Privacy Policy

Contact Form Notice (Article 13, EU Regulation No. 2016/679)

In compliance with EU Regulation 2016/679 ("GDPR") concerning the processing of personal data and its free circulation, as well as with Legislative Decree 196/2003 and subsequent amendments ("Privacy Code"), we inform you, as a "Data Subject," regarding the management of personal data undertaken by Our Organization in respect to the principles of data protection.

WHO WE ARE

DATA CONTROLLER: PAUL S.P.A
Registered Office: Via Arceviese, 148 - Fraz. Pianello 60010 OSTRA (AN)
VAT/ Tax ID: 00896360427
Phone/ Fax: Phone 071688300 - Fax 071688595
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Website: www.paul.it

WHY WE PROCESS YOUR DATA (Purpose and Legal Basis)
We process your data to undertake activities arising from your requests, specifically for pre-contractual activities, to carry out operations related to contract execution, to fulfill legal obligations derived from civil, tax, accounting laws, as well as to enable effective administrative management and consequent financial and commercial relationships. Additionally, data may be processed for assessing the quality of provided services, complaint management, and finally to respond to information requests submitted. We may also process your contact details for promotional activities or communications related to the direct sale of products and services similar to those already provided; for communications for promotional purposes for other products and services, explicit consent will be requested. In the event that there is a need to pursue further processing purposes of your data not indicated in this notice, we will take care to inform you in advance about the new predefined methods. 

WHAT WE DO WITH YOUR DATA (Data Categories, Necessary Requirement)
We primarily request and process only personal data classified as "common". The provision of certain personal data (appropriately specified at the request stage) is mandatory to enjoy the services offered by Our Organization, therefore, in their absence, we might not be able to follow up on your request, provide adequate service, execute it within the requested times, or it could lead to partial or complete non-execution of the entrusted activity. Within Our organization, direct contact data (telephone number, email, contact details, etc.), possibly also referring to your employees and collaborators, as well as specific company data always related to the contract between the parties, may be collected and cataloged to improve related company references. Other data, however, are optional, consequently their non-provision could prevent the supply of additional services, not essential for the continuation of the relationship.

HOW WE PROCESS YOUR DATA AND WITH WHAT MEANS (Processing Methods)
Your personal data will be processed by Our Organization with paper and digital tools. Only personnel authorized by the Data Controller will have access to carry out processing operations or system maintenance. We adopt all the technical and organizational measures useful to prevent unauthorized access, disclosure, alteration, or destruction problems. These measures are reported within Our privacy management system, which allows maintaining constant monitoring of protection towards processed data and continuous adaptation of procedures based on the evolution of the business reality. We also specify that we do not use automated decision-making processes within Our Organization, including profiling, which produce legal effects concerning you and/or significantly affect you.

TO WHOM WE COMMUNICATE YOUR DATA (Communication to Third Parties and Categories of Recipients)
The data is processed at the legal and operational headquarters of the Data Controller and in any other place where the parties involved in the processing may be located. Your personal data may be communicated to public bodies and institutions in order to comply with obligations established by laws and regulations, as well as to external companies that perform activities outsourced on behalf of the Controller, in their capacity as data processors. 

 

Contact Form Notice (Article 13, EU Regulation No. 2016/679)

These responsible parties have been previously accredited and authorized by us, and will handle the data exclusively for the purposes described above and for objectives related to the contractual relationship established between the parties. All those responsible for processing with authorized access to personal data have been individually identified within Our management system, and have received suitable instructions to ensure the rights of the interested parties, in addition to being subject to confidentiality obligations. The complete and updated list of processors can always be requested from the Controller using the methods indicated in this notice. Your data will not be transferred to third countries outside the European Union with data protection regulations not aligned with EU Regulation 2016/679. We also specify that your data will not be subject to any dissemination by Us to unauthorized third parties for purposes other than those stated in this notice.

HOW LONG WE KEEP YOUR DATA (Retention Period)
We will process your data for the time necessary to achieve the indicated purposes and will be kept for the entire duration of the contractual relationship. They may also be maintained after the termination of the relationship for the entire duration necessary for the extinction of contractually undertaken obligations and to carry out the related compliances provided by the current legislative norms. Data used for business promotion activities may be processed until you exercise your right of opposition. At the end of the prescribed period, the data will be destroyed, returned, or processed while ensuring respect for the principles relating to data protection, ensuring adequate technical and organizational security measures.

WHAT ARE YOUR RIGHTS
We guarantee you all the rights of the Data Subject provided by EU Regulation 2016/679. At any time you can directly request the Data Controller to access, rectify, delete or limit the data concerning you. In the cases provided, we guarantee the right to data portability and, therefore, at any time you can request a digital copy of the data or automatic transfer to other entities. You can also object or revoke the consent initially provided or during subsequent communications. Your right to lodge a complaint with the Data Protection Authority remains safeguarded if you believe Our processing methods are non-compliant.

HOW YOU CAN EXERCISE YOUR RIGHTS
To follow up on your rights or to request more information regarding the processing of your personal data, we invite you to contact the Data Controller, so we can verify the legal prerequisites together and respond to your requests as quickly and comprehensively as possible. Alternatively, you can send a request using the "Request Form for Exercise of Data Subject's Rights" provided by the Data Controller on the Organization's website.

UPDATES
This Notice is the instrument provided by EU Regulation 2016/679 to apply the principle of transparency and facilitate you (the Data Subject) in managing the information we process concerning you. As the processing methods, national or European legislation change, the Notice may be revised and supplemented. In case of significant changes or variations in the purposes of processing, you will be given prior notice through the communication tools of the Organization.

PAUL S.P.A.
Data Controller