pursuant to art. 4 of the Code and GDPR, is KING LED S.R.L.
Via Lavoratori Autobianchi, 1
20832 Desio (MB), Italia
Tel 0362 1444684
VAT number 02834550598 - MB-2570051
The methods of the Data Controller for managing the website are described below with reference to the processing of personal data of the users who consult it.
Pursuant to art. 13 of Legislative Decree 196/03 (hereinafter "Code") and art. 13 and 14 of Regulation 2016/679 / EU (hereinafter "GDPR") the Data Controller informs you that your personal data collected for establishment and management of the commercial relationship in relation to the management of accounting and administrative obligations and tax compliances requested by you will be treated in compliance with the aforementioned legislation, in order to guarantee the rights and fundamental freedoms as well as the dignity of individuals, with particular reference to confidentiality and personal identity. We inform you that if the activities provided to you foresee processing of third parties personal data in your ownership, it will be your responsibility to ensure that you have complied with provisions of the legislation regarding the interested parties in order to make their processing legitimate on our part.
Origin, purpose, legal basis and nature of the processed data
The processing of your personal data directly provided by you is carried out by the Data Controller for the fulfilment of obligations deriving from laws, regulations and community legislation as well as what has
been contractually agreed with the assignment you have entrusted to us and has as its object:
- Personal data and tax data. They are treated in particular to fulfil the requirements of technical- commercial intermediation and electronic commerce and to carry out administrative and fiscal obligations (issuing invoices, bank receipts, sending goods, providing technical and consulting services, market research);
- Data related to forms of communication, including interactive ones, that can be used for exchanging information with the Data Controller, such as e-mail addresses, telephone numbers, services for communication tools via PC, tablet or smartphone that use a data or internet connection;
- Data related to images, collected and processed by means of video surveillance systems intended to ensure the safety and protection of property and people in compliance with your prerogatives and rights, if present in the headquarters of the Data Controller.
Among the aforementioned data, the data that art. 4 of the Code and art. 9 of the GDPR indicate as "particular" data (sensitive data) are NOT present.
Particular / sensitive data are, for example, those that can reveal the state of health, maternity, accidents, incapacity of you, of members of your family unit or, if applicable, of your employees, including membership of a political party or trade union or religious beliefs.
These data are processed in compliance with the provisions of the Code and the GDPR as well as in light of General Authorization n. 4/2016, General Authorization n. 7/2016 and Authorizations for the processing of judicial and sensitive data related to mediation activities aimed at conciliating civil and commercial disputes of 21 April 2011, adopted by the Guarantor Authority for the protection of personal data (hereinafter also "Guarantor"), by the Data Controller for the exclusive purpose of fulfilling legal obligations and provisions in the assignment received.
Furthermore, your personal data collected from third parties may also be processed for purposes indicated above and in compliance with the applicable legislation as well as within the limits of legal obligations and on the indication of the competent judicial authority, that is by express provision of regulatory obligations of the Data Controller for judicial data.
Regarding the video surveillance systems, if present at our offices, the data will be processed on the basis of the balancing of interests carried out by the Guarantor with the measure of 10/4/2010.
Communication of your personal data, carried out following obligations established by law, is foreseen in order to follow up on the obligations requested by you that are inherent to the assignment received, as well as any delegated powers you have conferred (e.g.: Express Courier). In relation to these purposes, if needed, your personal data will be communicated to companies that deal with the shipment of goods or services ordered or for the development and/or operation of the information systems used by the Data Controller. In addition, the data may be disclosed to UIF, or to another agency required by the legislation, for requirements of anti-money laundering regulations (Legislative Decree 21 November 2007, no. 231 and consequent application and implementation rules - Ministerial Decree 16 April 2010).
These agencies, organizations, companies and professionals act as Data Processors appointed by the Data Controller or are themselves Data Controllers of personal data sent to them.
Your personal data, or rather personal third parties data in its holdership, may also be disclosed to external companies, identified from time to time, to which the Data Controller entrusts the execution of obligations deriving from the assignment received to which the only data necessary for the activities requested of them will be transmitted. All employees, consultants, temporary workers and / or any other "natural person" who carry out their job following the instructions received from the Data Controller pursuant to art. 30 of the Code and art. 29 of the GDPR, are appointed "Data Processors" (hereinafter also "Persons in charge"). The Data Controller gives appropriate operating instructions to the eventually designated persons in charge or managers, with particular reference to adoption and compliance with security measures, in
order to guarantee the confidentiality and security of the data. Precisely with reference to the protection aspects of personal data, the Customer is invited, pursuant to art. 33 of the GDPR, to report any circumstances or events from which a potential "breach of personal data” (data breach) may arise to the Data Controller by sending him a communication at the addresses indicated below, in order to allow an immediate assessment and adoption of any actions aimed at countering this event.
It is understood that the Data Controller's obligation to communicate data to Public Authorities on specific request remains unaffected.
Transfer of your personal data abroad may take place if needed for management of the assignment received. For the processing of the information and data that will eventually be communicated to these subjects, the equivalent levels of protection adopted for the processing of the personal data of its employees will be required. In any case, only the data necessary for the pursuit of the intended purposes will be communicated and the regulatory instruments provided for by articles will be applied. 43 and 44 of the Code and by Chapter V of the GDPR.
Methods, logics of processing and storage times
Your data is collected and recorded in a lawful and correct manner for the purposes indicated above in compliance with the principles and requirements set out in art. 11 of the Code and 5 c 1 of the GDPR.
Processing of personal data takes place using manual, IT and telematic tools with logic strictly related to said purposes and, in any case, in order to guarantee their security and confidentiality.
Personal Data will be processed by the Data Controller for the entire duration of the assignment and also subsequently to assert or protect their rights, or rather for administrative purposes and/or to execute obligations deriving from the applicable pro tempore regulatory and regulatory framework and in compliance with specific legal obligations on data retention.
Nature of the provision
In relation to the aforementioned purposes, provision of your data is essential for the purpose of carrying out the assignment between you and the Data Controller and to allow the Data Controller to comply with the obligations provided for by the applicable regulations: in the absence of such personal data, it is impossible to establish and maintain the assignment between you and the Data Controller. We therefore inform you that the processing of personal data takes place following the provisions of art. 24 c. 1 letter b) of the Code and art. 6 c. 1 b) of the GDPR.
Rights of the interested party
In compliance, within the limits and under the conditions provided for by legislation on protection of personal data regarding the exercise of the rights of the interested parties (pursuant to Article 7 and following of Legislative Decree 196/03, pursuant to Article 12 and Article 15- 22 of the European Regulation no. 679/2016) regarding the treatments covered by this Notice, as an interested party, you have the right to request confirmation if your personal data is being processed or not, to access the personal data that concern you and, in relation to that, you have the right to request their rectification, deletion and
notification of corrections and cancellations to those whom the data may have been transmitted to by our Organization, their limitation of processing in the cases provided for by the law, the portability of the personal data - provided by you - in the cases indicated by the law, to oppose the processing of your data and, specifically, you have the right to oppose decisions concerning them if based solely on automated processing of your data, including profiling. If you believe that the treatments that concern you violate the rules of the GDPR, you have the right to lodge a complaint with the Guarantor pursuant to art. 77 of the GDPR.
If you intend to request further information on the processing of your personal data or for the possible exercise of your rights, you can contact the Data Controller in writing.
TYPE OF DATA PROCESSED ONLINE
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by their very nature could allow users to be identified through processing and association with data held by third parties. This category of data includes IP addresses or domain names of the computers used by users connecting to the website, addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct functioning. The data could be used to ascertain responsibility in case of hypothetical cybercrimes against the website.
Data voluntarily provided by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender's address, needed to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the website set up for particular services on request.
No personal user data is acquired by the site in this regard. Cookies are not used to transmit information of personal nature, nor are used persistent cookies of any kind or systems for tracing users. The use of so- called session cookies (which are not stored permanently on the user's computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow a safe browsing and an efficient website. The so-called Session cookies used on this site avoid the use of other IT techniques that are potentially prejudicial to the confidentiality of users' browsing and do not allow the acquisition of the user's personal identification data.
Optional supply of data
Apart from what specified for navigation data, the user is free to provide personal data contained in the request forms to the Data Controller for sending newsletters, informative material or other communications. Failure to provide such data may make it impossible to obtain what is requested.
Methods of processing
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.