May, 2018
Update of processes and policies to ensure data protection, following the new GDPR .
To comply with the new General Data Protection Regulation (GDPR) coming into effect on May 25, we have made updates to our policies and processes to ensure the protection of all data and more control over the personal information.
Data Protection for Customers and businness partners
Protection of personal data is very important for us. For this reason, we process personal data exclusively on the basis of the applicable data protection regulations.
Controller
In connection with the data protection provisions you have the following rights with regard to your personal data processed by DeCoSystem: right of access (Article 15 GDPR), right to rectification (Article 16 GDPR), right to erasure ("right to be forgotten" - Article 17 GDPR), right to restriction of processing (Article 18 GDPR), right to data portability (Article 20 DSGVO), right to object (Article 21 DSGVO) and the right to withdraw your consent (Article 7 (3) GDPR).
You can reach us under the following contact details:
Dott. Piero Lastrucci
DeCoSystem Srl
via Petrarca 35, 50041
Calenzano (Fi)
or by email
Source of the data
We have received your personal data either from yourself, your company or your employees and/or organs, from public sources such as commercial register, your website, telephone directory etc., or from third parties who have a right to transfer data to us (e.g. other group companies).
Categories of Personal Data
As part of the business relationship with you, your following personal data will be stored or processed by our company:
gender, name, academic title, function within your company, phone number, mobile number, fax number, e-mail address, language, business address.
Purposes and Legal Basis
Your personal data are processed by DeCosystem for the following purposes:
• Processing based on your given consent to the processing of your personal data (Article 6 (1) (a) GDPR),
• processing to fulfill pre-contractual and contractual obligations (Article 6 (1) (b) GDPR),
• processing to fulfill legal obligations (Article 6 (1) (c) GDPR),
• Processing for the legitimate interests of our company or third parties (Article 6 (1) (f) GDPR), namely
- for the purpose of customer management and sales,
- for the purpose of answering requests,
- for the purpose of internal administration,
- for the purpose of credit rating,
- for the purpose of direct marketing of our products/services,
- for the purpose of conducting marketing surveys,
- for the purpose of preventing abuse (whistleblowing system).
Recipients
Personal data are only stored into internal server and they are strictly protected. Only the employees of our company who are responsible for customer service and for our business partners have access to your personal data.
As far as necessary for the fulfillment of contractual obligations, a transmission of your data to third parties may occur, such as the transmission of your name and address to commissioned transport or shipping companies for the delivery of ordered goods. These companies are required to comply with data protection.
Storage Period
We will store or retain your data as long as it is necessary for our business purposes, as well as in accordance with the legal obligations for storage, documentation and limitation periods.