I. PRIVACY SYMACSHOP INFORMATION
According to article 13 of the Code and the Regulations, we therefore provide the following information.
II. DATA PROCESSING
1.Title of the treatment
1. The data controller is the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of processing personal data, also dealing with security profiles.
2. With regards to this website, Symacshop is the data controller with the registered office in via Ugo Foscolo 36A, Partita I.V.A. IT02402990812 - R.E.A .: 167714.
2. Data processing location
The processing operations connected to the web services of this site take place at the aforementioned Alcamo office and are only handled by SymacShop technical personnel.
3. DPO (data protection officer)
SymacShop has appointed a person responsible for the protection of personal data in accordance with articles 37 ff. of the GDPR who can be contacted at the following email address: firstname.lastname@example.org
4. Minor data processing
The Site is not aimed at minors aged; therefore, we ask that these subjects do not provide us with Personal Data through the Site. If, in any case, the minor is for any reason to provide Personal Data through the site, the provisions contained in art. 8 of the GDPR, in particular:
- in case of minor age of at least 16 years, the treatment will be carried out according to the canons of lawfulness, correctness and transparency prior consent of the same;
- in the case of children under the age of 16, the treatment will be carried out according to the canons of lawfulness, correctness and transparency provided that the consent is given or authorized by the holder of parental responsibility.
III. DATA PROCESSED
1. Data processing mode
The processing of your data will be carried out by carrying out any operation, or set of operations, indicated in art. 4 n. 2) of the GDPR, consisting of the collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data.
The personal data collected in this way can be processed both on paper and with the aid of computerized, telematic and automated tools, by inserting them in archives managed by subjects formally entrusted with them.
The data will be processed for the entire duration of the relationship and will be kept for the period of time provided for by Laws, Regulations or Community Regulations and, in any case, for a period of time no longer than necessary for the purposes for which they were collected and / or treated.
Access to data
Your data may be made accessible for the purposes referred to in art. 2, paragraph 2, lett. a) and b) of the GDPR:
to the employees and collaborators of the Data Controller, in their capacity as internal officers and / or managers;
To other subjects (eg consultants, suppliers, freight forwarders, etc.) who carry out activities on behalf of the Data Controller, in their capacity as external processors.
Dissemination and communication of data
Your data will not be disseminated and, without the need for your express consent, art. 6 lett. b) and c) of the GDPR - may be communicated exclusively to:
Institutional control bodies in the field of Public Security;
External consultants responsible for providing administrative, accounting, legal and tax services;
Credit institutes, data processing companies related to the temporary management of only the data connected to the commercial and financial aspect existing with SymacShop.
Any further communication will only take place with your explicit consent.
2. Purpose of processing and consent
Your data will be processed for the following purposes:
- Purposes not requiring the acquisition of a prior consent - art. 6 lett. b), e) of the GDPR:
to fulfill current accounting and tax obligations;
to fulfill the obligations provided for by the Law, by a Regulation, by the Community Law or by an Order of the Authority (eg in the field of anti-money laundering);
to fulfill payment transactions for products on the Site;
to allow relationships with service providers: like many companies, we could outsource certain data processing activities to trusted service providers, with the task of performing functions and providing services, such as, for example, suppliers, shippers, centers assistance;
for the promotion of contacts with consumers and / or commercial customers, marketing via e-mail (on our sites, through our applications or by other means of communication);
to speed up the registration procedures in case of subsequent access to our site;
- Only with your specific consent - art. 7 GDPR for the following marketing purposes:
to send you periodic commercial information and documentation on price updates and offers made by Symacshop via e-mail, post and / or telephone contact and / or your home address.
IMPORTANT: If we ask you to let us know your data and decide not to provide it to us, in some cases we would not be able to make all the features of our products, services, systems available. Furthermore, we may not be able to respond to your requests.
3. Legal basis
In order to be able to process Your Data, we can rely on different legal bases, including:
- your consent (only when necessary or permitted by law). In the event that we should rely on your consent as the legal basis for the processing of your data, you will have the right to revoke the consent at any time;
- the need to establish a contractual relationship with you and to fulfill our contractual obligations;
- the need on our part to comply with legal obligations and to establish, exercise or defend ourselves against legal actions;
- the need to pursue our legitimate interests, including, for example, managing our business;
- the need to respond to your requests;
IV. SECURITY DATA PROVIDED
Storage times Data
We keep your data for the time necessary to achieve the purposes for which they were collected. Please note that, in some cases, storage may be required or permitted for longer periods. The criteria adopted to establish the duration of the data retention period are as follows:
- For how long is the data necessary, in order to provide you with our products, or to carry out our activity?
- Do you have an account with us? In this case, we will keep Your Data as long as the account is active or as long as they are necessary for the exercise of our activities.
- We are subject to legal obligations in relation to the storage of Your Data according to the provisions of the relevant legislation.
To protect your data, we will take appropriate measures in line with the provisions of the laws and regulations in force concerning data protection and security, including asking our service providers to use appropriate measures to protect your privacy and security. Data. Depending on the technological development, the implementation costs and the nature of the Data to be protected, we adopt technical and organizational measures to prevent risks, such as the destruction, loss or alteration of Your Data and the unauthorized disclosure or access to them .
We remind you that it is your duty to ensure, as far as you know, that the data you provide to us is correct, complete and up to date. Furthermore, if you share other people's data with us, it is your obligation to collect such data in accordance with legal requirements. For example, you will need to inform other people whose data you provide to us and obtain their consent.
V. RIGHTS OF THE INTERESTED PARTY
In your quality as interested, at any time you can exercise your rights towards the Data Controller, pursuant to art. 15 of the GDPR:
- obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and their communication in an intelligible form;
- obtain the indication: a) of the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in the case of processing carried out with the aid of electronic instruments; d) of the identification data concerning data controller, data processors and the representative designated pursuant to art. 3, paragraph 1, GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or appointees; - obtain: a) updating, rectification or, when interested, integration of data; b) the deletion, transformation into anonymous form or blocking of data processed in violation of the law, including those for which conservation is not necessary in relation to the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the event that such compliance occurs it proves impossible or involves a use of means manifestly disproportionate to the protected right;
- object, in whole or in part: a) for legitimate reasons to the processing of your personal data, even if pertinent to the purpose of collection; b) to the processing of your personal data for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and / or through traditional marketing methods by phone and / or mail. Please note that the interested party's right of objection, set out in the previous point b), for direct marketing purposes through automated methods extends to the traditional ones and that the possibility for the interested party to exercise the right of opposition also remains valid only partially. Therefore, the interested party can decide to receive only communications using traditional methods or only automated communications or none of the two types of communication.
Where applicable, the rights pursuant to arts. 16-21 GDPR:
- Right of rectification (Article 16);
- Right to cancellation
- Right to oblivion (art. 17);
- Right to limitation of treatment (art. 18);
- Notification obligation in the event of rectification or cancellation of personal data or limitation of processing (Article 19);
- Right to data portability (Article 20);
- Opposition right (art. 21);
as well as the right to complain to the Guarantor Authority.
Furthermore, if you have consented for one or more specific purposes, you have the right to revoke this consent at any time.
Mode of exercise of rights
If you need to change your personal information, you can correct, update or remove it by writing to us at email@example.com If you are no longer interested in receiving announcements and other marketing information via email, send a request to privacy @ symacshop. it including the full name, email address and postal address. In any case, you can always receive communications regarding customer support.
YOU. CHANGES TO THIS DOCUMENT
This document is the information on this site.
It may be subject to changes or updates. In the case of significant changes and updates, these will be reported with specific notifications to users.
The document was updated on 03/20/2019 to comply with the relevant regulatory provisions, and in particular in compliance with EU Regulation no. 2016/679 For any questions regarding the information on the processing of personal data, please contact us at firstname.lastname@example.org