(articles 13 and following European Regulation 679/2016)
GLEMISOFT di Corso Antonio is a company specialized in the Information sector technology.
With this document, we intend to renew our commitment to ensure that the processing of personal data collected through this website (hereinafter, the “ Website “), performed in any mode, either automated and manual, takes place in full compliance with the protections and rights recognized by Regulation (EU) 2016/679 (“ GDPR ”or“ Regulation ”) and by further applicable rules on the protection of personal data.
With the term personal data reference is made to the definition contained in art. 4 in point 1) of the Regulations, that is “any information concerning an identified or identifiable natural person; the natural person who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more characteristic elements of his physical identity, is considered identifiable, physiological, genetic, psychic, economic, cultural or social “(hereinafter, the” Personal Data”).
The Regulations provide that, before proceeding with the treatment of Personal Data – this term being understood, according to the relative definition contained in art. 4 in point 2) of the Regulation, “any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as the collection, registration, organization, structuring , storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or the destruction “(hereinafter, the” Treatment “) – it is necessary for the person to to which such Personal Data belong is informed about the reasons why such data are requested and how they will be used.
In this regard, this Information – drafted on the basis of the transparency and all the elements required by art. 13 and following of the Regulation – aims to provide you, in a simple and intuitive way, with all the useful and necessary information so that you can provide your Personal Data in a conscious and informed manner and, at any time, request and obtain clarifications and / or corrections.
A. THE HOLDER OF THE TREATMENT
The company that will process your Personal Data for the main purpose of referred to in Section B of this Notice and which, therefore, will play the role of data controller according to the relevant definition contained in art. 4 at point 7) of the Regulation, that is “the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data” is:
GLEMISOFT by Corso Antonio (hereinafter the “ Owner ”), with registered office in Via G. Verdi n. 7, PI 02614750814, 91029 – Santa Ninfa (TP) ( in the following the “ Sede ”).
Your personal data are collected and processed by the Data Controller for strictly connected to the use of the Site and its information services. Furthermore, your personal data may also be used in various processing operations (storage, archiving, processing, etc.) in any case in terms compatible with these purposes. In particular, your personal data may be processed for the following purposes:
a) respond to requests;
b) allow the provision of the services requested by you;
c) fulfill legal obligations;
d) sending promotional and direct marketing communications, including ‘sending newsletters and market research.
The legal basis for the processing of personal data for the purposes mentioned in letters a), b) and c) is art. 6.1 lett. b) and c) of the GDPR, as the treatments are necessary to respond to the requests of the interested party, for the provision of the requested services, also representing a necessary treatment to fulfill a legal obligation of the Data Controller. The provision of personal data for these purposes is optional but failure to provide it would make it impossible to activate the services provided by the site, meet requests.
The legal basis for the processing of personal data for the purposes referred to in letter d) is </ span > the art. 6, paragraph 1, point f) of the GDPR, the Data Controller may carry out this activity based on its legitimate interest, regardless of your consent and in any case up to your opposition or limitation (pursuant to the provisions of Section G letter d) of the this Notice) to this Processing as better explained in Recital 47 of the Regulation, in which it is “considered legitimate interest to process personal data for direct marketing purposes”. This will also be possible following the evaluations carried out by the Data Controller regarding the possible and possible prevalence of your interests, rights and fundamental freedoms that require the protection of Personal Data on your legitimate interest in sending direct marketing communications.
The contact methods aimed at direct marketing activities can be either of the automated type and of the traditional type. In any case, and as further specified in Section G below, you can revoke your consent, even partially, for example by consenting only to traditional contact methods.
As for the contact methods that involve the use of your contacts telephone, we remind you that the direct marketing activities by the Data Controller will be carried out after verification of your possible registration in the Register of Oppositions, as established pursuant to and for the effects of the DPR 7 September 2010, n. 178 and subsequent amendments
The Personal data that will be requested from you for the pursuit of above, will be those reported in the contact form that is, by way of example: name, surname, e-mail address, telephone numbers.
C. SUBJECTS TO WHOM YOUR PERSONAL DATA MAY BE COMMUNICATED
Your Personal Data may be disclosed to specific subjects considered recipients of such Personal Data.
In fact, art. 4 at point 9) of the Regulations, defines as recipient of a Personal Data “the natural person or legal, the public authority, the service or another body that receives communication of personal data, whether or not it is a third party “(hereinafter, the” Audience ”).
With this in mind, in order to correctly carry out all the Treatment necessary to pursue the purposes referred to in this Notice, the following Recipients may be in a position to process your Personal Data:
third parties who carry out part of the processing and / or activities connected and instrumental to the same on behalf of the Owner. These subjects have been appointed as data processors, having to be understood individually with this term, pursuant to art. 4 in point 8) of the Regulations, “the natural or legal person, public authority, service or other body that processes Personal Data on behalf of the Data Controller” (hereinafter, the “Data Processor”);
individuals, employees and / or collaborators of the Owner, to whom specific and / or more processing activities on your Personal Data have been entrusted. These individuals have been given specific instructions on the subject of security and correct use of Personal Data and are defined, pursuant to art. 4 at point 10) of the Regulations, “persons authorized to process Personal Data under the direct authority of the Data Controller or Data Processor” (hereinafter, the “Authorized Persons”).
Where required by law or to prevent or repress the commission of a crime, your Personal Data may be disclosed to public bodies or judicial authorities without these being defined as Recipients. In fact, pursuant to art. 4 at point 9), of the Regulation, “the public authorities that may receive communication of Personal Data in the context of a specific investigation in accordance with the law of the Union or of the Member States are not considered Recipients”.
D. PROCESSING TIME
One of the principles applicable to the processing of your Personal Data concerns the limitation del retention period </ span> , governed by art. 5, paragraph 1, point e) of the Regulation which states “Personal Data are stored in a form that allows the identification of the interested parties for a period of time not exceeding the achievement of the purposes for which they are processed; Personal Data may be stored for longer periods provided that they are processed exclusively for archiving purposes in the public interest, for scientific or historical research or for statistical purposes, in accordance with art. 89, paragraph 1, without prejudice to the implementation of adequate technical and organizational measures required by these Regulations to protect the rights and freedoms of the interested party “.
In light of this principle, your Personal Data will be processed by Owner limited to what is necessary for the pursuit of the purpose referred to in Section B of this Notice.
In particular, as regards the purposes referred to in Section B lett. a), b) and c), your Personal Data, without prejudice to legal obligations, will be processed for a period of time equal to the minimum necessary, as indicated in Recital 39 of the Regulation, i.e. 3 months from the request for contact.
E. REVOCATION OF CONSENT
As required by the Regulations, if you have given your consent to Processing of your Personal Data for one or more purposes for which it has been requested of you, you can, at any time, revoke it totally and/or partially without prejudice to the lawfulness of the Treatment based on the consent given before the revocation.
The methods for revoking consent are very simple and intuitive, you it will be sufficient to contact the Data Controller using the contact channels reported in this Notice and in Section G lett. g).
As required by art. 15 of the Regulation, you will be able to access your Personal Data, request its correction and updating, if incomplete or incorrect, request its cancellation if the collection took place in violation of a law or regulation, as well as oppose the processing for legitimate and specific reasons.
In particular, we report below all your rights that you can exercise, at any time, against the Owner.
a. Right of access
You will have the right, pursuant to art. 15, paragraph 1 of the Regulation, to obtain from the Data Controller confirmation as to whether or not your Personal Data is being processed and, in this case, to obtain access to such Personal Data and the following information: a) the purposes of the Treatment; b) the categories of Personal Data in question; c) the Recipients or categories of Recipients to whom your Personal Data have been or will be communicated, in particular if Recipients from third countries or international organizations; d) when possible, the retention period of the Personal Data provided or, if not possible, the criteria used to determine this period; e) the existence of the right of the interested party to ask the Data Controller to correct or delete personal data or limit the processing of personal data concerning him or to oppose their processing; f) the right to lodge a complaint with a supervisory authority; g) if the Personal Data are not collected from the Data Subject, all available information on their origin; h) the existence of an automated decision-making process, including profiling referred to in Article 22, paragraphs 1 and 4, of the Regulation and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of this treatment for the interested party.
All this information can be found in this Information always at your disposal in the Privacy section of the Website.
b. Right of rectification
You will be able to obtain, in accordance with art. 16 of the Regulation, the correction of your Personal Data that are inaccurate. Furthermore, taking into account the purposes of the processing, you will be able to obtain the integration of your Personal Data which are incomplete, also by providing an additional declaration.
c. Right to cancellation
You will be able to obtain, in accordance with art. 17, paragraph 1 of the Regulation, the cancellation of your Personal Data without undue delay and the Data Controller will have the obligation to delete your Personal Data, if there is even one of the following reasons: a) the Personal Data are no longer necessary with respect to purposes for which they were collected or otherwise processed; b) you have revoked the consent on which the processing of your personal data is based and there is no other legal basis for their processing; c) you opposed the processing pursuant to art. 21, paragraph 1 or 2 of the Regulation and there is no longer any legitimate overriding reason to proceed with the Processing of your Personal Data; d) your Personal Data have been unlawfully processed; e) it is necessary to delete your Personal Data to comply with a legal obligation established by a community standard or by internal law.
In some cases, as required by art. 17, paragraph 3 of the Regulation, the Data Controller is entitled not to delete your Personal Data if their processing is necessary, for example, for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest, for archiving purposes in the public interest, for scientific or historical research or for statistical purposes, for the assessment, exercise or defense of a right in court.
d. Right to limitation of processing
You will be able to obtain the limitation of the Processing, pursuant to art. 18 of the Regulation, in the event that one of the following hypotheses occurs: a) you have contested the accuracy of your Personal Data (the limitation will continue for the period necessary for the Data Controller to verify the accuracy of such Personal Data); b) the processing is unlawful but you have opposed the cancellation of your Personal Data, asking instead that its use be limited; c) although the Data Controller no longer needs it for the purposes of processing, your Personal Data are used to ascertain, exercise or defend a right in court; d) you opposed the processing pursuant to art. 21, paragraph 1, of the Regulations and you are awaiting verification of the possible prevalence of the Data Controller’s legitimate reasons with respect to yours.
In case of restriction of processing, your Personal Data will be processed , except for the conservation, only with your consent or for the ascertainment, exercise or defense of a right in court or to protect the rights of another natural or legal person or for reasons of significant public interest . We will inform you, in any case, before this limitation is revoked.
e. Right to data portability
You can, at any time, request and receive, in accordance with ‘art. 20, paragraph 1 of the Regulation, all your Personal Data processed by the Data Controller in a structured, commonly used and legible format or request its transmission to another data controller without impediments. In this case, it will be your responsibility to provide us with all the exact details of the new data controller to whom you intend to transfer your Personal Data by providing us with written authorization.
f. Right to object
In accordance with art. 21, paragraph 2 of the Regulation and as also reaffirmed by Recital 70, you can object, at any time, to the Processing of your Personal Data if these are processed for direct marketing purposes, including profiling to the extent that it is connected to such direct marketing .
g. Right to lodge a complaint with the supervisory authority
Without prejudice to your right to appeal to any other administrative or jurisdictional, if you believe that the processing of your Personal Data conducted by the Data Controller is in violation of the Regulations and / or applicable legislation, you can lodge a complaint with the competent Personal Data Protection Authority.
To exercise all your rights as identified above, just contact the Data Controller in the following ways:
by sending an e-mail to the info @ glemisoft mailbox .com;
by sending a registered letter to the registered office of GLEMISOFT in Corso Antonio.
H. PLACES OF TREATMENT
Your Personal Data will be processed by the Owner within the territory of the European Union.
If for technical and / or operational reasons it is necessary make use of subjects located outside the European Union, we inform you as of now that these subjects will be appointed as Data Processors pursuant to and for the purposes of art. 28 of the Regulations and the transfer of your Personal Data to these subjects, limited to the performance of specific processing activities, will be regulated in accordance with the provisions of Chapter V of the Regulations.
All the necessary precautions will be taken in order to guarantee the most total protection of your Personal Data by basing this transfer: (a) on adequacy decisions of the recipient third countries expressed by the European Commission; (b) on adequate guarantees expressed by the third party recipient pursuant to Article 46 of the Regulation; (c) on the adoption of binding corporate rules, so-called binding corporate rules (d) adopting standard contractual clauses approved by the European Commission.
In any case you can request more details from the Owner if your Data Personal have been processed outside the European Union requiring evidence of the specific guarantees adopted.