Privacy Policy - www.super-corp.eu

PRIVACY POLICY (Article 13 of Regulation (EU) 2016/679 “GDPR”)

We hereby inform you that, the “Privacy Law” (referring to EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), Italian Legislative Decree No. 196/2003, as well as any other law regarding the protection of personal information applicable in Italy, including the provisions of the Data Protection Authority) recognises the right to protect personal data and requires that any processing be done in respect of the rights, fundamental freedoms and dignity of natural persons.
Pursuant to the Privacy Law, Super Corp S.r.l., as Data Controller, provides the following information:

1. Personal data processed and source of the data

To negotiate and/or endorse and/or fulfil a contractual relationship with Super Corp S.r.l., the Data Controller processes demographic and contact information (for example name, surname, etc.), and business information, concerning you or your legal representatives and/or employees and/or collaborators.
Data are collected both from you and from your legal representatives and/or employees and/or collaborators, as well as through consultation of databases made available by business information providers and assimilated subjects and/or open-source databases.

2. Purpose, method and legal basis

Personal data provided is processed for the purposes indicated below:

a) the fulfilment of precontractual and/or contractual duties and obligations assumed with the counterparty as part of the contract under negotiation or in progress. The legal basis for processing is established under Art. 6, section 1, letter b of the GDPR;
b) fulfilment of the obligations required by Italian, EU, and international laws and/or regulations. The legal basis for processing is established under Art. 6, section 1, letter c of the GDPR;
c) carrying out due diligence activities by consulting business information databases made available by third party providers and/or open-source databases. The legal basis for the processing is the Data Controller’s legitimate interest in carrying out a prior assessment of its potential counterparties, pursuant to Art. 6(1)(f) of the GDPR.
d) protection of the interests or rights of the Data Controller, in or out of court. The legal basis for the processing is Super Corp S.r.l.’s legitimate interest in the protection of its legal reasons, pursuant to Art. 6(1)(f) of the GDPR.

Providing data for the purposes pursuant to letters a, b, c and d is optional; however, without them, it will not be possible to negotiate and/or endorse a contract with the Data Controller.

3. Data recipients

Your personal data may be shared with:

• parties typically acting as data processing managers (including but not limited to IT providers). The updated and complete list of managers is available at Super Corp’s registered offices and can be requested from the Data Controller at the addresses indicated in this privacy notice;
• Super Corp employees as “persons acting under the authority of the controller to process personal data”;
• parties, entities or authorities, autonomous data controllers with whom it is mandatory to share your personal data as part of legal provisions or orders from the authorities.

4. Extra-EU transfer

If your personal data is transferred outside the European Economic Area, it will be done so only with the requisite legal orders and guarantees pursuant to Arts. 44-49 of the GDPR. Further information on this point may be requested from Super Corp S.r.l. and/or the Data Protection Officer at the addresses indicated in this disclosure.

5. Data storage and communication

The data provided will be stored for the time strictly necessary to achieve the purposes for which they were collected, after which they will be deleted or destroyed. As a rule, personal data will be retained for ten years after the termination of the contractual relationship, except in cases where further retention is necessary to fulfil regulatory obligations and/or protect the rights and interests of Super Corp S.r.l. in judicial and/or extrajudicial proceedings.

6. Data subjects’ rights

With regard to the processing of the personal data that concerns you, you have the power to exercise the rights provided for by the Privacy Law, including:

a) to access your personal data, obtaining evidence of the purposes pursued by the Data Controller, the categories of data involved, the recipients to whom it may be disclosed, the applicable storage time, and the existence of automated decision-making processes;
b) to obtain without delay the rectification of inaccurate personal data concerning you;
c) to obtain, in the cases envisaged, the deletion of your data;
d) to obtain the restriction of processing or to oppose the same, whenever possible;
e) to request the portability of the data you provided to Super Corp S.r.l., i.e., to receive them in a commonly used, structured format, readable by an automatic device, also to transmit such data to another data controller, without any obstruction by Super Corp itself.

Furthermore, you may lodge a complaint with the Personal Data Protection Authority under the terms of Art. 77 of the GDPR. All requests regarding exercising the rights of the data subject should be addressed to the e-mail address: info@super-corp.eu.

7. Data Controller and Data Protection Officer

Super Corp S.r.l. is the Data Controller, with headquarters at Viale Col di Lana, 10 – 24047 Treviglio (BG)., Italy. The Data Protection Officer can be contacted at the following e-mail address: info@super-corp.eu.