This information is presented to inform you of the processing of your personal data.
a) The identity and contact details of the data controller
The Data Controller of personal data is the company G-Tec Europe S.r.l., with registered office in via Marosticana 81/13 – 36031 Dueville (VI), email@example.com, (hereinafter also only GTEC)
b) The purposes of the processing for which the personal data are intended as well as the legal basis of the processing
Your data will be processed for the following purposes:
1) processing of the offer requested by you as well as statistical evaluation referring to customers;
2) correct planning of orders to companies and third-party companies that may have to supply parts of the product or phases of the service;
3) execution of contractual services (supply of goods or provision of services requested);
4) commercial and direct marketing purposes;
The processing referred to in letters 1), 2) and 3) are necessary for the conclusion and execution of the contract (article 6, paragraph 1, letter b) GDPR), while those referred to in letter 4) are necessary for the pursuit of a legitimate interest of the data controller (considering 47 and article 6, paragraph 1, letter f) GDPR).
It is noted that the direct marketing activity is aimed at collecting and using pertinent data limited to as necessary with respect to the purpose for which they are processed, to elaborate studies, research, market statistics, send advertising and informative material, perform direct sales activities or placement of products or services, send commercial information, make interactive commercial communications.
c) The recipients or categories of recipients of personal data
As part of the aforementioned purposes, your data may be processed:
1) by persons in charge of GTEC and the Companies we trust, which, as external managers, support us in providing services relating to the preparation of estimates and the fulfilment of contractual obligations;
2) by companies and/or professional operators that provide GTEC with electronic data processing services, consultancy on software and IT solutions, as well as on the management of information services;
3) by companies and/or professional operators that provide GTEC with additional services to fulfil the contract (ex. freight forwarding services, commercial distributors, etc.).
For the parties indicated, only the category of recipients is described, as the individual names may be subject to frequent updates and revisions. Therefore, the Data Subjects concerned may request an updated list of recipients by contacting the Data Controller by means of the channels indicated in point a) of this policy.
d) Data transfer to third-party countries
Your data may be transferred to third parties indicated in point c) of this policy, possibly established also in countries outside the European Union, all in compliance with the principles set out in articles 45 and 46 of the GDPR, or on the basis of an adequacy decision by the European Commission or in any case on the basis of adequate guarantees.
The updated list of recipients of data transfers established in countries outside the European Union is available from the Data Controller.
e) Personal data retention period
Your personal data will be retained for the period of time strictly necessary for the pursuit of the specific purposes of the processing for which you have been informed and, specifically:
– for the purposes indicated in point b), nos. 1, 2 and 3, especially for the time necessary to prepare the offer or fulfil the contractual obligations (possibly of third-party partners of GTEC or appointed by it) and no longer 10 years from the date of fulfilment of the contractual obligations or, in any case, no later than the terms set by law for the prescription of rights;
– for the purposes indicated in point b), no. 4) (or for marketing purposes), for the duration of the contractual relationship with the customer, to which the direct marketing activity refers;
f) Rights of Data Subject
The existence of the right of the Data Subject concerned to request the Data Controller to provide access to personal data and to correct or cancel the data or limitation of processing concerning them or oppose processing thereof, in addition to the right to data portability you may exercise the rights indicated below at any time.
- Access to personal data:
obtain confirmation of whether data concerning you are being processed and, in this case, access to the purposes, the categories of data and recipients, the retention period, the right to propose a complaint to a control authority, the right to request correction, cancellation, limitation or opposition to processing and the existence of an automated decision-making process.
- Request for correction or cancellation of data
To obtain the correction of inaccurate data or cancellation, if the need for processing ceases to exist, the consent given is revoked, the Data Subject concerned is opposed to processing, the data have been illicitly processed or cancellation is necessary to comply with a legal obligation.
- Request for limitation of processing concerning you;
obtain the limitation for the dispute of the accuracy thereof or the illegality of processing;
- Data portability:
the right to receive data concerning you in a structured format, commonly used and readable by automatic device; depending on the size of the data, sending can be by e-mail or by removable media.
- Opposition to processing:
to oppose for reasons related to your particular situation to the processing of data for the execution of a task of public interest or for the pursuit of a legitimate interest of the Data Controllers;
- Right not to be subjected to a decision based solely on automated processing that produces legal effects concerning the Data Subject concerned or that has a similar effect on the individual pursuant to article 22 GDPR;
- Right to propose a claim pursuant to article 77 GDPR to the competent control authority based on your habitual residence, workplace or place of violation of your rights; for Italy, competence is of the Guarantor for the protection of personal data, which can be contacted by means of the contact details on the website http://www.garanteprivacy.it.
- Right to institute judicial proceedings for the protection of rights.
The aforementioned rights may be exercised by sending a specific request to the Data Controller by means of the contact channels indicated in article 1 of this policy. Requests relating to the exercise of your rights will be processed without undue delay and, in any case, within one month of the request; only in cases of particular complexity and of the number of requests can this term be extended by a further 2 (two) months.
g) Communication and conferment of data
The communication of your personal data to the recipients referred to in nos. 1 and 2 of point c) of this policy is required to deal with your request for the preparation of an offer, while the communication to the recipients referred to in nos. 1, 2 and 3 of point c) is necessary for the conclusion of a possible contract on your request and for the fulfilment of the obligations therein. Therefore, your eventual opposition to provide the data can result in the non-provision of the estimate or the impossibility to fulfil the contract.