(Version updated at 25 May 2018)
RM Service S.r.l. (hereinafter referred to as “RM Service” and/or “the Data Controller”) is particularly attentive to the privacy aspects of those who making contact with the Data Controller by entering their personal data in the «Contacts» section on the website www.rmservicesrl.it
Therefore, through this general Policy Statement provided in full compliance with Regulation (EU) 2016/679 “Regulation on the protection of natural persons with regard to the processing of personal data and to the free movement of such data” (hereinafter referred to as the Regulation), RM Service, as Data Controller, intends fully describing the methods of management, processing and protection of provided personal data.
The Controller of the processing of data provided by the user is RM Service S.r.l. based in 24060 – Credaro (BG), Via G. Rossini n. 28, Taxpayer’s and VAT number: 03631100165, Tel. 035/4260942, Fax 035/4260939.
The data collected by the Data Controller are exclusively common data (First Name, Surname, Company, Address, Telephone/Fax, VAT number, Email address).
The legal basis for processing is the legitimate interest of the Data Controller to:
Moreover, with your explicit consent, the data provided will be processed:
The provision of personal data for the purposes referred to in par. a) is optional and aimed solely at responding to the user’s requests. Therefore, failure to provide such data will make it impossible for RM Service to respond.
The provision of personal data by the user for the purposes indicated at points b), c), d) is subject to obtaining the consent of the user him/herself. Such activities will not therefore be performed by RM Service unless it has received consent to do so pursuant to Art. 7 of the Regulation.
Processing is carried out according to principles of lawfulness, fairness and transparency and can be performed whether or not by electronic or automated means. Such processing shall include all the operations provided for in Art. 4, no. 2 of Regulation (collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of data) necessary for the processing in question, including communication to the entities listed in the following “Communication of data” section. The data will be recorded and stored in both paper and computer files, according to principles of lawfulness, fairness and transparency, with organizational systems related to the purposes of processing. Furthermore, in order to protect the data from destruction or loss (including accidental) as well as to guarantee their integrity and confidentiality (including against unauthorised access or disclosure) and in general to ensure the rights of the data subject, the Data Controller has adopted security measures of a technical and organisational nature, in compliance with the provisions of the Regulation (with particular reference to Articles 24, 32 and 35).
In the event of explicit consent, the personal data provided may be profiled by the Data Controller internally for statistical/comparative purposes only, to better manage the services offered or for the creation of commercial profiles and/or for the analysis of the preferences of registered users. The processing of personal data for profiling purposes will be performed using means and methods which are appropriate and in accordance with the requirements of the Regulation, in order to also protect the rights, freedoms and legitimate interests of the data subject.
Personal data may be communicated to persons who have been expressly authorised by the Data Controller to process the data pursuant to Art. 29 of the Regulation. The personal data collected may also be communicated to parties appointed by RM Service as Data Processors pursuant to Art. 28 of the Regulation, who operate on behalf of the Data Controller and in accordance with its instructions, but solely for activities strictly related to the purposes indicated above. It is possible to obtain an updated list of the Data Processors by contacting the Data Controller.
Personal data collected for the indicated purposes will not be disseminated.
RM Service shall process the personal data for the time required to fulfil the above-indicated purposes and in any case until any request is received from the data subject asking for such personal data to be erased.
The personal data will be stored at the headquarters of the Data Controller and in any case within the European Union.
The data subject to whom the personal data refer has the right to request and obtain, at any time, from the Data Controller, access (Art. 15 of the Regulation), rectification (Art. 16 of the Regulation) and erasure («right to be forgotten») (Art. 17 of the Regulation) of his/her personal data. The data subject also has the right to obtain the restriction of personal data processing (Art. 18 of the Regulation) as well as the right to data portability (Art. 20 of the Regulation), and the right to object, on legitimate grounds, to their processing (Art. 21 of the Regulation).
In cases where processing is based on the explicit consent of the data subject, the data subject shall have the right to withdraw his or her consent at any time. However, this withdrawal shall not affect the lawfulness of processing based on the consent before its withdrawal.
In any case, the data subject has the right to lodge a complaint with the supervisory authority, as provided for in Art. 77 of the Regulation, or to take legal action under Art. 79 of the Regulation if he/she considers that his or her rights have been infringed as a result of the processing of his or her personal data in non-compliance with the provisions of the Regulation.
The user may at any time exercise his/her rights as identified above by sending an email to email@example.com ; a fax to 035/4260939; or a registered letter with notification of receipt to: RM Service S.r.l., Via G. Rossini n. 28, 24060 – Credaro (BG).