SIT S.r.l., VAT number 05070830756, e-mail firstname.lastname@example.org, with registered office in Corte dei Romiti 6, 73100 Lecce, as Data Controller, pursuant to EU Regulation 2016/679 (hereinafter: “GDPR”) – considers the privacy and protection of Personal Data to be the backbone of its business.
Nature of the data processed
All personal data provided by the User will be processed lawfully and fairly in order to provide the services or to respond to requests made by the interested party pursuant to art. 6 par. 1 l. a) and b) GDPR.
The provision of Personal Data for these purposes is optional but failure to provide it would make it impossible to provide the requested services.
Type of data processed
The optional, explicit and voluntary sending of messages to the contact addresses of GALA Srl, as well as the compilation and forwarding of the forms on the site itself, involves the acquisition of the sender’s contact data, necessary to reply. , as well as all personal data included in communications.
Methods of Processing and Storage
The processing of data will be carried out both manually and with the aid of electronic tools, in compliance with the provisions of art. 32 GDPR on security measures, by persons specifically appointed and in compliance with the provisions of art. 29 GDPR.
The Personal Data processed will be kept for the time strictly necessary and in compliance with the principles of minimization and limitation of conservation art. 5 paragraph 1 l.e) GDPR. More information regarding the data retention period and the criteria used to determine this period can be requested by writing to the Data Controller.
Scope of Communication and Dissemination
The data collected will never be disseminated and will not be communicated, except for subjects who typically act as Data Processors pursuant to art. 28 GDPR that is: a) Persons, companies or professional firms that provide assistance and consultancy in accounting, administrative, legal, tax, financial and credit recovery matters relating to the provision of the Services; b) Subjects with whom it is necessary to interact for the provision of the Services (for example hosting providers); c) Subjects, Bodies or Authorities, independent data controllers, to whom it is mandatory to communicate the Personal Data by virtue of the provisions of the law or orders of the Authorities.
The list of data processors can be requested from the Data Controller.
Transfer of personal data
The data collected will not be transferred to Member States of the European Union or to third countries not belonging to the European Union (in the event that this should happen in the future, we will provide a separate prior notice relating to the illustration of the suitable legal guarantees that must assist such transfer).
Rights of the interested part
Pursuant to articles 15 and following of the Regulation, the User has the right to request at any time, access to your Personal Data, the correction or cancellation of the same, the limitation of processing in the cases provided for by ‘art. 18 of the Regulation, obtain the data concerning you in a structured format, commonly used and readable by an automatic device, in the cases provided for by art. 20 of the Regulation. At any time, the User can revoke pursuant to art. 7 of the Regulation the consent given; propose a complaint to the competent supervisory authority (Guarantor for the Protection of Personal Data – www.garanteprivacy.it) pursuant to art. 77 of the Regulation, if you believe that the processing of your data is contrary to the legislation in force.
You can formulate a request for opposition to the processing of your data pursuant to article 21 of the Regulation in which to give evidence of the reasons justifying the opposition: the Data Controller reserves the right to evaluate the request, which would not be accepted in the event of the existence of binding legitimate reasons to proceed with the processing that prevail over your interests, rights and freedoms.
Requests must be sent in writing to the Data Controller.