pursuant to Art. 13 Regulation (EU) 2016/679 “European regulation on privacy”
Milan, February 22, 2019
This information, prepared pursuant to art. 13 of Regulation (EU) 2016/679 and subsequent amendments, describes the processing of personal data of customers and suppliers with whom the company establishes or has established business relationships
FMS Group S.r.l. may modify this information to adapt it to future services offered. In the event of substantial changes, FMS Group will publish a notice on the Site and / or send an email notification to report the changes and collect any request to exercise the rights recognized by the legislation on the protection of personal data.
- Normative References
- Regulation (EU) 2016/679 concerning the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data – (General Data Protection Regulation)
- Legislative Decree 30 June 2003, n. 196, amended by Legislative Decree 10 August 2018, n. 101, laying down provisions for the adaptation of national law to Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, relating to the protection of individuals with regard to the processing of personal data, as well as circulation of such data and repealing Directive 95/46 / EC
- Data Controller
FMS Group S.r.l.
Via Moncalvo, 62
VAT and Tax Code 05824510159
Tel. 02 48022567
- Purpose of the treatment
The purpose of the processing to which the data of the company (legal entity) and the data of the personnel of the company with which we will interface (natural person) or the data of natural persons not belonging to an organization will be subjected, will be processed exclusively for purposes strictly connected and instrumental to the fulfillment of the obligations inherent in an offer request, a contract stipulated between the parties or for the selection of personnel, in particular:
- for the transmission of economic proposals following the welcome request for an offer (pre-contractual measures);
- for the performance of the requested service, in case of order confirmation;
- for the inclusion of personal data in the company IT databases;
- for the management of collections;
- to fulfill the obligations established by the civil and fiscal laws, by regulations, by community legislation;
- for the transmission of newsletters relating to our products, if you express the appropriate consent, requested in the different ways provided
The processing of personal data will be carried out by means of paper and electronic media by the owner, by the person in charge / managers appointed and by the authorized persons trained in the specific processing, with the observance of all precautionary measures that guarantee their security and confidentiality.
- Mandatory or optional nature of consent
The provision of personal data relating to treatments to carry out pre-contractual or contractual measures is mandatory because it is required to fulfill a specific request.
For additional services, such as the transmission of newsletters or other purposes not foreseen to date, we may process your data only with your express consent.
- Recipients and transfers of data abroad
Your personal data for the purpose of executing the contract and for the purposes indicated above, may also be disclosed to third parties, more specifically:
- to all natural and legal persons (consulting firms including legal, administrative, tax, auditing companies, couriers and forwarding agents) in cases where the communication is necessary for the purposes described above;
- to banking institutions for the management of collections and payments;
- third parties, in charge of carrying out activities directly connected and instrumental to the provision of the services carried out by FMS Group or with which the Company has entered into commercial agreements functional to the dissemination and development of the services to be provided, of which a detailed list at the express request of the interested party.
At the express request of the interested party, a detailed list of the “recipients” indicated above is available.
Outside of these cases, personal data will not be disclosed or granted to anyone, unless contractually provided for or authorized by the subjects. In this sense, personal data could be transmitted to third parties, but only and exclusively in the event that:
- a) there is explicit consent to share data with third parties;
- c) this is necessary to comply with requests from the Judicial or Public Security Authorities. No data will be disclosed.
There will be no transfer of your personal data abroad: however the Data Controller reserves the right to use cloud services for both management software, such as company servers, as well as for newsletters transmission services, if you have given specific consent, and in in this case, the service providers will be selected from among those who provide adequate guarantees, as required by art. 46 of the GDPR.
- Retention period
Your personal data necessary to fulfill fiscal, accounting, administrative obligations will be kept until required and established by current regulations.
Upon exceeding the storage times defined above, your data will be kept for a further 5 years, to document our activity and to respond to your data recovery needs, unless you explicitly request the cancellation of the same for legitimate reasons.
Other types of data in our possession, not falling within the categories above, will be kept if the conservation is justified, unless explicitly requested to cancel them.
- Rights of the interested party and their exercise
The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or not of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or the correction, cancellation, limitation, portability of data (Articles 15-20 of Regulation (EU) 2016/679).
To exercise your rights, you can contact us at the references referred to in point 2 of this information.
It is also your right to lodge a complaint with the supervisory authority
- Other information
The processing of personal data may be carried out with or without the aid of electronic or automated means and will include, in compliance with the limits and conditions set by the legislation in force, all the operations or set of operations envisaged and necessary for the processing in question, including communication to the subjects referred to in § 5, if necessary.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. The owner has taken all the security measures required by law and inspired by the main international standards, has also taken additional security measures to minimize the risks relating to the confidentiality, availability and integrity of personal data collected and processed.
Changes may be made to the privacy and security policy and, if necessary, in relation to regulatory, organizational or technological changes. In the event of a change in the policies, the new version will be published on this page of the site.