Privacy protection – Customer information pursuant to Article 13 of EU Regulation 679/16.

The data requested from you as an interested party are processed by  Gin srl – Via A.Bellatalla 32, Traversa A – zona ind. Ospedaletto – Pisa VAT number 01650070509 – REA PI N ° 144073 – PEC g.i.n.srl@cert.cna.it 

The processing of personal data, carried out in full compliance with current legislation (Legislative Decree No. 196 of 30 June 2003 and EU Regulation 679/16), is carried out for the management of the commercial relationship between the parties and, in particular, to provide information to the Customer, for the registration of orders and the delivery of products, the keeping of accounts, the execution of communications by paper, computer and telephone means, therefore the management of the relationship with the Customer for the satisfaction of all obligations contractual and legal (Purpose of processing).

The undersigned Data Controller will therefore process the identification data (eg name and surname, tax code, residence / domicile address, telephone number, e-mail address, bank details), for the purposes indicated above, these data are necessary to the supply of the commercial service itself. The legal basis of the related processing is therefore the execution of pre-contractual measures and the execution of the contractual relationship, therefore the fulfillment of the related legal obligations (eg accounting and tax). In the event of disputes relating to this relationship, the legal basis is the legitimate interest of the Data Controller for the right of defense.

The processing of personal data will consist in the collection, registration, organization, structuring, storage, processing, adaptation or modification, extraction, selection, consultation, use, communication by transmission or other form of making available, comparison or interconnection, limitation, cancellation or destruction of the same. The data processing will be carried out with the aid of electronic, IT and telematic tools suitable for guaranteeing the confidentiality of the same, in accordance with the provisions of current legislation.

Personal data are processed in written form, on paper, magnetic and telematic support, with suitable tools to guarantee the safety of the same, and entered in the data bank of the Data Controller.

The provision of personal data does not constitute a legal obligation, but it is contractually necessary, therefore mandatory if a contractual relationship is established for the undersigned Data Controller to perform the requested service, therefore for the purposes indicated above.

In the event of refusal to provide such information, theData Controller will not be able to perform the requested contractual service.

Personal data can be communicated to all subjects (recipients) to whom the right of access is recognized by current legislation and for purposes related to legal obligations (eg Guarantor Authority, Public Authorities). They can also be communicated to professionals, IT experts, credit institutions, persons in charge of processing related to the fulfillment of administrative, accounting and management obligations related to the ordinary performance of our business (eg accounting and tax compliance, verification of economic relationships with the customer, credit recovery, hosting-website service, internet connection supply) who may be designated as Data Processors pursuant to Art 28 of EU Reg. 679/16. The aforementioned personal data will not be disseminated .

The list of persons appointed as Data Processors is available at the registered office of the Data Controller.

Personal data is stored on servers located in Italy, and in any case within the European Union. In any case, it is understood that the undersigned Data Controller, if necessary, will have the right to move the servers even outside the EU. In this case, it ensures from now on that the transfer of data outside the EU will take place in accordance with the applicable legal provisions and the provisions of Articles 44 and following of the EU Regulation 679/16.

Pursuant to EU Regulation 679/16, as an interested party you can exercise the following rights:

• the right to obtain from the Data Controller confirmation as to whether or not personal data concerning you is being processed and, in this case, to obtain access to personal data and information provided for by art. 15 (e.g. information relating to the purposes of the processing, the categories of personal data in question, the recipients or categories of recipients to whom the personal data have been or will be communicated, the retention period, their rights, the origin of the data if not collected from the interested party, the existence of an automated decision-making process, etc);
• the right to obtain, where inaccurate, the rectification of personal data concerning you, as well as the integration of the same where considered incomplete, always in relation to the purposes of the processing (Article 16);
• right to delete data (“right to be forgotten”), where one of the cases referred to in art. 17;
• right to limit the processing, in the cases provided for by art. 18;
• right to data portability pursuant to art. 20;
• right to object to processing pursuant to art. 21;
• where the legal basis of the processing is consent, the right to withdraw the consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation.

The Data Controller does not adopt automated decision-making processes, the rights referred to in Article 22 of EU Regulation 679/16 apply to the data subject.

The interested party also has the right to be informed, where applicable, of the Data Controller’s intention to transfer the data to a third country or to an international organization and the existence or absence of an adequacy decision by the Commission or in the event of transfers pursuant to articles 46, 47 and 49 c.2, the reference to appropriate and opportune guarantees and the means to obtain a copy of such data or the place where they were made available.

All the aforementioned rights can be exercised with a request addressed without formalities to the Data Controller (eg by contacting us by e-mail or by telephone).

Finally, as an interested party, you have the right to lodge a complaint with a supervisory authority (Art 77 EU Regulation 679/16 – Art 140 bis et seq. Legislative Decree 196/2003).

Personal data will be kept exclusively for the time strictly necessary to carry out the purposes described above and to fulfill the obligations established by law (e.g. of an administrative, fiscal and accounting nature – ten years pursuant to articles 2220 and 2946 of the Italian Civil Code), without prejudice to any issues. of an accounting or litigation nature that may extend this period. Subsequently, once the strictly necessary time has elapsed, the personal data will be deleted or transformed into anonymous form and used for statistical purposes only.