Privacy information for the processing of personal data
Index
TESORA SPA, in the person of its legal representative pro tempore, Michele Giacomel, as Data Controller, informs you, pursuant to Articles 13 and 14 of EU Regulation no. 2016/679 (hereinafter “GDPR”), that the data you provide will be processed in the manner and for the purposes described below.
Object of the treatment
The Data Controller will process the personal, identification, contact, and tax data (for example, name, surname, company name, address, telephone number, email address, bank and payment details, etc.) you provide when signing the above contract and during its subsequent performance.
Purpose of data processing.
The processing is aimed at ensuring the correct and complete use of the Tesora platform. Your data will also be processed to: a) fulfill tax and accounting obligations; b) comply with the Grantor’s obligations under current legislation. Your personal data may be processed using both paper and electronic archives (including portable devices) and in ways necessary to fulfill the purposes indicated above. The personal data provided will be processed without your express consent, as permitted by Article 6 of EU Regulation 679/2016.
Treatment methods
Your personal data is processed using the operations indicated in Article 4, paragraph 2, of the GDPR, specifically: collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, alignment or combination, restriction, erasure, and destruction of data. Processing is carried out by data processors and collaborators within the scope of their respective roles and in accordance with the instructions received, always and solely for the achievement of the specific purposes, scrupulously adhering to the principles of confidentiality and security required by applicable regulations. Access to data: Your data, for the purposes referred to in point 2 above, may be made accessible to: a) the Data Controller’s employees and collaborators in their capacity as data processors and/or system administrators; b) companies affiliated with the Data Controller and their employees and collaborators; c) third-party companies or other entities (for example, professional firms, consultants, etc.) that perform outsourced activities on behalf of the Data Controller; d) banking and insurance institutions that provide services functional to the obligations set forth in the signed contract; e) entities that process data in compliance with specific legal obligations; f) judicial or administrative authorities for the fulfillment of legal obligations (e.g., anti-money laundering).
Data communication
The Data Controller, in accordance with the provisions of Article 45 of the Regulation, will communicate your data to the company that manages the treasury for the purposes of executing the contract.
Data retention
All personal data provided will be processed in compliance with the principles of lawfulness, fairness, relevance, and proportionality, and in the manner strictly necessary to achieve the purposes described above. Personal data will be retained for 10 (ten) years after the termination of the contract, however it occurred.
Rights of the interested party
Pursuant to Articles 15 to 22 of EU Regulation No. 679/2016, the data subject has the right to exercise specific rights. Specifically, the data subject has the right to: a) obtain confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to that data; b) obtain the rectification of inaccurate personal data and the completion of incomplete personal data; c) obtain the erasure of personal data concerning him or her, where permitted by the Regulation; d) restrict processing, in the cases provided for by the Regulation; e) obtain communication, to recipients to whom the personal data have been disclosed, of requests for rectification/erasure of personal data and restriction of processing received from the data subject, unless this proves impossible or involves a disproportionate effort; f) receive, in a structured, commonly used and machine-readable format, the personal data provided to the Data Controller, as well as the transmission of such data to another data controller, at any time, including upon termination of any relationship with the Data Controller; g) object at any time, on grounds relating to his or her particular situation, to processing of personal data concerning him or her pursuant to Article 6, paragraph 1, letters e) or f), including profiling based on those provisions. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, including profiling to the extent that it is related to such direct marketing; h) lodge a complaint with a supervisory authority pursuant to Art. 77 of EU Regulation no. 679/2016.
How to exercise your rights
You may exercise your rights at any time by contacting the Data Controller at the following addresses: Head of the Tesora Customer Service Department: email: privacy@youradn.com
CONSENT TO THE PROCESSING OF PERSONAL DATA PURSUANT TO ARTICLES 13 – 14 OF EU REGULATION N. 679/2016
Having read this information, the undersigned declares that he/she has understood its contents and has received a copy.
Furthermore, you consent to the processing of your personal data for the purposes and according to the methods indicated in the above information for which this consent represents the legal basis of the processing.