PRIVACY STATEMENT PURSUANT TO ARTICLES 13-14 OF THE EU REGULATION 2016/679
As mentioned above, the processing of data will be based on principles of lawfulness, fairness, transparency, and protection of your privacy and rights.
AKA DESIGN SRL, with registered office at Via Mazzini, 1 20030 Senago (MI) Italy, as data controller, informs you that following art. 13 and 14 of GDPR, your personal data will be processed in the following ways and for the following purpose(s):
1. OBJECT OF THE TREATMENT
The Data Controller, processes identifying and non-sensitive personal data (such as name, surname, e-mail address, telephone number, mobile number) – afterwards, “Personal data” or even “data”) communicated to him/her by you.
2. PURPOSE OF TREATMENT
The processing of your data has as its legal basis the implementation of the contract (letter a.) and the legitimate interest of the Data Controller (letters c. and d.):
a) for the management of the service agreement and the pre-contractual communications between the user and the Owner;
b) to fulfill the obligations required by law, by a regulation, by EU legislation or by an order of the Authority;
c) to exercise the rights of the owner, for example the right to defense in court.
3. DATA PROCESSING PROCEDURE
The processing of your personal data is carried out by means of the operation indicated in art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subjected to both paper and electronic and/ or automated processing.
4. DATA ACCESS
Data will be made accessible for the purposes listed under 2 above, to employees and consultants of Aka Design’s company, as appointed operators and/or system administrators.
5. DATA TRANSMISSION
Your Data may be transmitted to Data Processors appointed by the Controller. We inform you that all collected Data will not be subject to communication unless upon your explicit consent, except for the necessary communications to public bodies, consultants, or other processors to whom the transmission of Your Data is mandatory.
6. DATA TRANSFER
The management and conservation of Data will be implemented by means of the servers that are located in the Controller’s and/or Processors’ head offices.
The data will not be transferred outside the European Union. It is understood that the Controller, if needed, at its own discretion, may move the company server to another location. In such cases, the Controller will guarantee the Data transfer will be performed according to the regulation in force.
7. DATA DISSEMINATION. DATA SUBJECT PROFILING.
Your personal Data are not subject to dissemination. Your personal data are not subject to profiling.
8. RIGHTS OF THE DATA SUBJECT
The Regulation grants Data subjects certain rights, including the rights to:
a) obtain confirmation that a Data treatment of his personal data is in place, and get to access such Data (art. 15 GDPR);
b) obtain the correction of inaccurate personal data (art. 16 GDPR);
c) obtain erasure of any personal data referring to him/her, following the “right to be forgotten” (art. 17 GDPR);
d) obtain the limitation of Data treatment by the Controller (art. 18 GDPR);
e) receive the personal data in a structured, legible and understandable way, as well as to have the right to transmit those data to another controller without hindrance from the Controller (art. 20 GDPR);
f) object at any time to processing of personal data concerning him/her (art. 21 GDPR).
You can at any time revoke the consent you gave to the Controller, without such revocation affecting Data processing that has already been put in place by the Controller.
9. HOW TO EXERCISE YOUR RIGHTS
You can at any time exercise your rights by sending a written request addressed either to the Controller’s head office, or to the email address email@example.com.
10. UNDERAGE DATA SUBJECT
The Controller does not intentionally collect underage persons’ personal data. In case such data are somehow stored, the Controller will promptly delete them, upon request.
11. DATA PROCESSING DURATION
We underline that, following the principles of lawfulness, limitation of purposes and minimization of Data, according to art. 5 GDPR, the collected data will be stored for a period of time not exceeding the achievement of the purposes for which they are processed or on the basis of the deadlines set by the law. The verification of the obsolescence of the stored data, in relation to the purposes for which they were collected, is carried out periodically.
12. RIGHT TO FILE A PETITION IN FRONT OF A CONTROL AUTHORITY
You have the right to file a petition in front of a control authority (o supervisory authority) at any time, (for Italy the Privacy Guarantor is https://www.garanteprivacy.it) if you believe that the processing of Your data has not been managed appropriately; data subjects have the right to file a petition in front of their national control authority, or the control authority of the Country where they work, or the Country where the violation of their right has taken place.
13.CONTROLLER, PROCESSORS, APPOINTED OPERATORS
The Data Controller is AKA DESIGN SRL. The updated list of Processors and appointed Operators is stored at the Controller’s legal seat.