INFORMATION ON THE PROCESSING OF PERSONAL DATA

in accordance with Article 13 of EU Regulation 2016/679 - GDPR

The undersigned company, as the data controller (hereinafter also referred to as the "Controller"), informs, in accordance with Article 13 of EU Regulation No. 2016/679 (hereinafter "GDPR"), that your data will be processed with the methods and for the purposes set out below:

1. Object of processing
The Controller processes personal data, both identifiable and non-sensitive (in particular, name, surname, tax code, VAT number, email, telephone number – hereinafter, "personal data" or "data") communicated by you at the beginning of commercial relationships with the Controller.

2. Purposes and legal basis for processing
Your personal data are processed without your express consent (Art. 6 para. b, and GDPR), for the following purposes: a) to fulfill pre-contractual, contractual, and fiscal obligations arising from relationships with you; b) to fulfill obligations imposed by law, regulations, EU legislation, or an order of the Authority; c) to exercise the rights of the Controller, for example, the right to legal defense.
The legal basis for the processing is found in the following cases: Fulfillment of contractual obligations or pre-contractual measures, legal obligations to which the data controller is subject, overriding legitimate interest of the data controller or third parties to whom the data is communicated.

3. Processing methods
The processing of your personal data is carried out through the operations indicated in Article 4, No. 2, of the GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure, and destruction of data. Your personal data are subject to processing both in paper and electronic and/or automated form. The Controller will process personal data for the time necessary to fulfill the purposes set out above and in any case for no more than 10 years from the cessation of the relationship for the purposes of Article 2.

4. Access to data
Your data may be made accessible for the purposes of Article 2: a) to employees and collaborators of the Controller or companies in which it participates or is participating, in their capacity as data processors and/or internal controllers of the processing and/or system administrators; b) to third parties (e.g., service providers for the management and maintenance of the website, suppliers, credit institutions, professional studios, etc.) that carry out outsourcing activities on behalf of the Controller, in their capacity as data processors.

5. Communication of data
Without your express consent (Art. 6 para. b and c, GDPR), the Controller may communicate your data for the purposes of Article 2 to supervisory bodies, judicial authorities, and all other subjects to whom communication is mandatory by law for the fulfillment of said purposes. Your data will not be disclosed.

6. Data transfer
The management and storage of personal data will take place on servers located within the controller's headquarters. The data will not be subject to transfer outside the European Union.

7. Nature of data provision and consequences of refusal to answer
The provision of data for the purposes of Article 2 is mandatory. Without them, we cannot guarantee the Services mentioned in the same article.

8. Data Subject Rights
As a data subject, you have the rights under Article 15 of the GDPR. Where applicable, you also have the rights under Articles 16-21 of the GDPR (Right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object), as well as the right to lodge a complaint with the supervisory authority.

9. Exercise of rights
You can exercise your rights at any time by sending a registered letter with acknowledgment of receipt to the address of the Controller indicated above or an email to info@ageon.it

10. Data Controller, Data Processor
The Data Controller is AGEON S.r.l. The updated list of data processors is kept at the headquarters of the Data Controller.