Pursuant to art. 13 EU Regulation no. 2016/679 (hereinafter, “GDPR”), we inform you that the processing of the data you provide will be carried out with methods and procedures aimed at ensuring that the processing of personal data is carried out in compliance with fundamental rights and freedoms, as well as with dignity of the data subject, with particular reference to confidentiality and security, personal identity and the right to protection of personal data. We remind you that by treatment we mean any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, registration, organization, structuring, storage , adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction ( art.4 GDPR).
1. Object of the processing
2. Legal basis of the processing
The legal basis of this processing is recognized (i) in your express and unequivocal consent (pursuant to Article 6.1, letter A) of the GDPR) and (ii) in the legitimate interest of the Data Controller (pursuant to Article 6.1, lett.f) of the GDPR).
3. Purpose of processing
Personal data are processed with the sole purpose of improving your browsing experience and presenting the company’s services.
4. Processing methods
The personal data you provide will be subject to processing operations in compliance with the aforementioned legislation and the confidentiality obligations which inspire the activity of the Data Controller. The data will be processed both with IT tools and on paper and on any other type of suitable support, in compliance with the appropriate security measures pursuant to Article 5 par. 1 letter F of the GDPR. The processing is limited to the following operations and in the following ways: – Collection of data from the interested party; – Registration and processing on computerized support; – Organization of archives in a mainly automated form. The data in question will not be disseminated, while they will or may be disclosed to public or private entities operating within the scope of the purposes described above.
5. Data retention
The browsing data collected will be processed only for the duration of the browsing session (“conservation limitation principle”, Article 5, GDPR). For the storage times of cookies, please refer to the specific dedicated information.
6. Access to treatment
The data will be made accessible, for the purposes referred to in point n. 3: – To the employees / collaborators in their capacity as authorized to the treatment, subject to suitable appointment; – To third parties, in contractual relationships with the Data Controller.
7. Data communication
The data will not be communicated to unauthorized third parties or disseminated in any way. To this end, the processing is conducted with the use of security measures suitable to prevent unauthorized access to data by third parties and to guarantee its confidentiality. Without the need for express consent, the Data Controller may communicate your data for the purposes referred to in point 2 to external collaborators and managers of the company in charge of carrying out processing operations.
8. Data transfer
The management and storage of personal data will take place on servers located within the European Union of the Data Controller and / or third-party companies appointed and duly appointed as Data Processors. The data will not be transferred outside the European Union.
9. Nature of the provision of data and consequences of refusal to answer
The provision of data for the purposes referred to in point 3 is mandatory. In their absence, it will not be possible to proceed with the navigation of this site.
10. Rights of the interested party
According to the provisions of the GDPR, the interested party has the following rights towards the Data Controller: – obtain confirmation as to whether or not personal data concerning him is being processed and, in this case, to obtain access to personal data (Right of access art.15); – to obtain the correction of inaccurate personal data concerning him without undue delay (Right of Rectification Article 16); – obtain the cancellation of personal data concerning him without undue delay and the data controller is obliged to cancel the personal data without undue delay, if certain conditions are met (Right to be forgotten art. 17); – obtain the limitation of processing in certain cases (Right to limitation of processing art.18); – receive in a structured format, commonly used and readable by an automatic device, the personal data concerning him provided and has the right to transmit such data to another Data Controller, without impediments by the data controller to whom he provided them, in certain cases (Right to data portability art.20); – object at any time, for reasons connected to his particular situation, to the processing of personal data concerning him (Right to object, Article 21); – receive without undue delay communication of the violation of personal data suffered by the Data Controller (Article 34); – withdraw the consent expressed at any time (Conditions for consent art.7). Where applicable, the interested party also has the rights referred to in Articles 16-21 GDPR (Right of rectification, right to be forgotten, right to limitation of treatment, right to data portability, right of opposition), as well as the right of complaint to the Guarantor Authority.
11. How to exercise the right
Sending an e-mail message to the dedicated address of the Data Controller firstname.lastname@example.org
12. Data Controller
The Data Controller is Beyond International S.r.L. Piazza S. Maria Beltrade, 2 Milan. The list of data processors and persons authorized to process is available at the aforementioned owner’s office.
13. Update of this information
This information may undergo changes. Any substantial changes will be sent to the interested parties by notice or publication on the company website.