PRIVACY POLICY PURSUANT TO ARTICLE 13 OF REGULATION EU NO. 679/2016 FOR THE PROCESSING OF PERSONAL DATA OF CUSTOMERS AND SUPPLIERS
1. WHO THE DATA CONTROLLER IS AND HOW YOU CAN CONTACT IT
The Data Controller for which this privacy policy is provided is Endura S.p.a., with registered office in Viale Pietro Pietramellara 5, 40121 Bologna (BO), VAT no. 02156320372 (hereinafter more simply “Data Controller“), in the person of its legal representative pro tempore. The email address you can write to for any requests regarding this processing is privacy@endura.it.
2. WHY YOU ARE RECEIVING THIS POLICY AND WHAT DATA WE PROCESS
You are receiving this privacy policy because you are one of our customers. As part of the management of the contract we have enter into, we process some of your personal data, specifically data that the GDPR defines as COMMON (i.e. personal information, contact details, payment information, email address).
3. WHAT THE LAW ALLOWS US TO DO
The GDPR and Italian Legislative Decree no. 196/2003 (“Privacy Code”), as amended by Italian Legislative Decree no. 101/2018, allow us to process your personal data as specified in the previous article, sometimes without the need for your express consent, sometimes with your prior consent. More specifically, we process:
a) Your common data (see Article 2.a) without your consent, pursuant to Article 6, letter b, of the GDPR (application of contractual or precontractual measures) as well as to fulfil legal obligations (such as issuing invoices), pursuant to Article 6, letter c, of the GDPR.
4. COULD WE PROCEED WITHOUT THESE DATA?
It depends. Without the data set out under 3.a, we will not be able to enter into a contract with you.
5. WHO CAN ACCESS YOUR DATA
To enable us to achieve our processing purposes (Article 2) we may allow other parties to access your data. These parties are carefully chosen for their reliability, and when necessary are instructed on how to protect your data. Some examples include our external collaborators (consultants, third-party companies that help us with customer management) and our appointees (contractors and/or employees). Your data will never be disseminated.
6. WHERE YOUR DATA ARE STORED
Your personal data are stored within the European Union.
7. HOW LONG WE STORE YOUR DATA
Your data under 3.a are kept for administrative and accounting purposes for 10 years from the time of collection (pursuant to Article 2220 of the Italian Civil Code).
8. YOUR RIGHTS
The GDPR guarantees you specific protections by recognising your rights as outlined in Articles 15 and following of European Regulation 679/2016 (GDPR). For instance, you can request the erasure or alteration of or access to your personal data. To get a complete picture of what your rights are, you can consult the Regulation. If you wish to exercise one or more of your rights, you can write to the contact of the Data Controller mentioned in Article 1.
9. RIGHT TO LODGE A COMPLAINT WITH THE PRIVACY AUTHORITY
If you feel that the processing violates your rights in any way, you may lodge a complaint with the Italian Personal Data Protection Authority, as envisaged in Article 77 of the GDPR, following the instructions on the website www.garanteprivacy.it.