Privacy

wanma.it RAF s.r.l. IT09099541212..

Information on the protection of personal data

Raf s.r.l. based in Casandrino NA Viale tavernola, 8, 8, is constantly committed to adopting technical and organizational solutions aimed at guaranteeing high standards of lawfulness, security and protection in the processing of personal data. To this end, the requirements of the General Data Protection Regulation of the European Union below in the text are implementedo “GDPR acronym forGeneral Data Protection Regulation) and other legal provisions, including, in particular, those of the Code regarding the protection of personal data below “Privacy Code” or“Code“).

1.Who is the data controller?
Raf s.r.l. based in Casandrino NA Viale Tavernola, 8 8 (below in the text“Raf s.r.l.” or“we“), is the data controller of your personal data in accordance with the GDPR and the Code..
For the preparation of estimates, orders, delivery and sale of goods or services, for the provision of assistance services, for the stipulation of the contract below in the text of operations and to execute the same, Raf s.r.l. will process certain personal data for the purposes indicated in this data protection statement.dati.
2.What data we process?
Personal data means any type of information relating to a natural person identified or identifiable below “Data“). As part of the preparation of the operations, the conclusion and execution of the contract between you and Raf s.r.l., we process your personal data within the limits of what is permitted by law, especially taking into account the principle of data minimization. This concerns in particular the following information:i:

  • Data fromShe provided:

in requesting and receiving a quote, in ordering material or services from us, in entering into a contract below “Contract”), or during the execution of this Agreement, you will have to provide us with some information. Depending on the type of operations you request from us, you may provide us with the following information, the list below is not intended to be exhaustive, but is given only by way of example: your name and surname, your contact details including address, telephone number and mailbox. e-mail, profession, balance sheet or income data, date and place of birth, current account data, VAT number, tax code, information about your company. The provision of such information is a necessary requirement for the conclusion of the Contract with Raf s.r.l .; failure to communicate such data may make it impossible for us to conclude the Contract and make it impossible for us to provide the related services and products.rodotti.

  • Data collected by third parties:
    under the phase initial of the Agreement we will also useData personalthat they may be provided to us by third parties. These Data include, for example, a series of data from public and private creditworthiness assessment databases such as, the SIC credit information systems, and other third parties and databases such as the SCIPAFI public fraud prevention system from theft do d’identity.
    In this context, we will treat in particular the following categories of personal data:

     

    • information relating to your creditworthiness, including insolvencies of any kind with respect to other contracts known to the aforementioned databases;
    • information provided to the aforementioned databases by other banks, such as for example other existing banking and / or financial relationships;
    • information used to identify related customer groups, such as interests in companies or ownership relationships;;
    • information used to defend against administrative offenses. This information is necessary in order to process your request; failing this, the request may not be executed.
  • C.particular ategories of personal data:

special categories of personal data are informationthat reveal your ethnic or racial origin, theIts political opinions, your religious or philosophical beliefs, or union membership, as well as genetic data, biometric data aimed at uniquely identifying a natural person, data on health or on the sexual life and on the sexual orientation of the person. As a rule, we do not collect or process particular categories of personal data. If, in specific cases, we have to process particular categories of personal data, for example during computer investigations on possible data breaches, in order to achieve the purposes indicated below, we will always process this data in accordance with the provisions of the law and the requirements indicated in this data protection information.ati.

3.On what legal bases we will process your data?
We will only process your Data where permitted by applicable legal provisions. Specifically, we will process your data on the basis of art. 6 and 9 GDPR and on the basis of consent pursuant to art. 7 GDPR, as well as in compliance with the corresponding rules of the Code::

  • Consent art. 61 paragraph 1a, art. 7 GDPR, and, if applicable, art. 92 to:(2) (a): we will process certain Data only in the presence of your preliminary, free and express consent. You have the right to revoke the consent given at any time with effect for the future.
  • Execution of a contract or pre-contractual measures art61 paragraph 1b GDPR:GDPR):in order tostipulate your Contract with Raf s.r.l. and to execute it, we need to have access to certain Data.
  • Compliance with a legal obligation art. 61 paragraph 1c GDPR:DPR): Raf s.r.l. is subject to a number of regulatory requirements. In order to ensure compliance with these requirements, we need to process certain data.
  • Protection of legitimate interests art. 61 paragraph 1f GDPR:DPR): Raf s.r.l. will process certain data in order to protect its interests, or the interests of third parties. This, however, only applies if, in the specific case, your interests do not prevail.

4.For what purposes we will process your data?

We will process your data exclusively for the purposes permitted by the data protection legislation and in particular:
1 purposes previously approved by you;;

2 processing of data in order to execute our Contract;;

3 execution of pre-contractual measuresi

4 fulfillment of the legal obligations to which we are subject, including legal obligations and provisions established by the competent authoritiesti)

5 safeguarding our legitimate interests or the legitimate interests of third parties, unless your interests prevail over themi

6 exercise of our rights and fulfillment of our obligations under the lawgi

7 assessment, exercise or defense of a right or legal claime

8 marketing and advertising, in particular direct and indirect marketing activities..


Among other things, we will process your data for the specific purposes set out below. Please note that this is not a complete and exhaustive list of individual purposes, but only a series of examples intended to illustrate the above purposes.


4.1Purposeto of treatmentrelative to the Agreement
We must process your data above all to execute the contract entered into with you. As part of the Contract, we will process your Data in particular to carry out the following tasks / activities::

    1. Formulation of estimates: al in order to formulate one or more estimates that you can evaluate on the basis of the services requested by you, we need to process some of your personal data.
 
    1. Decision on the conclusion of the Contract:in order to decide whether to enter into a Contract with you, and possibly under what conditions, we must examine and process the Data concerning you,
 
  1. Contact you in connection with the Agreement:as part of the initial phase of the pre-contractual and contractual relationship and for the entire duration of the Agreement, there may be an opportunity or need to contact you for reasons related to your Service Agreement. For this, we need your personal information.i.
  2. Contract Management:the contract management activities include the management, modification, execution and updating of what is established therein and of our agreements in general. In this context, we will process your personal data and information concerning the latter..

  3. Customer care:to offer you a valid customer service, we will regularly process your data, in order, for example, to give you comprehensive advice. For the sole purpose of improving the quality of the processescustomer careand staff training, moreover, we may process the personal data collected through the sample recording of telephone calls, in compliance with the privacy legislation and the requirements of the Guarantor for the protection of personal data.

  4. Debt collection:as part of the payment agreements, we have the right to carry out activities aimed at recovering credits, pursuant to the Agreements entered into with you. For the performance of these activities we will process your data, in particular in the presence of debts to be paid..

Management of claims for damages:in the event of a claim for any reason from you or from us we will process your data.

Contract termination management:we will also process your data if the contract with you is terminated, with or without notice. During this process, we may also contact you to discuss the terms of the contract termination.

    1. Collaboration with suppliersaffiliates and third parties:in the context of the signing of the Contract, the management of the Contract and customer service, Raf will collaborate, as the case may be, with trusted suppliers, technical personnel, service companies, which provide all the services within its competence. In order to ensure optimal customer service, as part of this collaboration Raf s.r.l. sharertowith the aforementioned subjects the necessary data
 
  1. Transfer to third parties during the execution of the Agreement:: Raf s.r.l. may transfer the processed data and its own archives also of third parties, as part of the execution of a contract, always in compliance with the rules summarized here and in compliance with the laws and the GDPR itself.o.

4.2Purposeto of treatment subject to consent
In some cases, we only process your data if you have given your consent to do so.

to Market research, possibly based on activity profiling:we conduct market research regarding the interests of our customers in order to offer them interesting and targeted offers. For these activities, however, we may also process your personal data in an anonymous and aggregate form.

    •  Advertising and marketing:if you have previously given your consent to this effect, we will process your data to inform you of any offer that may interest you and we will contact you using the communication channels authorized by you.
 
  • Creation of Customer Profiles for purposes of marketing:we process personal data to create customer profiles through the use of statistical methods. Based on the customer profile thus obtained, you may receive communications for you of interest, such as, by way of example, personalized invitations to events or gifts related to particular occasions.i.

4.3Purposeto of treatment to comply with legal obligations
We are subject to various legal obligations. Where necessary, we will process your Personal Data to ensure compliance with these obligations.

  • Management ofcomplianceinternal:compliance means compliance with any rule or legal provision that we intend and must comply with.
  • Purposetodata security:Data security represents a relevant legal obligation. If necessary, we will also process your data as part of the measures necessary to evaluate and ensure data security, for example by simulating a cyber-attack..
  • Preventive measures, legal obligations and legal defense:Raf s.r.l. is subject to compliance with numerous legal obligations, for example in the field of IT security such as the communication of local cyber attacks to its systems and / or in server farms.We will process your data to the extent necessary to comply with these obligations, and we may forward your data to competent authorities, in case of legal obligations regarding communication. We may also process your data in the event of a legal dispute, if this is required.o.

  • As part of the prevention of computer fraud: If in the context of the execution of your orders and / or contract we find violations originating from your systems, your data will not be disclosed, but may be communicated to the Authorities and to the Supervisory and Control Bodies and / or used in court.a.
  • Purposetoadministrative, accounting and fiscal: Raf s.r.l. will also process your data to manage your contract for administrative, accounting and tax purposes.

4.4Purposeto of processing based on legitimate interests

We process part of your data in order to safeguard the legitimate interests of Raf s.r.l., unless your interests prevail over the latter.

  • Business intelligence and reporting:in order to continuously improve our products and services, we conduct certain automatic analyzes, based on the information relating to the contract, and draw up the respective reports. Based on these analyzes, we develop new products or measures to improve, for example, customer-related programs, software, cybersecurity testing and improvement services. As a rule, we prepare the above analyzes and reports in an anonymized and aggregated form.
  • Fraud prevention:the processing of the Data strictly necessary in order to prevent computer fraud coming from its systems as part of the execution of the contract with you.i.
  1. Automated data processing operations
    Your data may also be subject to an automated decision-making process, this concerns in particular the assessments conducted by Raf s.r.l. aimed at ascertaining the vulnerability of its IT systems.
  1. How long we will keep your data?

In accordance all art. 5, co. 1, lett. and of the GDPR, we will keep your data only for the time necessary to process them for the purposestà for which they are treated. If we process the Data for multiple purposes, they will be automatically deleted or saved in a format that does not allow us to reach any direct conclusion in relation to your identity, as soon as the last purposeà specific will be been fulfilled. So that all your data are deleted or made anonymous in line with the principle of data minimization and in compliance all art. 5, co. 1, lett. and of the GDPR, Raf s.r.l. has developed an internal cancellation program. The basic principles according to which your Personal Data is deleted under this program are described below. In general, in accordance with the provisions regarding the obligations to keep documents for accounting purposes and the general rules relating to the ordinary limitation period for contractual actions, we will delete the Data relating to the contractual relationship after the ten-year term provided for by law.e.

  1. How your data is protected?

We will process your personal data on the basis of the security obligations relating to data processing pursuant to art. 32 GDPR. In order to guarantee an adequate level of data protection aimed at limiting the risk of using the same in an improper or illicit way, technical and organizational measures have been implemented that comply with internationally recognized IT standards, these measures are constantly subject to verification. ..

  1. Who we will share your data with?

We will share your data, if necessary for the execution of the contract, with third parties external to Raf s.r.l. for the purposes indicated in this data protection declaration. We will always take measures when communicating and transferring your dataadequate to guaranteethat your data are processed, protected and transferred in accordance with the applicable legal provisions. L’updated list of third parties identified as independent owners ee “responsible” is available at the headquarters of Raf s.r.l. Indicated above. A copy of this list may be provided upon written request to Raf s.r.l.

8.1Transfer of data

Your personal data, in general, remain within the scope of Raf s.r.l., where possible. In this respect, we also adhere to the data economy principle. However, Raf s.r.l. you may have to transfer your data to other companies that host such data on their systems. Such data transfer could, for example, take place in the following circumstances and for the purposes described below::

    • In cases where you have given us your prior consent to share your data with other companies
 
  • As part of the services that are provided to you as a customer. 
  • professional consultancy and assistance.

Raf s.r.l. designertosuch third parties as Data Processors, in the event that the relative conditions exist, and in any case will bind such third parties to maintain confidentiality in relation to your data. In accordance with the obligations established by the legislation on data protection, Raf s.r.l. has concluded agreements with third parties to which Raf s.r.l. will be able to transfer your data.

8.6Transfer of data to countries outside the European Uniona

As a rule, your data are processed within European Union countries.. If, in the context of the data processing procedures described in point 8 above, your data are processed in countries outside the European Union or the European Economic Areao (“IF IT'S“), Raf s.r.l. guaranteetothat your data are processed in compliance with European data protection standards. To the extent necessary and to ensure the security of data transfers to recipients in third countries outside the EU or the EEA, we will use data transfer contracts based on the EU standard contractual clauses pursuant to art. 46, co. 2, of the GDPR or other provisions that allow the transfer of data pursuant to data protection legislation, which also include the adoption of appropriate technical and organizational measures to protect the transferred data.iti.

Several countries outside the EU have already been officially recognized by the EU as countries guaranteeing a similar and adequate level of data protection.An updated list of these countries is available at the following link:k: http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm). This means that, in accordance with the applicable data protection provisions, any transfer of data to these countries does not require separate official approval.

  1. Your rights as an interested party and your right to lodge a complaint with the authorityà control

As an interested party, you may exercise certain rights towards us pursuant to the GDPR and other applicable data protection provisions, with specific reference to the Code. The following point contains explanations relating to your rights as an interested party under the GDPR and the Code.

9.1Rights of interested parties

As an interested party, he has in particular the following rights under the GDPR towards Raf s.r.l .:

  • Right of access art. 15 GDPR:: you may at any time request that you be provided with information on your data stored by us. This information refers, among other things, to the categories of data processed by us, the purposes of the processing, the origin of the Data if we did not obtain it directly from you, as well as the recipients to whom we may have transferred your data. , where applicable. You can receive a free copy of your data which are the subject of the contract. If you wish to obtain additional copies, we reserve the right to request a fee.
  • Right of rectification art. 16 GDPR:: may request a rectification of your data. We will take adequate measures aimed at ensuring that your data stored and processed by us on an ongoing basis is kept correct, complete, updated and relevant, based on the most recent information provided to us.
  • Right of cancellation art. 17 GDPR:: you may request the cancellation of your data, provided that the relative conditions provided by law exist. For example, this could occur based on art. 17 of the GDPR::
    • if the Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
    • if you revoke the consent on which the data processing is based, and there is no other legal basis for the processing;
    • if you object to the processing of your data and there are no overriding legitimate reasons to proceed with the processing, or if you object to the processing of data for direct marketing purposes;
    • if the Data has been processed unlawfully; unless the processing is necessary:
      – for the fulfillment of a legal obligation that requires the processing of your data; in particular with regard to the retention periods for documents required by law;
      – to ascertain, exercise or defend a legal right or claim.e.

Right to limitation of treatment art. 18 GDPR:: you will be able to obtain a limitation of the processing of your data

    • selfdisputes the accuracy of the Data, for the period that thereallows to verify the accuracy of such data;;
    • if the treatmentis unlawful eShe opposes the cancellation of yoursData and requires insteadthat its use is limited;;
    • if we no longer need your data, but these are necessary for you to ascertain, exercise or defend a right in court;a;
    •  Ifis opposed to the processing pending verification of the possible prevalence of our legitimate reasons, as data controller, with respect to yours..
    • Right to portability of data art. 20 GDPR:: You have the right to receive a copy of your data previously provided directly to Raf s.r.l. Upon your explicit request, we will transfer your data to the extent that this is technically feasible to another data controller..
 
    • Right to object art. 21 GDPR:: you may object at any time, for reasons connected with your particular situation, to the processing of your data, pursuant to art. 6, paragraph 1, letters e or f of the GDPR, or if personal data are processed for direct marketing purposes. In this case, we will no longer process your data. This last condition does not apply if we can demonstrate the existence of compelling legitimate reasons that justify the processing and that prevail over your interests, or if we need your data to ascertain, exercise or defend a right in judicial seat.aria.
 
    • Right to request a copy of the protection measures art. 13 GDPR) prepared as regards the transfer of data to third countries, if applicable.
 
  • Right to withdraw consent at any time art. 13 GDPR – if the processing is based on consent without prejudice to the lawfulness of the processing based on the consent given before the revocation, by sending the related request to the contacts listed below or through the technical methods possibly made available by Raf s.r.l. for its treatment..

9.2Terms of performance in relationai rights of interested parties

We always try to handle requests within a 30 day period. However, this period may be extended for reasons relating to the specific right of the interested party or the complexity of your request..

9.3Limitationrelative to the communication of information inphase to fulfill the relevant obligationsai rights of interested parties

In certain situations, we may not be able to provide you with information on all of your data due to legal provisions. If we are forced in this case to decline your request for information, we will also clarify the reasons for our refusal.
9.4Complaint at the supervisory authorityo

If you do not consider the feedback provided by Raf s.r.l. to be exhaustive. to any of your requests and / or reports, you have the right to lodge a complaint with a competent data protection authority, pursuant to art. 77 of the GDPR.R.
Below you will find the contact details of the local authority responsible for data protection: Guarantor for the protection of personal data..

Contact details available on:http://www.garanteprivacy.it/web/guest/home/footer/contatti

11.Normative requirements
The full text of the GDPR can be consulted by accessing the following website:http://eur-lex.europa.eu/legal-content/IT/TXT/uriCELEX3A32016R0679679

The further relevant national legislation in the field of data protection can be consulted on the website of the Guarantor accessible at the following link www.garanteprivacy.it

12.Changes to this data protection information
Should there be any substantial changes with regard to the way your Data is processed, we will promptly notify you of such changes.

13.Contacts

Any requests for information and for the exercise of your rights can contact Raf s.r.l. at the following addresses::

  • by post by writing to: Raf s.r.l. Viale Tavernola, 8 Casandrino NANA)
    by email: info@wanma.it
    PEC: raf_srl@arubapec.it
    TEL: 081.5055589 from Monday to Friday from 09:00 to 17:00. 

     

    You can also contact our Data Protection Officer directly at the following email addresses:adriano@bani.it