Privacy

Personal Data Processing Privacy Policy

(Articles 13 and 14 of EUROPEAN REGULATION No. 679/2016)

  Dear web user, In its capacity as “Data Controller”, F&D COMMERCIAL ITALIA s.r.l., having its registered office in Via Dietro Castello 18/20 San Felice del Benaco 25010, Brescia, Italy, informs you that pursuant to Articles 13 and 14 of European Regulation No. 679/2016 (hereinafter the “EU Regulation”) your data will be processed as described below.
  1. Purpose of processing
The Data Controller informs you that any individually identifiable information (e.g. first name, last name, company name, address, telephone number, email address, bank and/or payment details, etc.) (hereinafter “personal data” and/or simply “data”) concerning you — including data that were collected in the past, whether verbally directly from you or through third parties, as well as data that will be collected in the future — may be subject to processing in full compliance with the EU Regulation. The Data Controller will process your data in compliance with law provisions, most notably for the performance of an agreement to which you are party or in order to take steps at your request prior to entering into a contract (e.g. preparing an offer, etc.) (Article 6 of the EU Regulation). Data processing means any operation or set of operations concerning collection, recording, organisation, storage, consultation, processing or alteration, selection, retrieval, comparison, use, combination, blocking, disclosure, dissemination, erasure or destruction of data.
  1. Purposes of processing and legal basis
Legal basis: EU Regulation No. 679/2016
  1. Treatment methods
Your personal data will be processed by performing the operations as set out in Article 4(2) of the EU Regulation, namely: collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction, blocking. Your personal data will be subject to both paper-based and electronic and/or automated processing, without prejudice, however, to the security and confidentiality of your data.
  1. Data and other information retention period
The Data Controller will process your personal data for such a period as may be necessary to pursue the purposes outlined above, with the proviso that such period will not exceed the time limit laid down by law following termination of the relationship for the purposes thereunder. With reference to personal data being processed for marketing purposes or profiling purposes, they will be retained according to the principle of proportionality and at any rate until the purposes underlying the processing are achieved or until the specific consent is withdrawn by the data subject. More specifically, the Data Controller will process your data for not more than 2 years since their collection for marketing purposes and one year for profiling purposes. The personal data provided by you will be processed with “lawfulness, fairness and transparency” while protecting your confidentiality and rights. A periodic audit will be performed on a yearly basis regarding the data being processed and the possibility of erasing them if they are no longer needed for the relevant purposes.
  1. Access to data
Your data may be accessed for the purposes as under 2(A) and (B) above: For convenience, a detailed list of the above entities is available at our office.
  1. Data disclosure
Without the need for explicit consent (Article 6(b) and (c) of the EU Regulation), the Data Controller may disclose your data for the purposes as under 2(A) above to supervisory authorities, judicial authorities, insurance companies for the delivery of insurance services as well as any entity to which disclosure is required by law for the pursuit of the aforesaid purposes. These entities will process your data in their capacity as independent data controllers. During and after navigation, your data may be disclosed to third parties, with special reference to: Your data will not be disseminated.
  1. Transfer of data
Your personal data are stored on equipment located at the office of the Data Controller or hosted at a service provider’s facility within the European Union. It is, however, understood that the Data Controller has the power to move your data in non-UE countries as well, if necessary. In this case, the Controller hereby undertakes to ensure that any transfer of data outside of the EU will comply with applicable law provisions, subject to adopting the standard contractual clauses and audits of the European Commission. With regard to both the personal data stored on its own equipment as well as any data stored at a provider’s facility, the Data Controller has taken appropriate technical and organisational steps to ensure a suitable level of security, in full compliance with the provisions under Article 32 of the EU Regulation. Navigation: to the extent of the purposes outlined above, your navigation data may also be transferred to the following countries: - EU countries, - United States. Cookie management: if you have any doubts or concerns regarding the use of cookies you may take steps at any time to prevent their installation by changing, for example, the privacy settings in your browser to block certain types of cookies. Since browsers — and often different versions of the same browser — may differ from one another, even significantly, if you wish to change the preferences and settings of your browser yourself, you may find detailed information on how to achieve this in the Help section of your browser.
  1. Nature of the data provided and consequences arising from denial to provide the data
Providing the data for the purposes listed under 2(A) above is mandatory. Failure to do so may prevent us from delivering the services listed under 2(A). Providing the data for the purposes listed under 2(B) above is voluntary. You may therefore decide not to provide any data or subsequently object to the processing of the data you previously provided. In this case, you will not be able to receive newsletters, commercial communications and advertising materials and/or any other material pertaining to the services delivered by the Data Controller. You will, however, continue to be entitled to the services as under 2(A) above.
  1. Data subject rights
In your capacity as data subject, you may exercise the rights listed under Article 15 of the EU Regulation as detailed below: Moreover, you may, where applicable, exercise the rights as under Articles 16-22 of the EU Regulation, including: You also have the right to withdraw your consent at any time, where given, with the understanding that this will not affect the lawfulness of the processing based on the consent given prior to such withdrawal.
  1. How to exercise your rights
You may exercise your rights at any time by sending:
  1. Minors
The services provided by the Data Controller as part of the relationship with you do not involve voluntary collection of personal data regarding minors. In the event that information regarding minors is involuntarily recorded, then the Data Controller will promptly erase it upon request of the data subject.
  1. Personal data obtained from the data subject
It may happen that our company is not the Data Controller to whom you entrusted your personal data but acts as joint data controller or external data processor instead, resulting in your data being provided to us indirectly by virtue of an agreement entered into by the parties. In any such cases, our company will make its best efforts to ensure that you have been informed and have given your consent to the processing. You may contact us at any time to enquire about the source from which your data were collected.
  1. Data Controller, Data Protection Officer and Data Processing Agents
Below is some information we need to provide to you not only to ensure compliance with law requirements but also because transparency and fairness towards our customers are two cornerstones of our business. Data Controller. The Data Controller of your personal data is F&D COMMERCIAL ITALIA s.r.l. with signing authority being vested in Fabio Piazzi, who is accountable to you for the lawful and proper use of your personal data and whom you may contact for any information or enquiry by calling: (+39) 0365.55.80.62, or sending an email to: info@fdcommercialitalia.com. Data Processing Agents. The updated list of data processing agents is stored at the Data Controller’s registered office.