Data processing, whether acquired via phone, email, electronic forms, or other means, complies with the provisions of the European Regulation 2016/679 concerning the protection of individuals with regard to the processing of personal data.
Subject of Processing
We process personal identification data (e.g., name, surname, company name, address, telephone, email, banking and payment details, etc.) provided by you.
The optional, explicit, and voluntary sending of emails to our email addresses results in the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
Purposes of Processing
Your personal data is processed for the following Service Purposes:
a) without your express consent (art. 24 letters a), b), c) of the Privacy Code and art. 6 letters b), e) of the GDPR) for the following Service Purposes:
- providing the requested services;
- concluding contracts for the services of the Data Controller;
- fulfilling pre-contractual, contractual, and tax obligations arising from relationships with you;
- fulfilling obligations required by law, regulations, EU legislation, or an order from the Authority (such as in anti-money laundering matters);
- exercising the rights of the Data Controller, such as the right of defense in court;
b) Only with your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR) for sending informational materials, such as: sending you emails, mail, SMS, phone contacts, newsletters, communications.
Processing Methods
The processing of your personal data is carried out by means of the operations indicated in art. 4 of the Privacy Code and art. 4 no. 2) of the GDPR and precisely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure, and destruction of data. Your personal data is subject to processing in both paper and electronic and/or automated form.
The data you provide will not be disclosed to third parties, unless it is necessary to provide the requested services or to fulfill legal obligations.
Data Transfer Abroad
Personal data is stored on servers located within and outside the European Union. The Data Controller ensures that the transfer of data outside the EU is carried out in compliance with applicable legal provisions and that the suppliers have committed to complying with European regulations.
Rights of the Data Subject
As a data subject, you have the rights provided for in art. 7 of the Privacy Code and art. 15 of the GDPR, specifically the rights to:
i. obtain confirmation of the existence or non-existence of personal data concerning you, even if not yet recorded, and their communication in intelligible form;
ii. obtain:
a) the origin of personal data;
b) the purposes and methods of processing;
c) the logic applied in case of processing carried out with the aid of electronic instruments;
d) the identification details of the Data Controller, Data Processors, and the designated representative in accordance with art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1 of the GDPR;
e) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of it as designated representatives within the State's territory, Data Processors or persons in charge of processing;
iii. obtain:
a) the updating, rectification, or, when interested, integration of data;
b) the erasure, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data was collected or subsequently processed;
c) certification that the operations referred to in letters a) and b) have been made known, including with regard to their content, to those to whom the data has been communicated or disclosed, except when this requirement proves impossible or involves a disproportionate use of resources compared to the right being protected;
iv. object, in whole or in part:
a) for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of collection;
b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, using automated call systems without an operator, by email and/or traditional marketing methods via telephone and/or paper mail. It is noted that the data subject's right of opposition, set out in point b), to direct marketing purposes using automated methods extends to traditional methods, and that in any case, the data subject has the right to exercise the right of opposition in whole or in part. Therefore, the data subject may decide to receive only communications using traditional methods or only automated communications, or none of the two types of communication. Where applicable, you also have the rights provided for in articles 16-21 of the GDPR (Right to rectification, right to be forgotten, right to restriction of processing, right to data portability, right to object), as well as the right to lodge a complaint with the Supervisory Authority.
Exercise of Rights
You may exercise your rights at any time by sending:
- an email to the address info@zatanet.it
Data Controller, Data Processors, and Persons in Charge
The Data Controller is ZataCom srls, Via Tito Speri 80, 41125 Modena (MO).
An updated list of Data Processors and Persons in Charge of processing is kept at the Data Controller's registered office.