Extended privacy policy

INFORMATION ON PERSONAL DATA PURSUANT TO ART. 13 GDPR 679/2016

The following information is provided pursuant to Art. 13 of the GDPR (EU Regulation 2016/679), in accordance with the principle of transparency, to make the user aware of the characteristics and methods of data processing:

User Identity and Contact Details
We declare that the collected data is the property of: Parkemo Italia S.r.l. Via Marmolaia 4, 38033 Cavalese (TN), ITALY.
Tel. +39.0462 235603 Fax. +39 0462.342118, info@parkemo.it PEC:parkemoitaliasrl@legalmail.it

How the Site Owner collects and processes your data
The Site Owner collects and/or receives certain user data, including: name, surname, tax code, physical and electronic address, telephone number and/or mobile bank data. This is used by the Holder to carry out the execution of the contract, as well as to fulfil the legal and regulatory obligations to which the Holder is subject in relation to the activity being conducted. The sharing of personal user data is mainly with third parties and/or recipients whose services are utilised for the necessary conduct of the business in question, or to improve the products & services offered by the Owner, and to comply with certain legal obligations. The use of user data other than for these purposes is subject to the consent of the user.

User data (such as name, surname, address, mobile phone number and/or fixed line) may also be processed for purposes of promotions, market surveys and research relevant to products and services offered by the Owner, and only with the consent of the user.

Data Processing
Data processing is carried out in accordance with Art. 6 EU Regulation 2016/679, for the following purposes:

• management of pre-contractual and contractual relationships and the consequent compliance, including regulatory compliance

The processing of user data following the signing of the contract is used to initiate preliminary operations including the fulfilment of any obligation arising from the same (e.g. design and production of wooden floors, etc.), billing and payment administration, processing of client complaints and/or feedback. User contact details will also be used to respond to requests and to answer any questions. Existing clients may receive adverts and notices relating to products and services similar to those previously used. To opt out of such data storage, contact the Data Controller to revoke your consent in accordance with Art. 15 and 16-21 of the GDPR. The rights of the interested party are fully detailed under the relevant clauses.

• for communication to third parties and other recipients

The communication of personal user data depends on the type of contract and related obligations.
User data will be communicated to third parties/recipients if:

1. The User provides permission;
2. It is necessary for the fulfilment of the contractual obligations and any legal provisions (e.g. protection of the rights of the signatories, reporting to supervisory authorities, etc.);
3. Sharing the user data is necessary for commercial and legal processing with accounting consultancy firms; auditing and certification companies; quality control and certification agencies; banks for the management of debt collection and payments; companies and legal firms for the protection of contractual rights and/or those relating to credit recovery; data processing and IT services companies (e.g. web hosting, data entry, management and maintenance of infrastructures and IT services, etc.);
4. It is used for business marketing purposes

Processing of user data is to offer targeted products and services similar to those already purchased, new and improved services and to send promotional material. Data processing can only be executed provided the user has given consent and only until consent has been withdrawn.

Legal basis and legitimate interest
The legal basis for data processing in the first two abovementioned points is the user’s willingness to participate in the contract;

User data is legally processed under the following circumstances:

• if it is necessary to fulfil a contract in which the user is a signatory partner or for the performance of any agreed pre-contractual steps;
• If it is necessary in the fulfilment of a legal obligation;
• If it is based on free consent.

Data Processing Methods
Data processing extends to user data collection, user registration, user data management, data storage, consultation, processing, modification, selection, extraction, comparisons, usage, interconnection, blocking, communication, cancellation and destruction of user data. Operations are carried out with IT tools or on hard copy. The treatment is carried out by the Owner and/or authorized personnel.

Individual Recipients of User Data and Categories of Recipients

Personal user data in the possession of the Company is processed by authorized persons under the Owner’s responsibility for the abovementioned purposes only.

Personal user data will not be disseminated, but it may be shared with public or private entities for the abovementioned purposes.

Such personal user data may also be shared with state entities or departments responsible for governmental fiscal enforcement (e.g. Department of Inland Revenue, State Financial Administration).

User data may also be shared with employees or partners working with the Company in the performance of the contract including: Artisans, Consultants, Technicians, Labour Consultants, Accountants, Lawyers, etc..

Finally, user data may be shared for the management of debt collection and payments connected with the execution of contracts such as banks, factoring agencies, credit recovery companies, credit insurance agencies, post offices, forwarding agents and couriers when forwarding documents and/or material.

All data sharing will be in compliance with the law and strictly related to the purposes set out above.

Data transfer to a third country
The Holder undertakes not to transfer the data to a third country or to any international organisations, unless a directive is issued to that effect by the EU Commission.

How is user data stored and for how long?
The processing of user data is both automated and manual, using electronic tools employed by persons authorized by the Owner for such purposes. Storage archives, both in hard copy and electronic, are adequately protected by effective security to counter violations. Periodic and regular verification of the security measures adopted, especially electronic and telematic, guarantee the confidentiality of personal user data during processing, archiving and storage. Personal user data is kept for the time necessary to fulfil the agreed contractual, as well as other legal obligations. User data on hard copy or stored electronically is processed by specifically authorised and trained company employees. Such employees gain access to personal user data only to the extent necessary for the implementation of their data processing requirements. Periodic inspections of personal user data processing are performed by the Data Controller and security measures are regularly updated. Regular security checks are undertaken by authorized persons, to ensure that personal data is not collected, processed or stored other than for essential client data processing purposes and to ensure that personal user data is treated with complete integrity. The data may be stored on hard copy, electronically or on telematic files located within the European Economic Area, and are safeguarded by appropriate security measures. Personal user data processed by the Owner is kept only for the time necessary for the fulfilment of the contractual obligations and 10 years after its expiry (Art. 2946 cc.), or as long as the rights that depend on are enforceable (pursuant to Art. 2935 cc.), as well as for the fulfilment of obligations (e.g. fiscal and accounting) that persist even after the conclusion of the contract (Art. 2220 cc.), for which purposes the Owner is obliged to keep only the necessary data for their prosecution. This is without prejudice to cases in which the rights deriving from the contract are legally required in court, in which case the personal user data (only that which is necessary for such purposes) will be processed for the time necessary to pursue them. In case of non-binding contracts, the Owner has the right to store personal user data for a period of up to 48 months from the last activity from when the user expressed interest in services on the website (e.g. price quotations, information and registration requests). Personal user data will be kept for a maximum period of 24 months for the purposes of research.

Rights to Personal User Data
Users have rights to the following:

• To request access from the Data Controller to proprietary personal user data and information relating to the same; the correction of inaccurate data or the integration of incomplete data; cancellation of proprietary personal user data (if one of the conditions indicated in Art. 17, ¶1 of EU Regulation 679/16 is met and in compliance with the exceptions provided for in ¶3 of the same article); limits placed on the processing of personal user data (if one of the hypotheses indicated in art. 18, ¶1 of EU Regulation 679/16 actually materialise);
• To obtain from the Data Controller proprietary personal user data in a structured format, readable by an automated device, as well as to communicate such data to third-party holder (the so-called right to transfer/portability of personal user data) when the contract or user consent constitutes the basis for legal processing, also by automated means;
• To object at any time to the processing of personal user data in the event of special situations affecting the user;To revoke consent at any time, but only in cases where the data processing is based on user consent for limited purposes with regard to ordinary personal data (e.g. date/place of birth or place of residence), or specific categories of data (e.g. racial profiling, political views, religious beliefs, state of health and sexual preferences). Data processing based on user consent prior to the revocation of the same, remains legal;
• To lodge a complaint with a supervisory authority (Autorità Garante per la Protezione dei Dati Personali (www.garanteprivacy.it).

Users have the right to revoke consent at any time in terms of Art. 6(1)(a) and Art. 9(2)(a) of EU Regulation 2016/679, without however prejudicing the legality of data processing with respect to consent granted prior to revocation of that right.

Queries concerning the above user rights, should be addressed to: : parkemoitaliasrl@legalmail.it

In the event the Data Controller wishes to further process proprietary user data for any purpose other than that for which it was collected, then – prior to any such further processing – the Data Controller will provide the user with information regarding such actions and any other relevant information.

Profiling
The Owner does not make use of automated profiling processes.