INFORMATION FOR THE PROCESSING OF PERSONAL DATA PURSUANT TO EUROPEAN REGULATION 2016/679
Personal data controller
COMI S.R.L. with registered office in Via A. Albanese 16, Egidio del monte Albino in the province of Salerno (ITALY)
COMI is a company that deals with the production of specific machines for food production and is the owner of the treatment of personal data collected and processed through its website www.comisrl.eu.
Object of Treatment
The computer systems and software procedures connected to our website, responsible for the maintenance and management of computer systems acquire, during their normal operation, some personal data whose collection is implicit in the normal use of tools necessary for the requested operations.
These data are not accompanied by any additional personal information and are used for:
- web analysis, verification of the number of visitors to the site
- collection of statistical data to measure advertisements
- communication of eventual crimes to the judicial authority
- measures for the security of networks and communications
The company processes personal, identification data (for example, name, surname, company name, address, telephone, e-mail).
Purposes of the treatment
A) Without your consent, pursuant to art. 6 lett. b), c) and f) GDPR, your data may be processed for the following Service Purposes:
- to fulfill the obligations provided for by law, by a regulation, by Community legislation or by an order of the Authority (such as, for example, in the field of anti-money laundering)
- to exercise the rights of the Data Controller, for example the right of defence in court
B)Only after your specific and distinct consent (art. 7 GDPR), for the following Marketing Purposes:
- to send you via e-mail, post and/or sms and/or telephone contacts, newsletters
- commercial communications and/or advertising material on products or services offered by the Owner and detection of the degree of satisfaction on the quality of services
- send you via e-mail, post and/or sms and/or telephone contacts commercial communications and/or promotional material of third parties
The data will be processed for the execution of the assignment received for the provision of services offered by the Owner. The data processing will be carried out by the Company in compliance with the principles of Lawfulness, Correctness and Transparency. The data processing concerns data of a common nature, i.e. personal, financial and banking data.
The processing of personal data is carried out by means of the operations indicated in art. 4 n. 2) GDPR and precisely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subject to both paper and electronic and/or automated processing. The processing of data will have a duration strictly necessary for the performance of the task received. The data will be kept for the duration of the contractual relationship and for the time necessary for the definition of any accounting and / or administrative operations related to the contract between the parties and in accordance with the terms of the law.
We adopt physical, electronic and organizational security measures in relation to the collection, storage and communication of our customers’ personal data. Our security procedures mean that we may ask you to verify your identity before disclosing personal data.
It is important that when you register with our website, you take appropriate measures to prevent unauthorized access to your password and to your computer, devices and applications.
We recommend that you use a unique password to access our website www.comisrl.eu that is not used for other online accounts.
It is important to always make sure that you are logged out when you end activity on a computer shared with other users.
- Access to data
Your data may be made accessible for the purposes set out in section 2A) of this policy:
to employees and collaborators of the Company, in their capacity as appointees and/or internal data processors and/or system administrators;
to third party companies or other subjects (Professional Studies, Law Firms, etc.) that carry out activities in outsourcing on behalf of the company, in their capacity as eventual external data processors.
- Data communication
Without the need for express consent (art. 6 lett. b) and c) GDPR), the Company may communicate your data for the purposes referred to in art. 2A) of this policy to supervisory bodies, judicial authorities, as well as to those persons to whom disclosure is mandatory by law for the fulfillment of the above purposes. These subjects will treat the data in their quality of autonomous holders of the treatment.
Your data will not be disclosed.
- Data transfer
Personal data are stored on servers located in Italy within the European Union. It is in any case understood that the Company, if necessary, will have the right to move the servers outside the EU. In this case, the Company assures as of now that the transfer of data outside the EU will take place in accordance with applicable laws, subject to the stipulation of standard contractual clauses provided by the European Commission.
Nature of data conferment and consequences of refusal to answer
The provision of data for the purposes set out in art. 2.A) of this policy is mandatory. In their absence, we will not be able to guarantee the correct and complete execution of the activities foreseen by the assignment received.
- Rights of the interested party
In your capacity as data subject, you have the rights set forth in Art. 15 GDPR and precisely the rights to:
- obtain confirmation of the existence or otherwise of personal data concerning you, even if not yet recorded, and their communication in intelligible form
- obtain information on: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in case of processing with the aid of electronic instruments; d) the identity of the owner, manager and any representative appointed under Art. 3, paragraph 1, GDPR; e) the subjects or categories of persons to whom the data may be communicated or who can learn about them as appointed representative in the State, managers or agents
- obtain: a) the updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected
- oppose, in whole or in part: a) for legitimate reasons the processing of personal data concerning you, even if pertinent to the purpose of collection; b) the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and / or through traditional marketing methods by phone and / or mail. It should be noted that the right of the interested party to object, as set out in point b) above, for the purposes of direct marketing by automated means extends to traditional methods and that, in any case, the interested party may exercise the right to object even partially. Therefore, the interested party may decide to receive only communications by traditional means or only automated communications or neither of the two types of communication.
Where applicable, he/she also has the rights under Art. 16-22 GDPR: Right of rectification, right to be forgotten, right to restriction of processing, right to data portability, right to object, rights relating to profiling (in relation to this last right, it should be noted that pursuant to Art. 22 paragraph 1 of the GDPR the application of the rules on the general prohibition of profiling, is limited only to cases where the automated decision-making process: 1) produces legal effects 2) significantly affects the person of the user 3) the decision is based entirely (solely) on automated data processing), as well as the right to complain to the Guarantor Authority.
- How to exercise your rights
You may exercise your rights at any time by sending
a registered letter with return receipt to: COMI S.R.L. – Via A. Albanese 16 84010 – Egidio del monte Albino SALERNO (ITALY);
an e-mail to the address: email@example.com;
The person in charge of the treatment and management of data by the Owner is COMI e-mail: “firstname.lastname@example.org” any request regarding this can be sent directly to the same.