MECPLEX in the person of its Legal Representative Mr. Martini Gianfranco, – registered office in Genoa, Piazza della Vittoria, 12/21 16121, Genoa (ITALY) – VAT No.: 02435210998 Tel . 010.6049779 – e-mail marketing@mecplex.com amministrazione@mecplex.it, as Data Controller. Gianfranco Martini

INFORMS
pursuant to Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data (hereinafter, “GDPR”) that your data will be processed in compliance with the aforementioned regulation and in the manner and for the purposes specified below:

1 – PURPOSE OF THE PROCESSING AND NATURE OF THE DATA
As part of its activity, the Data Controller processes your personal data (in particular, name, surname, tax code, VAT number, email address, telephone number – hereinafter, “personal data” or “data”) collected during the conclusion of business relations and/or requests for commercial information.

2 – PURPOSE OF PROCESSING
Your personal data are processed for the following distinct purposes according to the legal basis of reference:
2.1 Execution of the contract – fulfilment of legal obligations (art.6 lett. b , lett. c).
Your personal data are processed for the following purposes:
a) to fulfil pre-contractual, contractual and administrative-accounting obligations
b) to fulfil the obligations provided for by the law, by a regulation, by the community legislation or by an order of the Authority.

2.2 On the basis of your consent (art.6 lett. a). Your personal data are processed for the purpose of sending information and promotional communications via sms and/or e-mail, as well as newsletters from the Controller in relation to its own initiatives and/or those of its subsidiaries and/or affiliates (Marketing purposes);
2.3 – Legitimate interests (art.6 lett. f – recital 47).
We would like to point out that if you are already our customer/supplier, we may send you, always in compliance with your interests and rights, commercial communications relating to the Controller’s services and products similar to those you have already used, unless you object, which should be communicated to the contacts indicated in point 7.

3 – RECIPIENTS OR CATEGORIES OF RECIPIENTS OF THE DATA
The personal data provided may be communicated to third party recipients in order to fulfil contracts or related purposes. More precisely, the data may be communicated to recipients belonging to the following categories:
Professionals and consultants in legal, fiscal and labour matters;
Banking institutions;
Competent authorities for the fulfilment of legal obligations and/or provisions dictated by public bodies (Revenue Agency, etc.);
external subjects who manage/support/assist, even only occasionally, the Data Controller in the administration of the information system and telecommunications networks (including e-mail);
The subjects belonging to the above categories act as Data Processors, or operate completely independently as separate Data Controllers. The list of any data processors is constantly updated and available at the Data Controller’s head office.

4 – PROCESSING METHODS
The processing shall be carried out using manual and/or computerised and telematic tools as well as organisational and processing logics strictly related to the aforementioned purposes and in any case in such a way as to guarantee the security, integrity, availability and confidentiality of personal data; in particular, the signature that is affixed in the digital reader is to validate the provision of the service and is an image.
This signature is not biometric data (e.g. graphometric signature) and is therefore exempt from the request for specific consent under Article 6 of the GDPR.

The signed document is stored in anonymised mode as required by the GDPR. Art. 5 and Art. 6.
In compliance with the provisions of Art. 5 paragraph 1 letter e) of the EU Reg. 2016/679, the personal data collected will be stored in a form that allows the identification of data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed.

5 – PROVISION OF DATA
We inform you that, taking into account the purposes of the processing specified in point 2.1, the provision of data is compulsory and their non-conferral, partial or incorrect conferral may result in the impossibility to perform the professional service.

6 – DATA TRANSFER TO A THIRD COUNTRY AND/OR INTERNATIONAL ORGANISATION
The personal data provided is not transferred outside the European Union.

7 – DURATION OF PROCESSING
Personal data is stored for the entire duration of the contractual relationship and, in the event of revocation and/or other termination of the said relationship, for the period established by law for the fulfilment of, for example, tax obligations.
For marketing purposes, data will be stored until consent is revoked or for the period established by law or by Measures issued by the Control Authority.

8 – RIGHTS OF THE INTERESTED PARTY
You may, at any time, exercise your rights as expressed in Articles 15, 16, 17, 18, 19, 20, 21, 22 of EU Regulation 2016/679, and in particular:
to access personal data;
to obtain the rectification or erasure of the same or the limitation of the processing concerning him/her;
to object to the processing; to data portability;
to revoke consent; revocation of consent does not affect the lawfulness of processing based on consent given before revocation;
to lodge a complaint with the Control Authority (Privacy Guarantor).
Your rights may be exercised by sending a request to the Data Controller at the following e-mail address: marketing@mecplex.com
I declare that I have read this privacy policy and in particular I have read point 2, relating to the purposes of processing, and point 8 relating to the rights of the data subject.