In accordance to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 concerning the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data (hereinafter defined as the “Regulation” or ” GDPR “). Considering the provisions of Legislative Decree 196/2003 (Code of conduct with regards to the protection of personal data), as amended by Legislative Decree 101/2018, we hereby inform you that the personal data provided to ” Exclusiva Contract Srl” will be processed and used according to the principles of lawfulness, fairness and transparency in order to guarantee the rights, the fundamental freedom, and  the dignity of each individual, with particular reference to confidentiality and personal identity. This privacy policy will provide you with all the necessary information in order to understand how we will be using your personal data.
HOLDER OF THE TREATMENT
Data Controller of Personal Data (hereinafter defined as the “Owner”):
Exclusiva S.r.l., Fiscal Code 17340341001, REA number – RM 1711789 legal head office in Via Giulia, 167 – 00186 Rome, in the person of the Legal Representative.
Contact details: Tel.: +39 0668803383 – E-mail: info@exclusivasrl.com – PEC: exclusivasrl@legalmail.it
PERSON RESPONSIBLE FOR DATA PROTECTION
The Data Protection Officer (RPD / DPO): Mr Massimo Corinti
Contact details: Mob. +39 335 7687380 – E-mail: dpo@corinti.eu – PEC: dpo@pec.corinti.eu
WHAT CATEGORIES OF PERSONAL DATA ARE PROCESSED
Within the limits of the purposes and methods described in this information note, data considered as “simple personal” data may be processed, including personal identification details, such as name, surname, mobile number and e-mail address. Furthermore, computer systems and software processes being utilized to run this website acquire technical data for the sole purpose of verifying its correct functioning. The data acquired could also be used to ascertain responsibility in the event of hypothetical cybercrimes perpetrated against the website.
PURPOSE AND LEGAL GROUNDS FOR DATA PROCESSING
Personal data provided will be treated considering the principles applicable to the processing of personal data as stated by art. 5 of the Regulation (EU) and for the following purposes: optional, personal data explicitly and voluntarily submitted by the User within the registration forms on this site implies subsequent acquisition of said data as necessary for the provision of the requested service(s). By filling in the contact form with his/her personal data, the User consents to their use in order to respond to requests for information or of any other nature as indicated in the form header.
METHOD OF TREATMENT/HOW WE WILL USE YOUR DATA
The processing of personal information will be carried out both by means of manual and / or Information Technology and electronic tools, the organization and processing logics of which will remain strictly related to the purposes stated and by all means aimed at guaranteeing the security, integrity and confidentiality of the data, in compliance with organizational and physical measures and the logic provided for by the provisions in force. The processing of User’s Personal Data may consist in information on their collection, registration, storage, modification, communication and cancellation; we store in digital format for the time strictly necessary to achieve the purposes for which they were collected.
RECIPIENTS OR CATEGORIES OF DATA RECIPIENTS
The personal data provided may be communicated to recipients who will process the data as external managers (pursuant to Article 28 of the Regulation), such as Information Technology companies for activities strictly connected and instrumental to the operation of the service or the management of the website, and / or as individuals acting under the authority of the Data Controller and the Data Processor (pursuant to Article 29 of the Regulation). All employees, consultants, and / or any other “individuals” who are authorized to process, will carry out their activities on the basis of the instructions received from the Data Controller, are designated “Data Processors”. The Data Controller gives adequate operating instructions to the designated individuals in charge or to the Managers, with particular reference to the adoption of and compliance with security measures, in order to guarantee the confidentiality and security of the data. Precisely with reference to the protection aspects of personal data, we invite you, pursuant to art. 33 of the GDPR, to report to the Data Controller any circumstances or events from which a potential “breach of personal data (data breach)” may arise, in order to allow an immediate assessment and the adoption of any measures aimed at countering this event. Furthermore, following a specific request, personal data could be transmitted to the competent authorities for the fulfillment of legal obligations and / or provisions of public bodies.
TRANSFER OF PERSONAL DATA OUTSIDE THE EU AREA.
Personal data are not processed outside the EU Area (EEA).
AUTOMATED PROCESSING OF DATA, INCLUDING PROFILING
The processing that Exclusiva Contract will perform on personal data does not provide for any automated decision-making process that could produce legal effects on the individual’s data or which could significantly affect the said person in any similar way, including profiling activity.
STORAGE DURATION OR CRITERIA
The processing of data will last no longer than what strictly necessary for the purposes for which the data were collected and for the time period set out by legal obligations. If the personal data is no longer needed for any purpose and we are not required to keep it by law, we will do everything in our capacity to delete, destroy or anonymize it.
RIGHTS OF THE INTERESTED PARTIES, ARTT. FROM 15 TO 22 OF THE REGULATION
By contacting the Data Controller or through the Data Protection Officer at the references provided above, the interested party can exercise the rights provided for in Articles from 15 to 22 and as applicable in consideration of art. 23 of the Regulation. Where required, the data subject has the right to access their personal data, to correct inaccurate data, to cancel, limit or oppose to its processing, to request data portability, or to withdraw consent. The response to any such requests will be provided within one month, if the request is too complex or if numerous requests are received, this period may be extended by another two months. Moreover, the interested party always has the right to lodge a complaint with the Data Protection Supervisor at the references on the website: www.garanteprivacy.it as required by art. 77 of the Regulations, or to take the appropriate judicial offices pursuant to art. 79 of the Regulation.
Exclusiva S.r.l.
Updated October 23, 2023