnel are entitled to process the data within the limits of their competences and in accordance with the instructions given to them by the Data Controller. The data may be communicated to persons entitled to access it in accordance with legal provisions, regulations and standards, to delivery companies, banks and credit institutions, debt collection companies, law firms, insurance companies, IT equipment maintenance companies, professional firms / companies providing accounting, and tax services and to self-emplyed / occasional workers and agents.
TRANSFER OF DATA
Personal data will be processed by yhe Data Controller within the territory of the European Union.
if for technical and/or operational reasons it is necessary to use entities located outside the European Union, or if it is necessary to transfer some of the collected data to technical systems and services managed by cloud solutions and located outside the area of the European Union, the processing will be regulated in accordance with Chapter V GDPR and authorised according to specific decisions by the European Union. All necessary precautions will therefore be taken to ensure the fullest protection of personal data by basing such transfers on:
a) the adequacy decisions on the recipient third countries expressed by the European Commission;
b) adequate guarantees expressed by the recipient third party pursuant to Article 46 GDPR;
c) the adoption of binding company rules.
RETENTION OF DATA
The Data Controller retains and processes the personal data for the time strictly necessary to fulfil the purposes indicated or for the period imposed by the applicable provisions on civil and tax matters.
RIGHTS OF THE DATA SUBJECT
Under the terms of GDPR, the data subject has the right of access to their data (Article 15) the right to rectification (Article 16), the right to erasure (Article 17), the right to restrict processing (Article 18), the right to data portability (Article 20), the right to object to the processing (Article 21) and the right to object to automated decision-making (Article 22). The data subject may exercise their rights by writing to the Data Controller at the above address or by email to: email@example.com
WITHDRAWL OF CONSENT
With reference Article 7 GDPR, the interested party may revoke, at any time and in any manner, the consent previously given.
RIGHT TO LODGE A COMPLAINT
The interested party has the right to lodge a complaint with the Supervisory Authority in their state of residence.
PROVISION OF DATA
The provision of personal data including email address for the sending of administrative documents is mandatory according to legal requirements, rules and regulations as it impacts the Data Controller's ability to properly and effectively fulfil its contractual obligations; therefore any refusal to provide necessary data willrender the fulfilment of the contractual obligations impossible. Consent is optional in relation to advertising material, market research or promotional activities.
AUTOMATED DECISION-MAKING PROCESSES
The Data Controller does not carry out processing that consists of automated decision-making processes on the data handled.