Mixer S.p.A. established in via Chiara, 6/C – 48012 Villa Prati di Bagnacavallo (RA) – P.IVA: 01254160391 – C.F.: 04371460728, (hereafter “The Holder”), as the data holder, informs you that the personal data acquired, with reference to the established relationships, shall be processed in compliance with the aforementioned law. In relation to the aforementioned treatments, the following information is also provided:
DATA CONTROLLER: Mixer S.p.A. in the person of its legal pro-tempore representative, established in via Chiara, 6/C – 48012 Villa Prati di Bagnacavallo (RA) – P.IVA: 01254160391 – C.F.: 04371460728 – tel. +39 0545 47125 – e-mail firstname.lastname@example.org
EXTERNAL DATA CONTROLLERS: the data controllers list is available, upon request, at data holder headquarter.
The holder treats personal data, identification (in particular: name, surname, tax code, VAT number, email address, telephone number – hereafter, “personal data” or even “data”) you have provided during the acceptance of this information.
Your personal data are processed:
The conferment of your personal data referred to in point 2 lett. A is mandatory, therefore, any refusal could result in a failure and/or in a partial execution of the contract and/or continuation of the relationship. The conferment of your data referred to in point 2 lett. B is optional, therefore, may at any time exercise the rights referred to in point 9 letter. a), b), c), d), e), f), g), h), i).
The processing of your personal data is carried out by the operations indicated in the art. 4, n. 2 GDPR 2016/679 and more precisely: collection and registration, organization, conservation, consultation, cancellation and destruction of data. The processing of your data will be based on the principles of correctness, lawfulness and transparency and can also be carried out through automated procedures designed to store, manage and transmit them and will take place through appropriate tools, as far as reason and state of the art, to ensure safety and confidentiality through the use of appropriate procedures that avoid the risk of loss, unauthorized access, illicit use and dissemination. Your personal data are subjected to both paper and electronic processing.
The data controller will process personal data for the time necessary to fulfil the aforementioned purposes and in any case for the performance of the contract. After this deadline, the data will be destroyed or made anonymous.
The personal data processed by the data controller will not be disclosed, or will not be disclosed to indeterminate subjects, in any possible form, including that of their availability or simple consultation. Instead, they may be communicated to workers working for the data controller and to some individuals who work with them. Finally, it may be communicated to the persons entitled to access it by virtue of legal requirements, regulations and community regulations.
In particular, based on the roles and tasks performed, some workers have been entitled to process personal data, within the limits of their competences and in accordance with the instructions given to them by the holder. The access to the data and/or the portability request will be fulfilled within the maximum term of 30 days, except for impediments and/or complexity in the execution. For the release of further copies of the personal data being processed, a fee will be charged based on the administrative costs incurred.
Even without your express consent pursuant to art. ex art. 6 lett. b) – c) and art. 13 lett. e) GDPR 679/2016, the data controller may communicate your data for the purposes indicated to supervisory bodies, judicial authorities, as well as to all other subjects, to whom communication is mandatory by law.
The management and storage of personal data will be carried out on servers located within the European Union belonging to the holder and/or to third-party companies commissioned and duly appointed as data controller. The data will not be transferred outside the European Union. In any case, it is understood that the data controller, where necessary, will have the right to move the server location to Italy and/or the European Union and/or non-EU countries. In this case, the data controller hereby ensures that the transfer of non-EU data will take place in accordance with the applicable legal provisions.
As an interested party, you are the owner of the rights referred to in art. 15 and ss. of the GDPR 2016/679 and precisely the right:
In case of violation of personal data – to be understood as a breach of security that involves accidentally or in an unlawful manner the destruction, loss, modification, unauthorized disclosure or access to personal data transmitted, stored or otherwise processed – in which the risk for the rights and freedoms of persons is to be considered probable and/or high, the data controller will notify the Privacy Guarantor without delay and in any case no later than 72 hours, giving a description of the nature of the data breach, including the number of data subjects and the categories of data concerned. The name and address of the DPO will also be indicated.
You may exercise, at any time, the above rights by sending: