www.mybusinesscard.digital Owner, as data controller, informs you pursuant to art. 13 Legislative Decree 30.6.2003 n. 196 (hereinafter, "Privacy Code") and art. 13 EU Regulation no. 2016/679 (hereinafter "GDPR") that your data will be processed in the manner and for the following purposes:
THE HOLDER OF THE TREATMENT
The data controller is www.mybusinesscard.digital Owner.
SOURCE OF DATA
The personal data processed are the data provided by the interested party on the occasion of: Execution of the contractual services detailed in the contract signed between the parties. Implementation of administrative and accounting obligations, including regulatory obligations Execution of regulatory updating activities by sending communications (newsletters) with prior consent. Visits or phone calls. Contractual proposals and / or offers.
PURPOSE OF THE PROCESSING
Your personal data is processed:
A) without your explicit consent (Article 24 letter a), b), c) Privacy Code and art. 6 lett. b), e) GDPR), for the following service purposes:
Formulate or satisfy the requests and proposals received.
Management and execution of contractual relationships.
Management of administrative, accounting and tax activities.
Management of any disputes.
Fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority (such as for the laundering of dirty money).
Management of any disputes.
B) With specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), for the following marketing purposes:
Sending by e-mail, post, sms, telephone contacts, newsletters, commercial communications and / or advertising material on products or services offered by the Data Controller.
Sending by e-mail, post, sms, telephone contacts, newsletters, commercial or promotional communications of third parties (for example, commercial partners).
LEGAL BASIS OF THE PROCESSING
In case A of the previous point: the processing is carried out on the basis of the existence of a legitimate interest by virtue of the existence of a relevant and appropriate relationship (contractual relationship) between the data subject and the data controller.
In case B in the previous point: only with your specific and distinct consent.
PROCESSING METHOD
The data processing is carried out both by automated methods, on digital and magnetic electronic support, and on paper, in compliance with the security and confidentiality rules provided for by law and by the consequent internal regulations and provisions.
PROVISION OF DATA
The provision of data is optional but necessary to achieve the purposes of the processing and the unavailability of the same does not allow the fulfillment of the obligations indicated above and the administrative and accounting management of the relationship.
COMMUNICATION OF DATA AND DISCLOSURE OF DATA
The data can be communicated to the following categories of subjects for the performance of activities functional to the provision of its services:
Our authorized employees.
Payment banks.
Insurance companies with which R.C. society.
Law firm in the event of a dispute.
Public administrations for communications required by law.
PLACE OF TREATMENT
The data are currently processed and stored on servers located in Italy.
DATA TRANSFER
We do not transfer personal data abroad or to international organizations.
DATA RETENTION TIMES
The Data Controller will process personal data for the time necessary to satisfy the aforementioned purposes and in any case for no more than 10 years from the termination of the relationship for service purposes and no later than 2 years from the collection of data for marketing purposes.
Subsequently, the personal data will be archived, but will no longer be processed, for the time established by the current provisions of the law on tax and civil law.
RIGHTS OF THE DATA SUBJECT
In particular, the interested party may exercise the rights provided for by the GDPR 679/16:
Art. 15 Right to access your data.
Art. 16 Right of rectification.
Art. 17 Right of withdrawal.
Art. 18 Right to limit processing.
Art. 20 Right to portability.
Art. 21 Right to object.
Art. 22 Right to oppose the automated decision-making process.
The interested party exercises these rights by writing to the info(at)mybusinesscard.digital address you find on the home page specifying the subject of the request, the right he intends to exercise and attaching a photocopy of an identity document certifying the legitimacy of the request.
WITHDRAWAL OF CONSENT
According to the art. 6 of the GDPR 679/16, the interested party can revoke the consent to the processing of the personal data provided, remembering that the lack of availability of the same does not allow the fulfillment of the above obligations and the administrative and accounting management of the relationship.
AUTOMATED DECISION-MAKING PROCESSES
www.mybusinesscard.digital does not process treatments consisting of automated decision-making processes on the data provided.
COMPLAINTS TO THE SUPERVISORY AUTHORITY
The interested party has the right to lodge a complaint with the supervisory authority of the state of residence.
The Italian reference Authority is the Guarantor for the protection of personal data http://www.garanteprivacy.it