INFORMATION PURSUANT TO ARTICLES 13 AND 14, REGULATION (EU) 2016/679 (“GDPR”)
Ponti S.p.A. (hereinafter “Ponti”) wishes to inform you that European Regulation 2016/679 (“General Data Protection Regulation”, hereinafter referred to as “GDPR” or “Regulation”) provides for the protection of individuals with regard to the processing of personal data as a fundamental right. In accordance with Articles 13 and 14 of the GDPR, we therefore inform you that:
Purpose of data processing
Your personal data will be processed for the following purposes:
- To allow Ponti to carry out its internal administrative tasks and to comply with all applicable laws and/or orders of public authorities;
- To provide pre-sales and after-sales services and general information on Ponti’s products and services and on its purchasing network, as well as to keep Customers/Suppliers up to date on the latest developments in our services;
- To protect and enforce the rights of Ponti, including its property rights, and act for the protection of the Website;
- To enable Ponti, in the performance of its activities, to guarantee ever-improving levels of quality that are geared to the Customer’s preferences, including through the collection of statistical information.
The personal data that you provide voluntarily, by filling in electronic forms on the Ponti website, will be processed by Ponti with the aid of electronic or automated systems, in order to respond to your requests in relation to Ponti products, advertising, or the website, according to the choices you make. The provision of such personal data is optional, but it is partly necessary (i.e. for those data in fields marked with an asterisk) so that Ponti can fulfil your requests. Failure to provide, or the partial or incorrect provision of personal data marked with an asterisk, as it is necessary for the performance of the requested service, makes this impossible; while the failure to provide, or the partial or incorrect provision of optional unnecessary personal data does not entail any consequences.
The Data Controller is Ponti S.p.A., with registered office in Ghemme (NO), at Via Erasmo Ferrari, 7. You may contact the Data Controller to exercise the rights provided for in Articles 15 to 22 of the GDPR and listed below by sending an e-mail to the Data Controller’s address, firstname.lastname@example.org, or a letter to be sent by registered mail to:
PONTI S.p.A. – Via Erasmo Ferrari, 7 – 28074 GHEMME (NO), ITALY.
Personal data subject to processing
The use of the site by visitors, for technical, security and statistical purposes, involves the collection and processing of different types of personal data relating to the user:
Data provided by the user
This data is requested during the request for information, when present during registration, in order to use our services or to send an application. You will be asked to give your consent to the processing of the data according to the provisions of the GDPR.
Since this is not a legal obligation, the provision of personal data to Ponti is optional. However, any refusal on your part to provide such data will make it impossible for us to follow up the provision of the services provided through Ponti’s websites.
It is reiterated that the purpose of these activities remains strictly related to corporate activities, limiting their use in contexts that may affect personal dignity and decorum.
Retention of personal data
Data is collected according to the indications of the relevant regulations, with particular regard to the security measures provided for by the GDPR (article 32) for its processing through computerised, manual and automated tools and with logic strictly related to the purposes indicated and in any case in order to ensure the security and confidentiality of the data.
Data will be kept at the registered offices of Ponti for a period of time no longer than is necessary to achieve the purposes for which they are processed.
Scope of communication
Data collected as part of the provision of services may be communicated to:
- Employees of the Ponti Marketing Office who, operating under the direct authority of the Data Controller, are appointed managers pursuant to Article 28 of the Regulations and receive adequate operational instructions in this regard.
- Companies that carry out functions closely related and instrumental to the technical operation of the services of this website, such as hosting service providers, companies that provide storage, administrative, payment and billing services, companies that provide technical components for the provision of certain features of the website.
- Administrative and judicial bodies and authorities pursuant to legal obligations.
Personal data may be transferred outside the European Union for processing by some of our service providers. In this case, we will ensure that this transfer is carried out in compliance with applicable legislation and that an adequate level of personal data protection is guaranteed based on an adequacy decision, or standard clauses defined by the European Commission.
Personal data will never be transferred or sold to third parties.
Rights of the data subject
Please note that, pursuant to Articles 15 to 22 of the GDPR, the data subject has the right to request from the Data Controller:
- Information about the existence of their personal data, its origin, the purposes and methods of processing and, if present, to obtain access to the personal data;
- The updating, rectification, addition, deletion, restriction of the processing of personal data;
- The transformation into anonymous form or blocking of personal data, processed unlawfully, including data whose retention is unnecessary for the purposes for which the data was collected and/or subsequently processed.
- To oppose, in whole or in part, for legitimate reasons, the processing of data, even if pertinent to the purpose of collection and processing of personal data for purposes of commercial information or sending advertising materials or direct selling or for carrying out market research or commercial communication. Each user also has the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given before the withdrawal.
- Receive their personal data, provided knowingly and actively or through the use of the service, in a format that is structured , in common use and readable by electronic device, and to submit it to another Data Controller without hindrance.
- Complain to the Guarantor Authority for the protection of personal data in Italy.
In the use of the services provided by Ponti, the user grants the widest possible indemnity with respect to any dispute, claim, request for compensation for processing damage, etc. that may be received by Ponti from third parties whose personal data has been processed through its use of the service in violation of the applicable data protection regulations. In any case, if you provide or otherwise process personal data of third parties in the use of our service, you guarantee from now on – assuming all related responsibilities – that this particular processing hypothesis is based on an appropriate legal basis (for example, the consent of the data subject) in accordance with Article 6 of the GDPR which legitimises the processing of the information in question.
This policy was updated on July 30, 2019 and may be subject to changes and/or periodic updates due to regulatory changes. Any updates will always be published on this page. If substantial changes are made to the use of data relating to the user by the Data Controller, the latter will notify the user by publishing them on its pages or by alternative or similar means.
We remind you that if you have any questions or requests regarding your personal data and privacy, you should contact email@example.com