1. Object of the treatment
The Data Controller processes personal, identifying and non-sensitive data (for example, but not limited to, name, surname, company name, address, telephone number, e-mail address – hereinafter, “personal data” or even “data”) communicated by you on the occasion of the registration on the website www.glomax.it of the Data Controller (hereinafter, “Site”), of the participation in opinion polls and approval, of the completion of registration forms through the Website at events or webinars organized by the Owner, the on-line request for clarifications and requests for support or from you provided to Glomax for the stipulation and execution of a contractual relationship (customers / clients / suppliers). In this last case, data refers to legal entities (“Customers”), such as those of the legal representative who signs the contract in the name and on behalf of the Client or Supplier, as well as the Client’s employees / consultants, involved in the activities to the contract.
2. Purpose of the processing
Your personal data are processed: A) without your express consent (Article 24 letter a), b), c) Privacy Code and art. 6 lett. b), e) GDPR), for the following Service Purposes: • manage and maintain the site; • allow you to use any of the Services requested by you; • participate through the Website in initiatives organized by the Data Controller (for example, events); • process a contact request; • prevent or discover fraudulent activities or malicious activities harmful to the Site; • establish and execute a contractual relationship between Customer / Supplier and the Company • Implementation of administrative / accounting obligations such as accounting and treasury management, as well as invoicing (for example verification and registration of invoices), in compliance with the requirements of current legislation • fulfill the obligations established by law, by a regulation, by the community legislation or by an order of the Authority • exercise the rights of the owner, for example the right to exercise a right in court In the cases indicated above, the legal basis for processing your personal data consists in executing a contract with you or in providing the service you have specifically requested or in following up a legal obligation or protecting our legitimate interests. B) Only subject to your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), for the following Other Purposes: • send you e-mail surveys of opinion and approval, newsletters and / or invitations to events or subscribe to events of which it is part or that organizes the Owner.
3. Methods of processing
The processing of your personal data is carried out by means of the operations indicated in art. 4 of the Privacy Code and art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subjected to both paper and electronic and / or automated processing. The data may be communicated to external subjects operating as data controllers, by way of example, authorities and supervisory and control bodies and in general subjects, public or private, entitled to request the Data.
4. Subjects authorized to treatment
Your data may be made accessible for the purposes referred to in art. 2.A) and 2.B): • to the employees and collaborators of the Data Controller, in their capacity as persons in charge and / or internal data processors; • to third-party companies or other entities that carry out outsourced activities on behalf of the Data Controller, in their capacity as data processors. By way of example, accounting, tax, mailing of correspondence, management of receipts and payments, etc …
5. Time to keep the data processed
The Data Controller will process the personal data for the time necessary to fulfill the aforementioned purposes and in any case for no more than 10 years from the termination of the relationship for the purposes of service.
6. Data communication
Without your express consent (pursuant to Article 24 letter a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data for the purposes referred to in art. 2.A) to Supervisory Bodies, Judicial Authorities and to all the other subjects to whom the communication is mandatory by law for the accomplishment of said purposes. Your data will not be disclosed.
7. Data transfer
The management and storage of personal data will take place in Europe, on servers located in Italy of the Data Controller and / or third-party companies appointed and duly appointed as Data Processors.
8. Nature of the provision of data and consequences of refusal to respond
The provision of data for the purposes referred to in art. 2.A) is mandatory. In their absence, we can not guarantee neither the registration to the Site nor the Services of the art. 2.A). The provision of data for the purposes referred to in art. 2.B) is optional. You can therefore decide not to give any data or to subsequently deny the possibility of processing data already provided: in this case, you can not receive e-mail invitations to events, newsletters and opinion polls and approval. In any case you will continue to be entitled to the Services referred to in art. 2.A).
9. Rights of the interested party
By contacting the Data Controller, the data subject may ask the Company for access to data concerning him / her, their deletion, correction of inaccurate data, the integration of incomplete data, the deletion of data, the limitation of processing in the cases provided by art. 18 GDPR, and oppose the processing carried out for legitimate interest of the owner. The data subject has the right to lodge a complaint with the competent Supervisory Authority in the Member State in which he or she normally resides or work or in the State where the alleged violation has occurred.
10. How to exercise rights
You may at any time exercise the rights referred to in point 10) above by sending: • a registered letter a.r. at Glomax S.r.l., Via del Commercio, 46 - 20882 Bellusco (MB); • an e-mail at email@example.com
This Website and the Services of the Data Controller are not intended for minors under the age of 18 and the Data Controller does not intentionally collect personal information about minors. In the event that information on minors were unintentionally registered, the Data Controller will delete them in a timely manner.
12. Owner, manager and agents
The Data Controller is Glomax S.r.l., with registered office in via del Commercio, 46, 20882 Bellusco (MB), CF 02360640961 (hereinafter “Holder”), E-mail firstname.lastname@example.org The updated list of data processors and data processors is kept at the Data Controller’s headquarters.
13. Changes to this Statement
Last updated on 24 May 2018.