DATA PROTECTION POLICY
Pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 (“GDPR”)
- Data Controller
The Data Controller of the personal data of the Data Subjects is Logotel S.p.A. (hereinafter “Data Controller” or “Logotel”), with registered office in Via Ventura 15, Milan, and can be contacted at email@example.com.
- Data processed
Logotel shall only process data collected directly from the www.logotel.community.it website, i.e. data that you freely provide us with (such as your name, telephone number, e-mail address and company) as part of your specific request.
- Purpose of processing
The personal data you provide us with will be processed for the following purposes:
a) To acknowledge your specific request;
b) To send you commercial messages or contact you directly to promote services which, on the basis of your specific request, may be of interest to you;
c) to prevent or detect fraudulent activities or abuses harmful to the Site;
d) comply with the obligations provided for by law, regulation, Community legislation or an order of the Authority.
- Legal basis of the processing
The processing of your data for the purpose referred to in paragraph 3 point a) is based on your implicit consent, which can be found in the spontaneous sending of your data as part of your request.
With regard to the purpose referred to in paragraph 3 point b), the legal basis of the processing is the legitimate interest of the Controller in the commercial management of prospective customers.
Finally, with reference to the purposes referred to in paragraph 3 points c) and d), the legal basis of the processing is the legitimate interest of the Controller to keep such data in order to protect itself in case of information requests by authorities or abuse and fraudulent activities for the Site.
- Retention period
With regard to the purposes indicated in paragraph 3 points b) c) and d), your data will be stored for a maximum of two years.
- Nature of provision
The provision of your data is completely voluntary, however, if you fail to provide your data, or provide only part of your data, or provide it incorrectly, we may not be able to respond to your request.
- Method of processing
Your personal data are used for operations of collection, recording, organization, storage, consultation, selection, use, cancellation and destruction of data. This personal data is also subject to paper, electronic and automated processing and stored on databases in such a way as to ensure on a permanent basis the confidentiality, integrity, availability and resilience of the processing systems and services.
- Access to data
Your personal data may be accessed, for the purposes and within the limits set out in this policy, by:
– employees and/or collaborators of the Data Controller in their capacity as data processors and/or internal data controllers and/or system administrators;
– third party companies or other subjects (e.g. website providers, hardware and software support technicians, etc.) who perform outsourcing activities on behalf of the Data Controller, in their capacity as external data processors.
- Data recipients
Your personal data may also be communicated without your consent, always within the scope of the purposes described above, (by way of example) to control bodies, law enforcement agencies or the judiciary who will process them, at their express request, in their capacity as independent data controllers for institutional purposes and/or by virtue of the law during investigations and controls.
- Transfer and location of personal data
Your personal data will not be disseminated or transferred to non-EU countries. The management and storage of personal data will take place on servers located within the European Union. Should it be necessary to transfer the data to a non-EU country, the Data Controller will make the transfer on the basis of adequacy decisions approved by the European Commission or of the adoption by the Data Controller of the Standard Contractual Clauses prepared by the European Commission. It is understood that the Controller will update this policy and inform you in the event that these transfers become necessary.
- Rights of the data subject
As a data subject, you have the following rights, unless specific limitations apply:
– to obtain confirmation as to whether or not personal data concerning you are being processed;
– where a processing operation is in progress, to obtain access to your personal data and information relating to the processing and to request a copy of the personal data
– obtain the rectification of your inaccurate personal data and the integration of incomplete personal data;
– obtain, if one of the conditions set forth in Article 17 of the GDPR applies, the deletion of your personal data;
– obtain, in the cases provided for by Article 18 of the GDPR, the restriction of processing;
– object, in the cases provided for by Article 21 of the GDPR, to the processing of data: in the event of opposition, the personal data will no longer be processed, unless there are legitimate reasons to proceed with the processing that override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of a legal claim;
– to receive the personal data concerning you in a structured, commonly used and machine-readable format and to request their transmission to another data controller, if technically feasible.
You may assert these rights against the Data Controller by writing to firstname.lastname@example.org.
You also have the right to lodge a complaint with the competent supervisory authority, i.e. the Garante per la Protezione dei Dati Personali, if you believe that the rights listed above have been infringed, in accordance with the procedures indicated on the Garante’s website accessible at www.garanteprivacy.it.