PRIVACY POLICY

Notice to data subjects on the processing of personal data (art. 13 GDPR 2016/679)

1. REASON FOR THIS NOTICE

This page describes the processing carried out by our company on personal data relating to any type of data subject. The purpose is to illustrate the corporate policy implemented to guarantee compliance with the provisions of GDPR 2016/679 L.D. 196/2003, relevant national measures, guidelines issued by the European Data Protection Board as well as EC directives on the protection of the data of natural persons. It is intended to provide information pursuant to Article 13 of Regulation (EU) 2016/679 (GDPR) to those who enter into any form of relationship with our company, which is represented by the following web address:

https://www.scuderiadeadamich.it

The Privacy Policy of this website does not refer to other processing carried out or described as a result of browsing internet sites through links that may be present in the above mentioned website.

2. DATA CONTROLLER

The Data Controller is Scuderia de Adamich S.p.A., registered office in Loc. Autodromo 43040 – Varano de’ Melegari (PR).

3. TYPES OF DATA PROCESSED
3.1 DATA FOR DATA FOR CONTACT REQUEST

The personal data provided by the interested data subjects by voluntarily entering email addresses in the online form, will be processed only to respond to information requests that the Data Controller has received through the compilation of the contact forum.

Purpose and legal basis for processing
(GDPR – Art.13, par. 1, c)
These data are used only to respond to information requests that the Data Controller has received through the compilation of the contact forum.
Scope of communication
(GDPR – Art.13, par. 1, e,f)

Your data will be processed only by internal staff who have been duly authorized and trained for processing (GDPR, Art.29) and they will not be disclosed to external persons, disseminated or transferred to non-EU countries.

With the exception of disclosure to authority for judicial investigations.

Processing methods
(GDPR C. 39)

Your personal data will be processed by automated systems.

Specific security measures have been deployed in order to prevent the loss of, unlawful or unfair use of, or unauthorised access to the data,

Retention period
(GDPR – Art.13, par. 2, a)
Data are normally stored for short periods of time, as strictly needed for fulfilling contractual or regulatory obligations.
Transfer
(GDPR – Art.13, par. 2, f)
The data is provided by the data subjects on an optional basis.
Legal basis
(GDPR – Art.6, par. 1).
Processing is necessary for to answer to information request. For this reasons the consent is required through the compilation of the contact forum.

3.2 DATA FOR CLIENT COMPANIES, SUPPLIER COMPANIES, CONSORTIUM MEMBERS AND ASSOCIATES.

The personal data provided by the above data subjects or collected during the performance of contract-related activities, derive from the need to carry out the activities organized by the parties.

Purpose and legal basis for processing
(GDPR – Art.13, par. 1, c)

Data is collected and used in order to:

– enter into contractual/professional relationships;
– fulfil pre-contractual, contractual and tax-related obligations deriving from existing relationships, as well as to manage the associated communications;
– comply with legal obligations, regulations, EU standards or with the orders of the Authority;
– exercise a legitimate interest or right of the Data Controller (e.g. the right to defence in Court, the protection of credit positions; ordinary internal requirements in the areas of operations, management and accounting).

Scope of communication
(GDPR – Art.13, par. 1, e,f)
Your data will be processed only by internal staff who have been duly authorized and trained for processing (GDPR, Art.29) and they will not be disclosed to external persons, disseminated or transferred to non-EU countries.
Processing methods
(GDPR C. 39)

Your personal data will be processed by automated systems and on paper.

Specific security measures have been deployed in order to prevent the loss of, unlawful or unfair use of, or unauthorised access to the data,

Retention period
(GDPR – Art.13, par. 2, a)
Data are normally stored for short periods of time, as strictly needed for fulfilling contractual or regulatory obligations.
Transfer
(GDPR – Art.13, par. 2, f)
They are requested by our company for the purposes indicated.
Legal basis
(GDPR – Art.6, par. 1).
Processing is necessary for entering into contractual relationships and therefore consent is not required.

 3.3 BROWSING DATA

The information systems and software procedures required for the proper functioning of this site acquire, during normal operation, some personal data the transmission of which is implicit in the use of internet communication protocols. These data are not collected in order to be associated with identified data subjects, but, by their very nature, could, by being processed and associated with data held by third parties, make it possible to identify users. This category of data includes IP addresses or domain names of the computers used by the users that connect to the website, URI (Uniform Resource Identifier) addresses of the resources requested, request time, method used to submit the request to the server, size of the response file, numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters regarding the operating system and the user’s IT environment.

Purpose and legal basis for processing
(GDPR – Art.13, par. 1, c)
These data are used only to obtain anonymous statistical information on website use and to check that is functioning properly. They are erased immediately after being processed. The data may be used to ascertain liability in the event that any cybercrime against the website.
Scope of communication
(GDPR – Art.13, par. 1, e,f)
Your data will be processed only by internal staff who have been duly authorized and trained for processing and will not be disclosed to external persons, disseminated or transferred to non-EU countries. They may be disclosed to competent authorities only in the event of an investigation.
Processing methods
(GDPR C. 39)

Your personal data will be processed by automated systems.

Specific security measures have been deployed in order to prevent the loss of, unlawful or unfair use of, or unauthorised access to the data,

Retention period
(GDPR – Art.13, par. 2, a)
Data are normally retained for brief periods of time, except for possible extensions connected with investigation activities.
Transfer
(GDPR – Art.13, par. 2, f)
Data are collected automatically from data subjects and for the above-mentioned purposes
Legal basis
(GDPR – Art.6, par. 1).
Processing is necessary for fulfilling a legal obligation and therefore consent is not required.

3.4 COOKIES

The description of the type of cookies used, their management and purpose are contained in the paragraph “Cookie Policy” in the document published on this website.

4. RIGHTS OF THE DATA SUBJECT (GDPR Articles 15–22)

At any time, the data subject may exercise the right to:

  • ask for confirmation of the existence or otherwise of their personal data;
  • obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated, and, where possible, the period of time for which the data will be stored;
  • obtain the rectification or erasure of the data;
  • Obtain restriction of processing.
  • Obtain data portability, i.e. receive them from one data controller, in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance.
  • Object to the processing at any time, including in the case of processing for direct marketing purposes.
  • The right to object to an automated decision-making process relating to individuals, including profiling;
  • file a claim with the Italian Data Protection Supervisor.

Requests must be sent to the Data Controller by writing to privacy@scuderiadeadamich.it

Every effort will be made to make the functions of this site as interoperable as possible with automatic privacy control mechanisms available in some of the products utilised by users.

5. DATA PROTECTION OFFICER

A Data Protection Officer (DPO) has not been identified as the author does not carry out processing of the data of natural persons falling within the definition of Article 37 of European Regulation GDPR 2016/679.

This “Privacy Policy” for this website and will be subject to updates.