Essential treatments for the execution of the contract with the CUSTOMER

Information on the processing of personal data

Information pursuant to art. 13 of the European Regulation 679/2016 on the protection of personal data [GDPR])

In accordance with the requirements set by the General Regulation on the protection of personal data, the Data Controller provides the interested party with the following information in relation to the processing of personal data made.

DATA CONTROLLER
Owner BRUNO ZAMPA SRL
Address Via Crosaron – 37053 CEREA (VR)
PIVA / CF 03980610236 / 
contacts Email: info@brunozampa.it
Legal representative Andrea Zampa
Privacy contact Laura Cavallaro (info@brunozampa.it)officer
Data protection Not this
Joint data
controllers No joint controllers present
If you intend to request further information on the processing of your personal data or for the eventual exercise of your rights, you can contact the aforementioned Privacy Contact in writing directly.
CATEGORIES OF INTERESTED PARTIES
List of categories of interested parties Consultants and freelancers, Clients
TREATMENT CARRIED OUT
Treatments essential for the execution of the contract with the CUSTOMER
Description Activities functional to the fulfillment of contractual and pre-contractual obligations, to the management and execution of the activities essential to provide the customer the service / product established and related accounting.
ORIGIN, PURPOSE, LEGAL BASIS AND NATURE OF THE DATA PROCESSED
Origin Data collected from the interested party.
Purpose 1. Customer management 2. Dispute management 3. Monitoring of contractual obligations 4. Planning of activities 5. Internal control services 6. Protection of customer or worker property 7. Accounting or treasury management 8. Protection services of corporate assets
Legal basis For purposes 1, 2, 3, 4: The processing is necessary for the execution of a contract of which the interested party is a party or for the execution of pre-contractual measures adopted at the request of the same For purposes 5, 6 , 7, 8: The processing is necessary to fulfill a legal obligation to which thecontroller is subject.Personal
datadata processed Economic, commercial, financial and insurance activities, Recipient Code for Electronic Invoicing, Tax Code and other personal identification numbers, Coordinates banking, residential address, e-mail address, certified e-mail address, nature of the assets, name, address or other identification elements personal
data The “particular” data (sensitive data) are those defined by art. 9 and 10 of Regulation 2016/679 / EU (“GDPR”). These data are processed in compliance with the provisions of the GDPR and in light of the General Authorizations issued by the Authority for the protection of personal data.
Particular data processed
Legal basis art. 9
RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL DATA
Categories of recipients The communication of your personal data, carried out on the legal bases provided for by Article 6 of Regulation 2016/679 / EU, to the following third parties is envisaged:
Consultants and freelancers also in associated form, Banks and credit institutions, Other public administrations, Revenue Agency – Electronic Invoicing, Cadastre of thermal plants: If required, the Customer data will be sent to the Cadastre of Thermal Plants
These bodies, organizations, companies and professionals act as managers of the treatment appointed by BRUNO ZAMPA SRL or they are themselves the Data Controllers of the personal data transmitted to them.
Your personal data, or the personal data of third parties in its ownership, may also be communicated to external companies, identified from time to time, to which BRUNO ZAMPA SRL entrusts the execution of obligations deriving from the assignment received to which only the data necessary for the activities requested of them. All employees, consultants, temporary workers and / or any other “natural person” who, authorized to process, carry out their activities on the basis of the instructions received from BRUNO ZAMPA SRL, pursuant to art. art. 29 of the GDPR, are designated “in charge of processing” (hereinafter also “in charge”).to the persons in charge or managers, possibly designated, BRUNO ZAMPA SRL gives adequate operating instructionswith particular reference to the adoption and compliance with security measures, in order to guarantee the confidentiality and security of data. Precisely with reference to the protection aspects of personal data, you are invited, pursuant to art. 33 of the GDPR to report to BRUNO ZAMPA SRL any circumstances or events from which a potential “breach of personal data (data breach)” may arise in order to allow an immediate assessment and the adoption of any actions aimed at countering this event by sending a communication to BRUNO ZAMPA SRL at the addresses indicated above. The obligation ofremains BRUNO ZAMPA SRLvalid to communicate the data to Public Authorities on specific request.
TRANSFER ABROAD
Transfers to foreign countries (non-EU) or to international organizations
No transfer to foreign countries or international organizations
The transfer abroad of your personal data can take place if it is necessary for the management of the assignment received. For the processing of information and data that will eventually be communicated to these subjects, the equivalent levels of protection adopted for the processing of personal data of its employees will be required. In any case, only the data necessary for the pursuit of the intended purposes will be communicated and the regulatory instruments provided for by Chapter V of the GDPR will be applied.
METHODS, LOGIC OF TREATMENT AND STORAGE TIMES
Duration of treatment The data treatment will last 10 years from the end of the contract.
Your data is collected and registered in a lawful and correct manner for the purposes indicated above in compliance with the principles and provisions of art. 5 c 1 of the GDPR.  The processing of personal data takes place using manual, IT and telematic tools with logic strictly related to the purposes themselves and, in any case, in order to guarantee their security and confidentiality.
NATURE OF THE CONFERRAL
The processing of personal data will be carried out for the following purposes:
Purposes that do not require consent – Customer management – Dispute management – Monitoring of contractual obligations – Planning of activities – Internal control services – Protection of customer property or of the worker – Accounting or treasury management – Services to protect company assets
Purposes that require consent
Only with your explicit consent to be expressed at the bottom of this information, the data, whose purposes require consent, will be processed. In any case, the provision of data is optional and will not cause prejudice in relation to thecontractual relationship with the Data Controller
existingFor data collected and used for needs related to the execution of activities related to the contractual relationship and compliance with the legal obligations indicated your consent is not required. Failure to communicate the aforementioned personal data will make it impossible to follow up on the relationship in question. Your consent is not required for the data collected and used for the legitimate interest of the Data Controller (letter f, art.6, of the GDPR). The communication of the above personal data is optional but necessary for the execution of the services offered by the Data Controller. Any refusal to communicate such data will make it impossible to provide all or part of the requested services.
RIGHTS OF THE INTERESTED PARTIES (Articles 15 to 22 of the GDPR)
Right of access The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to request the owner access to their personal data. 
Right of rectification The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to request the owner to rectify their personal data. 
Right of cancellation The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to request the owner to delete their personal data. 
Right of limitation The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to request the owner to limit the data concerning him. 
Right of opposition The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to oppose their treatment. 
Portability right The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to exercise their right to data portability. 
Right of revocation The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to exercise their right to withdraw consent. 
Right of complaint The interested party has the right, according to the provisions of art. 77 of the GDPR to exercise their right to lodge a complaint with the supervisory authority.
AUTOMATED PROCESS
Is there an automated process? NO
Automated processes or profiling methods
Legal basis

The Data Controller reserves the right to make any changes deemed appropriate or made mandatory by current regulations to this information on the processing of personal data, at its sole discretion and at any time. On such occasions, users will be duly informed of the changes that have occurred.

The owner of

Bruno Zampa Ltd.
08/02/2020

Bruno Zampa
Bruno Zampa