This document is intended to provide you with information pursuant to Art. 13 of Regulation (EU) No. 2016/679 on the Protection of Personal Data (“General Data Protection Regulation”, hereinafter “GDPR”).
Identity of the Data Controller
- The Data Controller is Alberto Piva, with registered office and processing operations at VIALE BACCHIGLIONE 20, 20139, MILAN. You can contact the Data Controller at the email address in the contact section of this website.
- The Data Controller guarantees the security, confidentiality, and protection of the personal data in its possession at any stage of the data processing.
- The personal data collected are used in compliance with the principles of lawfulness, fairness, transparency, and relevance, and in accordance with the GDPR.
Purposes of Processing
Your personal data will be processed for the following purposes:
- execution of obligations arising from a contract to which you are a party or to fulfill, before or after the execution of the contract, your specific requests,
- organizational, administrative, accounting, and commercial management of the contract,
- fulfillment of obligations provided for by law, regulation, EU legislation, or an order from the Authority,
- internal statistical analysis,
- management of credit assignment procedures for compensation of damages resulting from road accidents. Your data will not be used for purposes other than or additional to those described in this privacy policy, unless you are informed in advance and, where necessary, your consent is obtained.
Legal Basis for Processing
The legal basis for processing data for the purposes indicated above consists of executing a contract to which you are a party or pre-contractual measures taken at your request, or following a legal obligation, or protecting our legitimate interest (e.g., pursuit of statutory purposes or, if necessary, to exercise and/or defend the company’s rights in court).
Providing data for the fulfillments required and sanctioned by law is mandatory; otherwise, providing data is optional but necessary; therefore, any refusal results in the impossibility for the Controller to follow through with the relationship to be established, its timely execution, and assistance services.
Methods of Processing
The processing of your personal data is carried out using both paper and electronic/digital/telecommunication tools through the operations indicated in Art. 4 No. 2) GDPR, specifically: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure, and destruction of data.
Data Recipients
Your personal data will not be subject to disclosure or dissemination and will not be made known to indeterminate subjects, in any possible form, including making them available or simple consultation.
However, such data may be processed by subjects under the authority of the Data Controller and/or expressly authorized collaborators who have received adequate operational instructions, always for the purposes indicated above.
Without prejudice to communications carried out in fulfillment of legal and contractual obligations, your data may be communicated to subjects entitled to access them by virtue of provisions of law, regulations, and EU legislation as well as, where necessary for the pursuit of the specific purposes above and within the strictly necessary limits, to subjects who must provide goods or services to the Controller, such as: credit institutions, insurance companies; legal, administrative, tax, or marketing consultants assisting the company in its activities; IT or cloud service providers; agents, subcontractors, and/or sub-service providers involved in activities related to the execution of the Contract with the Controller; subsidiaries, associates, or affiliates; all this, always in compliance with the GDPR and for the pursuit of the purposes indicated above.
Data Transfer
The Data Controller does not transfer your personal data to third countries or international organizations. However, it reserves the possibility to use cloud services; in which case, service providers will be selected from among those who provide adequate guarantees, as provided for by Art. 46 GDPR 679/16.
Data Retention
Your collected data will be stored, starting from their receipt/update, for the purposes indicated above and in accordance with current regulations and, in the event of legal litigation, for its entire duration until the expiration of the terms for filing appeals. In the case of processing based on consent, your data will be processed until you revoke the consent provided and, subsequently, for the time strictly necessary to fulfill applicable legal or regulatory obligations and in any case for the time necessary to guarantee the exercise of the company’s rights, including in court.
The retention period will be determined based on the assessment of each individual operation and will, in any case, comply with the principles of necessity, purpose, relevance, minimization, and non-excessiveness of the GDPR.
Rights of the Data Subject
At any time, you may exercise the following rights toward RADRIZZANI SRL under Articles 15 to 22 of the GDPR:
- right of access to your personal data;
- right to rectification or erasure;
- right to restriction of processing;
- right to portability;
- right to object;
You also have the right to freely revoke the consent provided at any time. Processing carried out while consent was in effect and the relative legal effects will remain valid even after any revocation of consent.
To exercise these rights, report problems, or ask for clarifications on the processing of your personal data, you can send an email to INFO@RADRIZZANISRL.IT specifying the subject of the request.
In any case, you are recognized the right to file a complaint with the competent supervisory authority, which in Italy is identified as the Garante per la Protezione dei Dati Personali, if you believe that the processing of your personal data is contrary to applicable law.
Changes and Updates
This privacy policy may be subject to changes and/or additions, also as a consequence of updates to the applicable legislation.