Processing of Personal Data in accordance with Regulation (EU) 679/2016 (the so-called “GDPR”)
Data controller: Security Solutions for Innovation s.r.l.
Registered office: Via Vittoria Colonna 14, Naples (NA) – ZIP code 80121
VAT No. and Company Registry No. 09298811218.
Email: [email protected]
Information pursuant to the GDPR
SecSI srl, in its capacity as the Data Controller of personal data, pursuant to and for the purposes of EU Reg. 2016/679 – hereinafter ‘GDPR’-, hereby informs you that the aforementioned legislation provides for the protection of data subjects with respect to the processing of personal data and that such processing will be based on the principles of fairness, lawfulness, transparency and protection of your privacy and your rights. Your personal data will be processed in accordance with the legislative provisions of the above-mentioned legislation and the prescribed confidentiality obligations. SecSI, to this end, in addition to appointing a Data Protection Officer, has developed specific safeguards and prescriptions to organize its activities and imprint them with data protection, taking high-profile measures in the crucial area of cybersecurity.
Categories of data processed
Personal Data collected, independently or through third parties, includes the following: personal data (first and last name) identifiers (email address, cell phone number, physical address) Cookies; Usage Data.
Legal basis and purpose
Data are processed if these conditions are met:
- The ‘user has given consent for one or more specific purposes;
- The processing is necessary for the performance of a contract with the User and/or the execution of pre-contractual measures;
- the processing is necessary for the performance of a legal obligation to which the Controller is subject;
- processing is necessary for the performance of a task of public interest or the exercise of public authority vested in the Controller;
- processing is necessary for the pursuit of the legitimate interest of the Controller or third parties.
In particular, the processing of your data, collected and stored in connection with the completion of the form, registration to the site and/or verbally communicated by you, has as its legal basis your consent and is carried out for the following purposes:
- to prepare what is requested in the form you have sent to us;
- to give you access to the contents of the restricted area of the site and/or to communicate the characteristics of the products and services offered;
- to be able to send you offers and evaluate possible actions for the fulfillment of your request;
- provide for the improvement of the IT activity;
- to proceed with your subscription to the newsletter;
- send educational, informative and commercial communications;
- manage commercial profiling activities.
Place of processing
The Data are processed at the operational offices of the Data Controller and at any other place where the parties involved in the processing are located.
Communication to third parties
If pertinent to the stated purposes of processing, your data may be disclosed to partners, consulting companies, private companies, and appointees of the Data Controller.
Your data will not be subject to dissemination.
Period of data retention
The data collected will be retained for a period of time not exceeding the achievement of the purposes for which they are processed (“principle of limitation of storage”, art.5, GDPR) or according to the deadlines stipulated by legal regulations. In particular, for personal data contained in a contract, there is provision for deletion after 10 years from the termination of the contractual relationship or any dispute.
Verification of the obsolescence of retained data in relation to the purposes for which they were collected is carried out periodically.
Obligatory nature of providing data
The provision of personal data is mandatory if without it it would be impossible to provide certain services offered to the interested party; on the other hand, it is optional for promotional or commercial purposes and, in this case, any refusal to give consent has no negative consequences on the provision of services. For this reason, the provision of data is for some fields, included in the site registration form and/or other forms, optional and for others mandatory and failure to provide the mandatory data will make it impossible to send the form itself and in general the beginning or continuation of a business relationship.
Exercise of rights
The data subject always has the right to ask the Data Controller for access to his/her data, rectification or erasure of data, restriction of processing or the possibility to object to processing, to request data portability, to revoke consent to processing, asserting these and other rights provided by the GDPR by simple communication to the Data Controller at the following email address: [email protected]