ver. 9 November 2020
Intesi Group Spa in its capacity of Data Controller with regard to the processing of your personal data pursuant to (EU) Reg. 2016/679 (hereinafter the ‘GDPR’), hereby informs you that the said regulation protects data subjects with regard to the processing of their personal data and that the said processing will take place in a fair, lawful, transparent manner which protects your privacy and your rights.
Your personal data will be processed in accordance with the terms of the above legal provisions and the confidentiality obligations contained therein.
Further to your consent, your personal data may be used for the following purposes:
Your contribution of data is optional with regard to the abovementioned purpose, and any refusal of consent will not affect the continuation of the relationship or the congruency of the processing.
Processing procedures. Your personal data may be processed by the following ways:
All data are processed in compliance with the procedures specified in articles 6 and 32 of the GDPR and with the adoption of the appropriate security measures required.
Your data will only be processed by staff specifically authorised by the Data Controller, and specifically by the following categories of staff:
Disclosure. Your data may be disclosed to external entities for the correct management of the relationship and specifically for the following categories of Recipients, including all the duly designated Data Processors:
Distribution: Your personal data will not be distributed in any way.
Your personal data may also be transferred, only for the aforesaid purposes, to the following countries:
Data Storage Period. In accordance with the principles of lawfulness, limitation of purpose and minimisation of data, pursuant to art. 5 of the GDPR, the data storage period for your personal data is:
Data Controller: the Data Controller, as defined by the Law, is Intesi Group Spa (Via Torino 48 , 20123 Milano (MI); VAT number: 02780480964; contactable at the following addresses: E-mail: email@example.com; Phone number: 026760641) in the person of its current legal representative.
The Data Protection Officer (DPO) designated by the Data Controller pursuant to art. 37 of the GDPR is:
You are entitled, by application to the Data Processor, to obtain the erasure (right to be forgotten), restriction, updating, rectification and portability of your personal data, to object to their processing, and in general to exercise all your rights under articles 15, 16, 17, 18, 19, 20, 21 and 22 of the GDPR.
1. The data subject has the right to obtain confirmation as to whether or not personal data concerning him or her exist, regardless of their being already recorded, and disclosure of such data in intelligible form, and the right to lodge a complaint with the supervisory authority.
2. The data subject has the right to be informed of:
3. The data subject is entitled to obtain:
4. The data subject has the right to object, in whole or in part:
ver. 9 November 2020