INFORMATION ON THE PROCESSING OF PERSONAL DATA - PRIVACY POLICY

(Privacy Code - Legislative Decree 30.6.2003, n. 196 - Art. 13 - EU Regulation 679/2016 - Art. 13)

We are aware of how important the ways in which information about you are used and shared are to you and we appreciate the trust you place in us in doing so scrupulously and responsibly.

This privacy policy describes how we collect and process your personal data.

WHO IS THE OWNER?

Below is the main information, pursuant to art. 13 Legislative Decree 30.6.2003 n. 196 (hereinafter, "Privacy Code" and art. 13 EU Regulation no. 2016/679 (hereinafter, "GDPR", on the processing of your personal data carried out by Arwin & Partners, based in Corso Magenta 87, 20123 Milan, CF / PI 10673340963 as Data Controller (hereinafter, "Owner").

For any clarification, question or need related to your privacy and the processing of your personal data, you can contact us at any time by sending a request to the email address info@arwinpartners.com or by writing to the address of the Controller's office.

WHAT DATA DO WE PROCESS?

Personal data, including particular ones, (for example, name, surname, company name, address, telephone number, e-mail address, bank and payment details, information relating to solvency, general and specific information on the interested parties aimed at the correct execution of the contract) - subsequently, "personal data" or even "data" communicated on the occasion of the conclusion of contracts for our services.

The processing of personal data means any operation or set of operations, carried out with or without the aid of automated processes and applied to data or sets of data, even if not registered in a data bank, such as collection, registration, the organization, structuring, storage, processing, selection, blocking, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, restriction, cancellation or destruction.

PURPOSE OF THE PROCESSING PROCEDURE MODULARITY

Your personal data are processed without your express consent (Article 24 letter a), b), c) Privacy Code and art. 6 lett. b), e) GDPR), for the following service purposes:

  • conclude contracts for the Controller's services;
  • fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships;
  • fulfill the obligations established by law, by a regulation, by community legislation or by an order
  • of the Authority;
  • exercise the rights of the owner, for example the right to defense in court.

In the aforementioned cases, the processing of your personal data is legitimate as it is necessary to execute a contract with you or to provide you with the service you have specifically requested. Any refusal to provide them in whole or in part may make it impossible for the Owner to execute the contract or to properly carry out all the obligations related to the contract.

Your data will also be processed for:
A) carrying out, with your express written consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), direct marketing activities, such as the sending - also by e-mail, SMS - of advertising material, newsletters and communications having informative and / or promotional content in relation to products or services provided and / or promoted by our company or by our commercial partners.

HOW YOUR PERSONAL DATA ARE PROCESSED

The data will be processed by means of the operations indicated in art. 4 of the Privacy Code and Article 4 no. 2 of the GDPR, i.e. both manually and electronically with the aid of electronic and stored tools both on computer media and on paper and on any other type of suitable support, in compliance with the minimum security measures. We are committed to protecting the interests of the individuals whose data is processed. In particular, we guarantee that the data collected are:

  • processed in compliance with applicable regulations and processed lawfully and transparently;
  • collected for the purposes provided for by law;
  • subjected to processing only for the intended purposes and within these limits;
  • adequate, appropriate and necessary in relation to the purposes for which they are processed;
  • stored in a way that facilitates the identification of the persons with respect to whom the data are trotted from time to face, and in any case as long as they are necessary for the purposes of the processing for which they were collected and no later than;
  • elaborati in modo da garantire la sicurezza dei dati personali, compresa la protezione contro il trattamento non autorizzato o illecito e contro la perdita occidentale, la distruzione o il danno, utilizzando adeguate misure tecniche ed organizzative.

We will process your personal data for the time necessary to fulfill the purposes described. In any case, for the activities of administration, accounting, contracts and labor law, management of any litigation, the Law in Article 2220 of the Italian Civil Code establishes a 10-year retention period, without prejudice to any delayed payments of the fees that justify its extension.

The data processed for commercial and direct marketing purposes will be kept for 2 years from the date of termination of the purpose of the service offered.

WHO CAN ACCESS YOUR PERSONAL DATA?

Our employees (and any collaborators) may become aware of your personal data, as authorized and / or data processors, subject to your consent for purposes not related to the execution of the contract, exclusively in relation to the duties carried out by them and for the purposes expressed above.

They may also become aware of your personal data, as external managers, some specific categories of subjects external to our company, always for purposes related to the execution of the obligations deriving from existing work relationships.

The external managers have been evaluated and chosen by our company for their proven reliability and competence.

The updated list of external managers and data processors is kept at our headquarters.

WHAT ARE YOUR RIGHTS?

As an interested party, you have the rights referred to in art. from 15 to 22 of the GDPR and precisely the following rights:

  • right of access;
  • right of rectification;
  • right of cancellation;
  • right to limitation of treatment;
  • obligation to notify in case of rectification or cancellation of personal data or limitation of processing;
  • right to data portability;
  • right to object.

This information may undergo changes and additions over time. Where possible, we will try to inform you promptly of the changes made.