Transparency and disclosure

Customer information

INFORMATION ON THE PROCESSING OF PERSONAL DATA CUSTOMERS

Sampaolo Stampi s.r.l. wishes to inform you about the processing of your personal data.
This information is made in accordance with the principles of transparency and fairness and in respect of your rights, pursuant to EU Regulation 2016/679 on the protection of personal data.

DATA CONTROLLER
The data controller is Sampaolo Stampi s.r.l., via Peschiera, 7/a, Montelupone (MC), based on in the European Union, who can be contacted at the following addresses: telephone number 0733 226811, email sampaolo@sampaolo.it.

SOURCE OF DATA
The data are acquired directly from you, given on the occasion of the establishment of relations or on the occasion of the sending of reciprocal requests, at the time of:

  • managing and processing your requests, including those made via the web, relating to our products, goods, services and activities
  • entering into contracts, offers, agreements for the supply of goods, services or services
  • requesting, establishing or continuing other relationships that require the use or integration of your personal data

Some personal data may be collected by other entities, including:

  • computer data, including e-mail address or log access to web platforms used for the management of services
  • information from lists maintained by public and institutional, insurance, bilateral or equivalent bodies or under the control of the public authority on the basis of specific national legislation

CATEGORIES OF PERSONAL DATA
The processing concerns personal data, including:

  • personal data (for example name, surname, physical address, nationality, province and municipality of residence, fixed telephone and/or mobile phone, fax, tax code, VAT number, address/s, e-mail);
  • bank details (such as IBAN and bank/postal details);
  • data from telematics traffic (e.g., log, IP address of origin);
  • product data (for example: product sector, purchased or requested product, etc.).
    Personal data which can be classified as particular (“sensitive”) categories, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, are not normally processed, Genetic data, biometric data intended to uniquely identify a natural person, data relating to the health or sexual life or sexual orientation of the person.
    Personal data relating to criminal convictions and offences are not normally processed.

If there is a specific need to collect and process data of a particular type or relating to criminal convictions and offences, we will inform you about it, supplementing this information and obtaining the related consent, where this is a condition for the initiation or continuation of the processing itself.

MINORS
No data relating to children is processed.

PURPOSE OF THE PROCESSING
PROVISION AND SALE OF PRODUCTS AND SERVICES, AND RELATED CONTRACTUAL RELATIONSHIPS
We process your identification data for the purposes related to and/or connected with the provision of our services, the sale of our products and the performance of the relevant contractual relationships, pre-contractual and/or similar agreements, namely:
• Manage orders, sales and delivery of products and services
• to draw up and conclude contracts and/or similar agreements
• provide and improve the Services and resolve any issues related to them
• Manage suggestions and customization requests
• Manage customer communications
• prevent the risk of fraud and credit risks
• to fulfil the pre-contractual, contractual, tax obligations and related ancillary services connected with such obligations arising from our relationship with you
• manage the services provided through our website www.sampaolo.it, which include the collection, storage and processing of data processed for the purpose of establishing the relationship, processing requests, and related technical management, operational, and administrative, as well as for the sending of communications necessary for the performance of the services themselves
• manage the payments of the products and/ or services purchased, the related payment data, any additional economic costs, the relevant contractual, legal, accounting, tax and administrative obligations.

Your data may also be processed for purposes related to the legal obligations to which our organization may be subject, namely:

  • to comply with the general obligations provided for by law, regulations, community legislation or orders issued by Authorities and other competent institutions
  • to respond to requests from the competent administrative or judicial authority and, more generally, public entities in compliance with legal formalities
    Your consent is not required for the aforementioned purposes, as the processing is necessary to perform legal obligations arising from a contract or to comply with specific requests you have made before the conclusion of the contract (art. b) and c) of the GDPR)

SENDING COMMERCIAL COMMUNICATIONS
Your contact identification data (e.g. surname, address, email, telephone) may be used to send, directly by us or by our agents and employees belonging to the sales network, commercial information, promote and advertise, by e-mail, paper, telephone and messaging services, products and services similar to the subject of your current relationship with us, unless you disagree, which you may express initially or on subsequent occasions.
Only with your explicit consent, your data may also be processed for further marketing and commercial promotion purposes:

  • send you marketing information, promote and advertise, by e-mail, paper, telephone and messaging services, new products, goods or services provided by us
  • Measure the degree of satisfaction with the quality of services provided
  • carry out market research, economic analysis and statistics
    For these processing operations, the legal basis is the consent to the processing (art. 6, par.1 letter a) of the GDPR)

LEGITIMATE INTEREST OF THE DATA CONTROLLER
Your personal data may be processed, without the need for your consent, for purposes related to the pursuit of our legitimate interests, including the aforementioned commercial communications within ongoing relationships, protection against fraud, risk assessment and related security measures, data transfer within the organization, statistical purposes, compliance with IT security obligations, including the adoption of procedures for the detection and notification of personal data breaches (data breach), as well as the processing necessary to ensure the exercise of the right to object.
For these purposes the data will be processed according to principles of equity, proportionality, necessity and minimization, preferring as much as possible the aggregated or anonymous form.

METHODS OF PROCESSING
The processing is carried out by means of procedures and tools, including information technology, suitable to guarantee confidentiality, the integrity and availability of data in the ways and to the extent necessary to pursue the above-mentioned purposes and in compliance with the technical and organizational security measures adopted by our organization.
Your personal data is processed only by authorized and trained personnel, who are allowed to access your personal data to the extent that it is necessary for the performance of processing activities.
Data that are surplus or irrelevant to the purposes of processing will be deleted or not used except for the possible retention, in accordance with law, of the document containing them.
The transmission of data and information by e-mail, internet or other digital channels cannot be considered totally safe: Sampaolo Stampi s.r.l. is therefore not able to guarantee the security of the data transmitted through these channels. Therefore, any such transmission is at the risk of the sender.

DURATION OF PROCESSING
PROVISION AND SALE OF PRODUCTS AND SERVICES, AND RELATED CONTRACTUAL RELATIONSHIPS
The data will be processed for the entire duration of the contractual relationship and/ or similar agreements and also subsequently, for the fulfillment of legal obligations and administrative purposes, in accordance with current regulations, such as the time limits for keeping accounts, the time limits prescribed by the definition of the relationship and in any case the time limit from which the rights arising therefrom may be exercised, the additional time limits resulting from any litigation if this results in an extension of those time limits.
In any case, Sampaolo Stampi s.r.l., to protect its own interests, may process your personal data until the time allowed by law.

CYBER SECURITY
The computer data, including logs of access to web services and/ or their IP addresses, may be stored in relation to the alleged risk and/ or detected and the harmful consequences that result, except for measures taken to anonymize data or to limit their processing.
The data will be stored from the detection of the event of danger or data breach (data breach), for the time necessary to notify the Authority of the breach of detected data and to take the relevant measures of restoration and security.

COMMERCIAL COMMUNICATIONS
For the purposes of marketing and commercial promotion, your data will be kept until you explicitly request to cancel or revoke your consent.

OBLIGATION OR OPTION TO PROVIDE DATA
For data that we are obliged to know, necessary in order to fulfill the contractual obligations, agreements between the parties, as well as required by laws, regulations and Community legislation, or by the provisions issued by Authorities authorized by law and by supervisory and control bodies, failure to provide them will make it impossible to establish or continue the relationship, insofar as such data are necessary for the execution of the same.
For data that we are not obliged to know, such as additional information or contact details, the provision of the same is optional, and their failure will not allow the completion or customization of certain services, such as the sending of commercial communications.

RECIPIENTS OF THE DATA
KNOWLEDGE AREA WITHIN THE ORGANIZATION
Your data may be known to the following categories of subjects, internal to our organization: administrative and secretarial offices, accounting and invoicing officers, sales agents of products and services, Employees and collaborators. All subjects who access your data are appropriately authorized, instructed and bound to confidentiality obligations.

EXTERNAL COMMUNICATION OF DATA
Your data will not be disclosed (for example by publication on the web), unless we expressly request it and you give your explicit consent.
Your data may be communicated to:

  • public or private entities that may access it under the law, regulations or Community legislation, within the limits provided by these rules
  • to subjects our consultants, in the limits necessary to carry out their duties with our organization, subject to appointment that imposes confidentiality and security obligations
  • to parties who process data for purposes ancillary to the relationship with us, or that perform or provide specific services strictly functional to the execution of such a relationship (for example, providers of electronic communication services or web services)
  • insurance companies and debt collection companies
  • commercial information or advertising promotion management companies;
    The communication of your personal data is limited to the data necessary for the achievement of the specific purposes for which they are intended. In addition, these parties are required to process the personal data they become aware of in accordance with this Privacy Policy and applicable data protection laws.

TRANSFER OF PERSONAL DATA OUTSIDE THE EU
Your data is normally not transferred outside the EU.

YOUR RIGHTS
At any time you may exercise the rights that are granted to you, pursuant to art. 15 to 22 of EU Regulation 2016/679, namely:

  1. request confirmation of the existence or otherwise of personal data processed;
  2. obtain information about the purposes of processing, the categories of personal data processed, the recipients or categories of recipients to whom the personal data have been or will be communicated, the retention period for the data or the criteria used to determine it;
  3. update or correct personal data so that it is always accurate;
  4. delete personal data when they are no longer necessary for the purposes of processing, where the legal conditions exist and the processing is not justified by another legitimate reason;
  5. Restrict the processing of personal data, where the conditions are met, including inaccuracy, opposition to processing, unlawful processing.
  6. to obtain the portability of the data, if the processing takes place on the basis of a contract and with automated means, that is to receive them in a structured format, commonly used and readable by automatic device, also in order to pass them on to another data controller;
  7. oppose the processing at any time and also in the case of processing for direct marketing purposes or carried out through automated decision-making processes, including profiling.
  8. revoke consent, if given for specific processing activities. The withdrawal of consent does not affect the lawfulness of the processing based on consent carried out before the withdrawal;
  9. the right to lodge a complaint with a Supervisory Authority: without prejudice to any other administrative or judicial action, the complaint may be submitted to the Supervisory Authority for the protection of personal data. Or, where the conditions are met, including your different residence or the different Member State in which the infringement took place, to the supervisory authorities established in another EU country.

To exercise these rights, you can contact the Data Controller, Sampaolo Stampi s.r.l., whose contact details are indicated at the beginning of this information, without delay.
If Sampaolo Stampi s.r.l. intends to start processing data for purposes other than those described in this information, it will inform you before proceeding and obtain your consent, if necessary.

UPDATES
Sampaolo Stampi s.r.l. updates the policies and internal practices adopted in the protection of personal data whenever necessary and in case of regulatory and organizational changes that have relevance to the processing of personal data.
Any updates to this information will be made available promptly and by appropriate means.
Last updated: 21/07/2021