Information on the processing of personal data pursuant to art. 13
of Regulation no. 2016/679
1. THE OWNER OF THE TREATMENT (DATA CONTROLLER)
Nidec ASI S.p.A., with registered office in via Fratelli Gracchi n. 39, 20092 – Cinisello Balsamo (MI), tel. no. 02.6445.2020, e-mail [email protected], in the person of its Legal Representative (hereinafter also “Owner”) informs you pursuant to Legislative Decree 196/2003 as amended by Legislative Decree Legislative Decree 101/2018 (hereinafter, “Privacy Code”) and of the art. 13 EU Regulation no. 2016/679 (hereinafter, “GDPR”) that your data will be processed in the manner and for the purposes identified below.
The contact details of the DPO (Data Protection Officer) are as follows: [email protected]
2. TYPE OF DATA PROCESSED
Personal and identification data pursuant to art. 4 of the GDPR, is any information relating to an identified or identifiable natural person directly or indirectly.
As part of this disclosure, we inform you that it concerns your personal data, as well as company name, address, telephone, e-mail, bank and payment references, general and specific information aimed at the correct execution of the contract and necessary for the purposes of treatment referred to in point 3.
3. PURPOSE OF THE TREATMENT and LEGAL BASIS
The collection and processing of personal data are carried out:
a) to comply with legal or regulatory obligations, including:
- obligations established by law, by a regulation, by community legislation
- respond to an official request from the public or judicial authority;
- prevention of money laundering and terrorist financing;
- fulfill tax obligations
b) to fulfill pre-contractual and contractual obligations deriving from existing relationships with you, including:
- provide information about our products and services;
- manage, in general, any dispute that may arise between us;
- assist you and respond to your requests;
- evaluate whether we can offer you a product or service and under what conditions
c) to pursue our legitimate interest, including:
- implement and develop our products and services;
- implement our risk management and defend our legal right;
- IT management, including infrastructure management, business continuity and IT security;
- establish aggregate statistics, tests and models, for research and development, to improve our risk management or in order to improve our existing products and services or create new ones.
- to promote the sale of products or services (similar or complementary to those you have already used) via your e-mail address, without prejudice to your right to object and no longer receive this type of communication;
- share, in order to protect the Group, with the other companies of the Nidec Group, also towards non-EU countries, your personal data in order to allow group administrative and fiscal control, or to respond to legal or regulatory obligations .
d) perform specific treatments based on your prior consent:
Nidec Asi Spa could carry out direct marketing activities, both through traditional methods (paper mail and telephone operators) and through automated methods (e-mail, SMS, MMS, fax, calls without operator), for sending advertising material, newsletters and communications with informative and/or promotional content in relation to the services provided and/or events promoted by Nidec Asi spa, as well as statistical and market surveys.
Your refusal to process personal data through automated methods will also be extended to all contact methods, unless otherwise specified by you.
4. ACCESS TO DATA
Your data may be made accessible for the purposes referred to in points 3a, 3b, 3c and, with your consent referred to in point 3d:
- to employees and collaborators of the Data Controller, in their capacity as persons in charge and/or internal data processors and/or system administrators;
- to third-party companies or other subjects (indicative title, credit institutes, professional firms, consultants, commercial partners, insurance companies for the provision of insurance services, surveillance and security and auditing, etc.) who carry out outsourced activities on behalf of the Owner, in their capacity as external data processors;
5. METHOD OF TREATMENT – STORAGE TIME
The processing of your data will be carried out on paper, electronically and/or automatically, in compliance with the principles set forth in art. 5 and following, and by implementing all the appropriate security measures to guarantee their correct conservation.
The data relating to the purposes referred to in points 3a, 3b, 3c will be kept for the entire duration of the contractual relationship and for the following 10 years in relation to tax or legal obligations while all the remaining data, including those relating to the purposes referred to in point 3d will be kept for 5 years from the date of termination of the purpose of the service offered. Finally, we inform you that your data will not be subject to any profiling as defined by art. 4, paragraph 1, point 4 of the GDPR.
6. SCOPE OF COMMUNICATION AND DISSEMINATION
Your personal data will not be disclosed, but those referred to in points 3a, 3b, 3c may be communicated within the Nidec Group for the pursuit of a legitimate interest of the Company for administrative, tax and internal control purposes.
In case of transmission of your data within the Nidec Group to non-EU countries, in compliance with art. 46 of the GDPR, we inform you that this will be done in compliance with the guarantees provided by the GDPR including adequacy decisions of the European Commission or contractual agreements for the protection of personal data (so-called “EU Standard Contract Clauses”).
We also inform you that personal data may be communicated, exclusively for the purposes referred to in points 3a, 3b, 3c, also to Supervisory Bodies, Judicial Authorities, to insurance companies for the provision of insurance services, as well as to those subject to which communication is mandatory by law for the accomplishment of said purposes. These subjects will process the data in their capacity as independent data controllers.
Only with your consent for the purposes referred to in point 3d to third-party companies such as business partners and event organizers.
7. TRANSFER OF PERSONAL DATA
Nidec Asi Spa, in addition to transferring non-EU data to companies belonging to the Nidec Group referred to in point 6, also relies on e-mail servers and cloud services located outside the European Union. The Data Controller hereby assures that the transfer of data outside the EU will be done in compliance with the guarantees provided, including adequacy decisions by the European Commission or contractual agreements for the protection of personal data (so-called “EU Standard Contract Clauses”).
8. NATURE OF THE PROVISION OF DATA AND CONSEQUENCES OF THE REFUSAL TO ANSWER
The provision of data for the purposes referred to in points 3a, 3b, 3c is mandatory for all that is required by legal and contractual obligations and therefore any refusal to supply them in whole or in part may make it impossible for Nidec ASI S.p.A to execute the contract. Failure to provide data for the purposes referred to in point 3d does not and will not have any consequence on the provision of services.
9. RIGHTS OF INTERESTED PARTIES
We inform you that, at any time and if the conditions are met, you can exercise the rights provided for by the GDPR using the contact details indicated in point 1 of this Information:
- request access to your personal data pursuant to art. 15 of the GDPR;
- rectify personal data pursuant to art. 16 of the GDPR;
- request the cancellation of personal data pursuant to art. 17 of the GDPR;
- request the limitation of the processing of personal data pursuant to art. 18 of the GDPR;
- exercise the right to the portability of personal data pursuant to art. 20 of the GDPR;
- exercise the right to object to the processing of personal data pursuant to art. 21 of the GDPR;
- propose a complaint to the Guarantor Authority for the protection of personal data by following the instructions on the relative web page: