Privacy Policy

PRIVACY POLICY STATEMENT ON THE PROCESSING OF PERSONAL AND SENSITIVE DATA OF THE CUSTOMERS WITHIN THE MEANING OF ARTICLE 13 AND FF. OF REGULATION (EU) 2016/679

Pursuant to article 13 and ff. of Regulation (EU) 2016/679 and in relation to your personal data of which the company Lupo srl VAT 11351550014, registered office in Collegno (TO) via Sassi n° 28/30, will come into possession, we provide you with the following privacy policy statement:

1. CONTROLLER AND MANAGER OF THE PROCESSING. The data controller is the company Lupo srl VAT 11351550014. Subject Responsible for the processing of data.

2. PURPOSES OF DATA PROCESSING. Your personal data may be processed, without the need for your consent, in cases where this is necessary in order to fulfill any legal obligation in the following areas, private law, tax law, anti-money laundering discipline, as well as any other European provision, rules, codes or procedures approved by the Authorities and other national competent institutions. Furthermore, your personal data may be processed in order to follow up requests from the competent administrative or judicial authorities and, more generally, from public entities in compliance with legal formalities. Your personal data will also be processed for the purposes related and/or linked to the activities which are carried out by the controller, such as the following. For those who contact us via the website or by email, for the provision of the services requested by entering data on the website, or by sending e-mails, and for the storage of data for the purpose of operational and administrative management of contacts. We remind you that, during the negotiation phase, it is not mandatory to acquire consent when the treatment is necessary to fulfill your specific requests before the conclusion of the contract. For the performance of the contractual relationship and any service which is ancillary and/or related to such contracts. In such cases, we inform you that, according to the applicable legislation regarding personal data, the acquisition of your consent is not required when the processing is necessary to fulfill obligations arising from a contract. For the management of payments (with the related processing - according to the law - of payment data, including credit card or prepaid card identification details) of the requested services and of any ancillary financial burden, in accordance with the provisions of the contract; or the fulfillment of legal, accounting, fiscal, administrative and contractual obligations related to the provision of the requested services. For the analysis and improvement of the provided services, such as the possible conduct of soundings in order to obtain suggestions from the customers. In order to supply the customer with technical assistance, when provided for in the contract. Furthermore, your personal data may be processed for the defense of a right in court or whenever it is necessary for the purpose of ascertaining, exercising or defending a right of the Controller. For soundings on the level of customer satisfaction on the quality of the provided services. For the realization of extraordinary operations and lease or sale of companies, in favor of other contractually-involved parties. The subjects who contact us via the website or via e-mail are informed on the fact that navigating and accessing the site do not require, or allow, profiling activities. In any case, all data which are acquired during the navigation are anonymously processed and may only be used without the express consent of the User for the purposes of accessing the www.lupo.it website and present the services of Lupo srl. In particular, as regards navigation data, we inform you that computer systems and software procedures that are used to operate on this website acquire, during their normal functioning, some personal data whose transmission is implicit in the use of protocols of Internet communication. Such information is not collected in order to be associated with identified data subjects but, by its very nature, could, through processing and association with data held by third parties, allow Users to be identified. This category of data includes IP addresses or domain names of the computers used by Users accessing the website, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the used method to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the User's computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct functioning. Furthermore, the data could be used to ascertain responsibility in case of hypothetical computer crimes against the website. For what concerns the voluntarily provided data of the subjects who contact us via the website or via email, we inform you that the www.lupo.it website is provided with a contact form requesting the minimum information in order to be able to contact the requesting user and only the optional, explicit and voluntary sending of the form involves the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message, in order to analyze the request and respond accordingly. Lupo srl does not disclose personal data acquired on the website to third parties for the possible sending of advertising material, commercial information, sale of products or services by foreign companies or commercial partners. In any case, specific summary information will be progressively reported or displayed on the pages of the website prepared for particular services, when necessary. Your personal data may also be processed, provided that you give your optional and separate expressed consent, for the following additional purposes functional to the activity of the Controller: market research, economic analysis and statistics; marketing of the services of the Controller, sending of advertising / informative / promotional material and participation in initiatives and offers aimed at rewarding the Customers of the Controller.

3. TRANSFER OF DATA ABROAD. Users’ personal data may be freely transferred outside the national territory to other countries in the European Union, but it could also be transferred outside the European Union. With regard to transfers outside the territory of the European Union to countries that are not considered appropriate by the European Commission, the Controller shall take suitable and appropriate security measures in order to protect the received personal data. Consequently, any transfer of data to countries outside the European Union, in any case, shall take place in compliance with suitable and appropriate guarantees for the purpose of the transfer, such as the standard data protection contractual clauses, pursuant to the applicable legal discipline and, specifically, to articles 45 and 46 of the Privacy Regulation.

4. METHODS OF PROCESSING AND RETENTION. The data processing will be carried out in an automated and / or manual way, in compliance with the provisions of art. 32 of the GDPR 2016/679 concerning security measures, by specifically appointed subjects and by external consultants, in compliance with the provisions of art. 29 GDPR 2016/679. Please note that, in compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 GDPR 2016/679, your personal data will be retained for the necessary period of time for the achievement of the purposes for which they were collected and processed, and in order to comply with the obligations and requirements of provided by law.

5. COMMUNICATION OF DATA. Personal data may be disclosed to the subjects in charge of the processing and it may be communicated - for the purposes referred to in point 2 - to other consultancy and assistance providers, to banks, to the companies of the Controller's group, to the sales network, and, more generally, to all those public and private subjects to whom communication is necessary for the correct fulfillment of the purposes indicated in point 2 or on account of legal obligations.

6. DISSEMINATION OF DATA. Personal data are not subject to disclosure.

7. CLOUD AND TELEMATICS SYSTEMS. Sensitive data may also be stored and / or used and/or sent/exchanged in online mode and the related programs (for example Dropbox, Outlook or other cloud and mailing programs), exclusively for the purposes set out in this statement.


RIGHTS OF THE DATA SUBJECT

8. RIGHT TO ACCESS PERSONAL DATA. The data subject has the right to ask the data controller to access his personal data. Upon request, the data controller provides a copy of the personal data which are being processed. In the event of further copies requested by the data subject, the data controller may charge an administrative fee based on administrative costs. If the data subject submits the request by electronic means, and unless otherwise indicated by said subject, the information is provided in a commonly used electronic format.

9. RIGHT TO RECTIFICATION. The data subject has the right to obtain the rectification of inaccurate personal data concerning him from the data Controller without undue delay. Having considered the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, also by providing a supplementary statement.

10. RIGHT TO ERASURE (RIGHT TO BE FORGOTTEN). With the exception of the cases provided for by article 17, paragraph 3 of Regulation (EU) 2016/679, the data subject has the right to obtain the deletion of personal data concerning him from the data controller without undue delay and the data controller has the obligation to erase personal data without undue delay, when one of the cases provided for in article 17, paragraph 1, of Regulation (EU) 2016/679 occurs.

11. RIGHT TO THE RESTRICTION OF PROCESSING. The data subject has the right to obtain the restriction of the processing from the data controller using one of the hypotheses provided for in article 18 of Regulation (EU) 2016/679.

12. RIGHT TO OBJECT TO THE PROCESSING. The data subject has the right to object at any time, for reasons connected with his particular situation, to the processing of his personal data pursuant to article 6, paragraph 1, letters e) or f) of Regulation (EU) 2016/679. The data controller refrains from further processing personal data unless he demonstrates the existence of binding legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subject or for the assessment, exercise or the defense of a right in court.

13. RIGHT TO DATA PORTABILITY. The data subject has the right to receive, in a structured, commonly used and automatically readable format, the personal data concerning him / her that have been given to a data controller and has the right to transmit such data to another data controller without any opposition of the data controller to whom they were given only in the cases provided by law and without prejudice to the rights and freedoms of others.

14. WITHDRAWAL OF CONSENT. If the treatment is based on article 6, paragraph 1, letter a), or on article 9, paragraph 2, letter a) of Regulation (EU) 2016/679, the data subject has the right to withdraw his consent at any time without prejudice to the lawfulness of the processing based on the consent that was given prior to the withdrawal.

15. RIGHT TO COMPLAIN. The data subject has the right to lodge a complaint with the Supervisory Authority.

16. REFUSAL TO PROVIDE DATA. Any refusal of the data subject to provide his personal data will make it impossible to fulfill the activities covered by the agreement entrusted to Lupo srl.

You can exercise your rights with a written request sent by registered mail to the registered office of the company or to the PEC address: lupo-srl@pec.it.