Dear Customer, In compliance with the obligations set out in the European Privacy Regulation UE / 2016/679 (GDPR), we hereby inform you that Borgata SRL, with offices in Via Farini 21, CAP 40124, City Bologna, Province BO, PEC email@example.com, VAT number 03380951206, tax code 03380951206, registered in the Business Register of BO, number REA BO 514779, as the Owner will process the personal data concerning you and that there have been or may come – from you or other subjects – conferred / communicated during the relationship with our structure.
The processing of data, freely given by you or otherwise collected, will be carried out in compliance with the privacy rules in force; based on the principles of correctness, lawfulness and transparency and carried out in compliance with the principles of relevance, completeness and non-excess.
The data will be collected and recorded only for the purposes referred to in point 1) and will be stored for such purposes for a period not exceeding 10 years from their collection for administrative and accounting purposes and not more than 24 months from their collection for purposes of marketing.
- Therefore, as provided for by article 13) of the European Regulation EU / 2016/679 (GDPR), we inform you that the data you provide will be processed for the following purposes:
- For the regular performance of the institutional activities and / or envisaged by the corporate purpose;
- For requirements relating to the stipulation of contracts and appointments, to their execution, to subsequent modifications or variations and for any obligation envisaged for the fulfillment of the same;
- For operational, organizational, managerial, fiscal, financial, insurance and accounting needs related to the established contractual and / or pre-contractual relationship;
- To fulfill any type of obligation required by laws, regulations or community legislation;
- For the registration, management and storage of logs of any access to the Company Website, the Company Information System and company offices;
- For the purposes of Access Control, Business Security and video surveillance;
- For the needs of monitoring the methods of delivery of products / services, the performance of relations with suppliers and the analysis and management of risks connected to the contractual relationship;
- For traditional marketing activities such as: sending brochures, catalogs and commercial and / or technical documentation with paper mail and telephone calls with the operator (after obtaining your explicit consent);
- For marketing activities with automated tools or similar such as: E-mail, Instant Messaging, Chat and phone calls without an operator (after obtaining explicit consent from you);
- For online marketing activities, web marketing and web advertising (after obtaining your explicit consent). – n) For profiling and / or management of automated decision making processes (prior to acquisition of His explicit consent).
- The processing will be carried out in a partially automated manner and may consist of the following operations:
- Collection, registration, organization and conservation;
- Consultation and use;
- Selection, extraction, comparison;
The treatment will be carried out both with the use of paper supports and with the aid of electronic, IT and telematic tools suitable to guarantee the security and confidentiality of the data in compliance with the provisions of art. 32) of the European Privacy Regulation UE / 2016/679 (GDPR).
In carrying out the processing operations, however, all technical, IT, organizational, logistic and procedural security measures will always be adopted, in order to guarantee the minimum level of data protection required by law. The methodologies mentioned above, applied for processing, will guarantee access to data only to the subjects specified in points 4) and 5).
- The provision of data is:
- Indispensable and does not require your consent for all personal data that are essential for the correct establishment, management and continuation of the commercial and / or contractual relationship;
- Optional for data that requires consent.
A possible refusal, even if legitimate, to provide all or part of the above data, could compromise the regular performance of the relationship with our structure and in particular, for personal data on defined as mandatory and indispensable, could result in the impossibility on our part to carry out normal business operations and the regular delivery of the requested products / services.
- The subjects or the categories of subjects that will be aware of the data or to which the data can be communicated are the following:
- Legal Representative of the Data Controller;
- Data Processors (Customer Assistance, Marketing);
- Trustees of the Treatment.
Personal data may also be disseminated, but only in aggregate, anonymous and for statistical purposes.
- If the processing could also concern personal data included in the list of “particular” data (that is, data capable of revealing the racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership to parties, unions, associations or organizations of a religious, philosophical, political or trade union nature, as well as personal data suitable for revealing health and sexual life), the treatment will be carried out within the limits indicated by the General Authorizations of the Privacy Guarantor, the methods provided for by Legislative Decree 196/03, as amended by Legislative Decree n. 101/2018, and for the purposes strictly necessary for the regular performance of the business, of the operations related to the provision of products / services and the fulfillment of contractual obligations and / or the law / regulation.
In this case, the subjects or categories of subjects who may become aware of the sensitive data or to which the data may be disclosed are the following:
- Legal Representative of the Data Controller;
- Trustees of the Treatment.
- Personal data may also be communicated to Public Authorities, Police Forces or other Public and Private Subjects, but exclusively for the purpose of fulfilling legal obligations, regulations or Community legislation. The data in question will not be disclosed to other subjects other than those provided in this statement and the data suitable to reveal the health status of the person concerned will in no case be disseminated.
- The data may be processed and transferred, for the purposes referred to in point 1) and according to the procedures referred to in point 2), also to persons allocated in countries belonging to the European Union and / or outside the Union European Union on the basis of a Decision of Adequacy of the European Commission.
- In any case you can always ask the Legal Representative of the Data Controller to copy your personal data, information about the location where your personal data are processed and an updated list with the identification details of all the Data Processors of the Processing and of the System Administrators authorized to process your data.
- At any time, you can freely revoke the consent given, without any charge and prejudice to the lawfulness of the treatments up to that point made, and exercise the following rights of the data subject towards the Data Controller as provided by the European Privacy Regulations EU / 2016/679 and by Legislative Decree. 196/03, as amended by Legislative Decree n. 101/2018: