In compliance with the provisions pursuant to and for the purposes of article 13 of 2016/679 EU Regulation, la società GIDE SRL, in its capacity as Data controller, in the person of its pro tempore legal representative, hereby informs its customers regarding the purposes and methods of processing personal data and any personal/sensitive data collected along with their scope of communication and dissemination, in addition to how they are provided.
The data collected from customers, subject to processing, are processed and used directly to fulfil purposes instrumental to the accomplishment of the activity such as:
In complete respect of the principle of fairness, lawfulness, purpose and proportionality and the provisions of the law, no profiling of the subject is foreseen.
Data processing is carried out through IT procedures or in any case using electronic means or on paper by internal individuals who have been specifically appointed. The data are stored in paper, computer and electronic archives and adequate security measures are provided according to 2016/679 UE regulation. There is no provision of an automated decisional making, also for profiling as per art. 22 para .1 and 4 of 2016/79 UE Regulation.
Personal, accounting and tax data shall not be communicated, sold or exchanged with third parties, except for any communications to third parties (such as: consultancy firms, professional offices, competent authorities and/or supervisory bodies for the fulfilment of legal obligations, public administrations for their institutional purposes, professionals qualified to study and resolve any legal and contractual problems) in order to carry out activities functional to the structure, and unless this is essential in order to fulfil the obligations assumed by the parties or for institutional activities). In this case, use by third parties will be in complete compliance with the principle of fairness and the provisions of the law. No extra-EU data processing is foreseen. Otherwise, it will communicate to those affected ex. Art. 13, para. 1, letter F of 2016/679 EU Regulation, in compliance with GDPR.
The Data controller informs you that any failure in communication or incorrect communication of one of the mandatory pieces of information will mean that it is impossible for the Data Processing Holder to guarantee the adequacy of the processing itself for the contractual agreements for which it is performed.
The data subject may assert his/her rights as expressed in articles 15, 16, 17, 18, 20, 21 and 22 of 2016/679 UE Regulation.
We inform you that as an interested person, in addition to the right to make a complaint to a Supervision Authority, you have also the following rights, that you can enforce by making a written request to the Data controller :
The interested person has the right to obtain from the Data controller confirmation whether or not personal data concerning him or her are being processed, and, if so, to obtain the access to personal data to information related to its treatment.
The interested person has the right to obtain from the Data controller the modification of incorrect personal data referred to him or her without any unreasonable delay. Taking into consideration the purposes of the treatment, the interested person has the right to obtain the integration of incomplete personal data, also providing a supplementary statement.
The interested person has the right to obtain from the Data controller the cancellation of personal data referred to him or her without any unreasonable delay, and the Data controller has the obligation to delete without any unreasonably delay the personal data.
The interested person has the right to obtain from the Data controller the limitation of the treatment when one of the following situations occurs:
The Subject has the right to receive in a structured format, of common use and readable from an automatic device personal data referred to him or her and provided to a Data controller and he has the right to transmit such data to another Data controller without any deterrent from the Data controller who has provided them.
Exercising his duties related to the portability of the data according to para. 1, the Subject has the right to obtain the direct transmission of the personal data from one Officer to the other, if technically feasible.
The Subject has the right to oppose anytime, for reasons due to his or her particular situation, to the treatment of the personal data referred to him or her according to art. 6, para. 1, letters e) or f), included the profiling based on such provisions.
The Subject has the right not to be subjected to a decision based just on automated treatment, including profiling which produces legal effects which affect him or her or which affect similarly his person.
To exercise the rights provided by articles 15 and following of 2016/679 UE Regulation, please write to info@residencepatriarca.it, for the attention of the Data controller.
The Data controller is GIDE SRL, 1 Colombo Street, Viareggio (LU) 55049.
The updated list of external processors, according to art. 28 of DGPR, may be consulted by submitting a written request to the above mentioned Officer.
The data will be kept for the time necessary to carry out the purposes indicated at point 2 and in particular:
According and as per the effects of the obligations coming from the Contract in force, the authorization for the treatment of data is non necessary for points from 1) to 6) of para. 2, since they are collected in order to comply with legal obligations or for the performance of obligations arising from the contract. The authorization, according to point 7) of para. 2, pursuant to art. 7 of 2016/679 UE Regulation, is optional and the non-authorization does not affect the existing relationship
