Privacy
PRIVACY POLICY STATEMENT OF MECKIND SRL
Privacy policy statement (Articles 13-14, Regulation (EU) 2016/679)
(European General Data Protection Regulation)
Dear Sir/Madam,
We inform you that Regulation (EU) 2016/679 ("European General Data Protection Regulation”) provides for the protection of individuals and other data subjects, and requires respect for the processing of personal data.
In accordance with Articles 13 and 14 we therefore provide you with the following information:
1.Purpose, legal basis for the data processing
The objective of the processing of your personal data is as follows:
Meckind Srl considers the protection of our clients’ personal data to be of fundamental importance, and guarantees that the processing of personal data, by any means, whether automated or manual, takes place in full accordance with the safeguards and rights recognised in Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 concerning the protection of individuals with regard to the processing of personal data, the free circulation of such data, and other provisions applicable to data protection.
2. Source of personal data and purpose
Only the data you provide will be used and stored
3. Method of data processing
Your data will be processed electronically and on paper, in relation to the stated purposes. The data processing is carried out in a way that guarantees logical and physical security and confidentiality of your data.
4. Nature of personal data
The data we process relates to the fulfilment of the services requested by you.
For this purpose we may need to obtain your personal data and process it. You will be asked to provide your written consent.
5. Scope of disclosure and communication of your data
Your personal data may be communicated to:
-
anyone who has the right to access the data by law;
-
our staff and collaborators, in connection with their duties.
6. Period of conservation.
Your personal data will be kept for as long as you are clients of ours. It will only be kept after that if we need to comply with legal or fiscal obligations.
7. Rights of the Interested Party
7.1 Art. 15 (right of access) , 16 (right to rectification) Reg. (EU) 2016/679
The data subject may obtain confirmation from the data controller of whether or not his or her personal data is currently being processed, and if so may obtain access to that data, and to the following information:
a) the purposes of processing;
b) the categories of personal data concerned;
c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
d) the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
f) the right to lodge a complaint with a supervisory authority;
g) the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
7.2 Rights under Art. 17 of Reg. (EU) 2016/679 - right to erasure (“right to be forgotten”)
The data subject may obtain, from the data controller, the erasure of his/her personal data, without unjustified delay. The data controller must erase the personal data without unjustified delay for one of the following reasons:
a) the personal data is no longer required for the purpose for which it was obtained or processed;
b) the data subject withdraws the consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2) of Regulation (EU) 2016/679, and where there is no other legal ground for the processing;
c) the data subject objects to the processing pursuant to Article 21(1) of Regulation (EU) 2016/679 and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of Regulation (EU) 2016/679;
d) the personal data has been unlawfully processed;
e) the personal data has to be erased for compliance with a legal obligation under the laws of the European Union or Member State to which the controller is subject;
f) the personal data has been collected in relation to the offer of information society services referred to in Article 8(1) of Regulation (EU) EU 2016/679
7.3 Rights under Art. 18 Right to restriction of data processing
The data subject may obtain a limitation of the data processing, from the Data Controller, in one of the following cases:
a) the data subject disputes the accuracy of the personal data, for the period required by the data controller for checking such accuracy;
b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of its use instead;
c) the data controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defence of legal claims;
d) the data subject has objected to processing pursuant to Article 21(1) of Regulation (EU) 2016/679, pending verification whether the legitimate grounds of the controller override those of the data subject.
7.4 Rights under Art.20 Right to data portability
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without hindrance from the controller to which the personal data has been provided.
8. Revocation of consent to processing
The data subject may revoke consent to the processing of his or her personal data, by contacting the data controller at the address indicated below:
[email protected]