Privacy Policy
Gold Line Srl with registered office in Via Manlio Mercatali 8/10 - 60022 Castelfidardo (AN) Italy, VAT number 01380030427, owner Loredana Sandonà (hereinafter referred to as the "Owner" as the legal representative of the Company), as the data controller , Informs you pursuant to article 13 of Legislative Decree 30.6.2003 n.196 (hereinafter referred to as "Privacy Code") and art. 13 EU Regulation no. 2016/679 (hereinafter referred to as "GDPR") that your data will be processed in the manner and for the following purposes:
1. Object of the Treatment
The Data Controller processes personal identification data such as: name, surname, company name, address, telephone, email, bank and payment references (hereinafter referred to as "personal data" or even "data") communicated by you when concluding contracts for the services of the Owner.
2. Purpose of the Treatment
Your personal data are processed:
A) without your express consent (Article 24 letter a), b), c) Privacy Code and Article 6 letter. b), e) GDPR), for the following Service Purposes:
- conclude the contracts for the services of the Data Controller;
- fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships with you;
- fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority (such as in the field of anti-money laundering);
- exercise the rights of the owner, for example the right to defense in court;
B) Only with your specific and distinct consent (art.23 e 130 of the Privacy Code and art. 7 GDPR), for the following marketing purposes:
- send you via e-mail, post, and / or sms and / or telephone contacts, newsletters, commercial communications and / or advertising material on products or services offered by the Data Controller and survey of the degree of satisfaction with the quality of services;
- send you via e-mail, post, and / or sms and / or telephone contacts, commercial and / or promotional communications from third parties.
We inform you that if you are already our customers, we will be able to send you commercial communications relating to the Controller's services and products similar to those you have already used, except for your dissent (Article 130 c. 4 of the Privacy Code).
3. Processing methods
The processing of your personal data is carried out by means of the operations indicated in art. 4 of the Privacy Code and art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data.
Your personal data are subjected to both paper and electronic processing.
The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes.
This period depends on the purposes for which the data were collected and precisely:
1) up to the 10-year deadline for accounting, administrative and tax formalities;
2) up to your request for cancellation for sending newsletters and advertising / promotional information.
4. Access to data
Your data may be made accessible for the purposes referred to in art. 2.A) and 2.B):
- to service providers and auxiliaries appointed by us who may have access to the data for the purposes indicated, if they maintain the professional secrecy conferred on them.
These are companies in the categories of banking, IT services, logistics, printing services, telecommunications, collection, consulting, sales and marketing.
- to employees and collaborators of the Data Controller, in their capacity as persons in charge and / or internal managers of the processing and / or system administrators;
- to third-party companies or other subjects (by way of example, credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, etc.) who carry out outsourced activities on behalf of the Data Controller, in their capacity as external managers of the treatment.
5. Communication of data
Without the need for express consent (pursuant to Article 24 let. A), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data for the purposes referred to in art. 2.A) to Supervisory Bodies (such as IVASS), Judicial Authorities, to insurance companies for the provision of insurance services, as well as to those subjects to whom the communication is mandatory by law for the accomplishment of said purposes. These subjects will process the data in their capacity as independent data controllers.
Your information will not be disseminated.
6. Data processing
Personal data are stored on servers located in Castelfidardo (AN) Italy in Via Manlio Mercatali 8/10 (registered office of the Company), within the European Union.
In any case, it is understood that the Data Controller, if necessary in the future, will have the right to move the servers even outside the EU.
In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in compliance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission.
7. Nature of the provision of data and consequences of refusing to respond
The provision of data for the purposes referred to in art. 2.A) is mandatory. In their absence we will not be able to guarantee the services of art. 2.A).
The provision of data for the purposes referred to in art. 2.B) on the other hand, it is optional, you can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, you will not be able to receive the services referred to in art. 2.B). However, you will continue to be entitled to the Services referred to in art. 2.A).
8. Rights of the interested party
Each affected person has:
- the right of access pursuant to article 15 of the GDPR;
- the right of rectification pursuant to article 16 of the GDPR;
- the right to cancellation pursuant to article 17 of the GDPR;
- the right to limit the processing pursuant to article 18 of the GDPR;
- the right to object pursuant to article 21 of the GDPR;
- where applicable, the right in relation to decision-making and automated profanation;
- where applicable, the right to data portability pursuant to article 20 of the GDPR;
- where applicable, the right to lodge a complaint with an authority competent for the control of data privacy (article 77 GDPR).
You can withdraw your consent to the processing of personal data granted to us at any time. This also applies to the revocation of consent declarations made before the entry into force of the GDPR, i.e. before 25 May 2018.
Please note that the revocation is only valid for the future and has no effect on the processing that took place before the revocation.
9. Procedures for exercising rights
You can exercise your rights at any time by sending:
- a registered letter with return receipt to the Company: Gold Line Srl with registered office in Via Manlio Mercatali 8/10 - 60022 Castelfidardo (AN) Italy, VAT number 01380030427.
Or an e-mail PEC (Certified Electronic Mail) to the address goldline@pec.it .
10. Responsible owner and appointees
The Data Controller is Gold Line Srl with registered office in Via Manlio Mercatali 8/10 - 60022 Castelfidardo (AN) Italy.
- The updated list of data processors and persons in charge of processing is kept at the registered office of the Data Controller.