The first publishing project on other stories of culture, technology and society
Accessibility Tools
Information on the processing of personal data
Version 1.2 of 21/09/2022 (third issue)
Data controller, in accordance with Article 4 of the GDPR:
SCG Srl
Via Matas 29, 60121 Ancona (AN)
E-mail: info@scgonline.it
P. IVA: 02724450420
According to Article 13 of Regulation 2016/679/EU (hereinafter “GDPR”), SCG SRL (hereinafter “Data Controller”), in its capacity as “Data Processing Controller”, informs you that your data – collected for the conclusion of the contract with the Customer and/or within the scope of the execution and/or stipulation of the same – will be processed in compliance with the aforementioned legislation, to guarantee the rights, fundamental freedoms, and dignity of natural persons, with particular reference to confidentiality and personal identity.
The processing of your data, directly provided by you, is carried out by SCG SRL for the conclusion of the contract with the Customer and/or within the scope of its execution and/or conclusion. It is also possible that the personal data of third parties communicated by the Customer to the Company may be processed. Concerning this hypothesis, the Customer acts as an autonomous data controller and assumes the consequent legal obligations and responsibilities, holding the Company harmless concerning any dispute, claim and/or request for compensation for damages from processing that may be received by the Company from third parties.
In compliance with current legislation on the protection of personal data and without the need for specific consent from the Data Subject, Data shall be stored, collected and processed by the Company for the following purposes:
The legal bases of the processing for the purposes a) and b) above are Articles 6.1.b) and 6.1.c) of the Regulation.
The provision of Data for the aforementioned purposes is optional, but failure to provide it and refusal to provide it would make it impossible for the Company to execute and/or enter into the contract and provide the services requested by the same.
The legal basis for the processing of personal data for the purposes c) is Article 6.1.a) of the GDPR as the processing is based on consent; it should be noted that the Data Controller may collect a single consent for the marketing purposes described herein, according to the General Provision of the Guarantor for the protection of personal data “Guidelines on promotional activities and the fight against spam” of 4 July 2013. The provision of consent to the use of data for marketing purposes is optional and should the data subject wish to object to the processing of the Data for marketing purposes carried out by the means indicated herein, as well as to withdraw the consent given; he/she may do so at any time without any consequences (except for the fact that he/she will no longer receive marketing communications) by following the instructions in the “Rights of the Data Subject” section of this Policy.
For the purposes referred to in point d, the Company informs that the data may also be communicated to third-party business partners. The consent to the Processing for Marketing Purposes by the Data Controller Company – where given by the data subject – does not cover the different and further marketing processing represented by the communication of the data to third parties for the same purposes. To proceed with such external communication (currently not carried out by the Company, but possible in the future), a further, separate, additional, documented, express and entirely optional informed consent is required, which is valid until revoked.
Lastly, please note that for the processing carried out to send its advertising material or direct sales or for carrying out its own market research or commercial communications with products or services similar to those used by the Customer, the Company may use e-mail or personal data addresses under and within the limits allowed by Article 130, paragraph 4 of the Code and by the provision of the Guarantor Authority for the protection of personal data of 19 June 2008 even in the absence of explicit consent. The legal basis for the processing of data for this purpose is Art. 6, paragraph 1, letter f) of the GDPR, without prejudice to the possibility of opposing such processing at any time, by following the instructions in the “Rights of the Data Subject” section of this Information Notice.
The data may be communicated to third parties appointed as data processors according to Article 28 of the GDPR and in particular to banking institutions, companies active in the insurance field, suppliers of services strictly necessary for the performance of business activities, or consultants of the company, where this proves necessary for fiscal, administrative or contractual reasons or requirements protected by current regulations.
Your data, or the personal data of third parties in your possession, may also be communicated to external companies, identified from time to time, to which SCG SRL entrusts the performance of obligations arising from the assignment received to which will be transmitted only the data necessary for the activities requested of them. All employees, consultants, temps and/or any other “natural person” who carry out their activities based on instructions received from SCG SRL, following Article 29 of the GDPR, are appointed “Data Processors” (hereinafter also referred to as “Processors”). SCG SRL gives the Data Processors or Persons in charge, if any, adequate operating instructions, with particular reference to the adoption of and compliance with security measures, to be able to guarantee the confidentiality and security of the data. Precisely regarding the aspects of personal data protection, the Customer is invited, according to Article 33 of the GDPR, to notify SCG SRL of any circumstances or events from which a potential “personal data violation (data breach)” may arise to allow an immediate assessment and the adoption of any actions to counter such an event by sending a communication to SCG SRL at the contact details indicated below.
The Data will not be disseminated. This is without prejudice to SCG SRL’s obligation to communicate the data to Public Authorities upon specific request.
The transfer abroad of your data may take place if it is necessary for the management of the assignment received. The processing of information and data that may be communicated to these parties will require the equivalent levels of protection adopted for the processing of the personal data of its employees. In any case, only the data necessary for the pursuit of the intended purposes will be communicated, and the regulatory tools provided in Chapter V of the GDPR will be applied.
Your data is collected and recorded lawfully and fairly for the above-mentioned purposes by the principles and requirements of Article 5 c 1 of the GDPR.
The processing of personal data is carried out using manual, computerised and telematic tools, with logic strictly related to the purposes themselves and, in any case, in such a way as to guarantee security and confidentiality.
Personal data will be processed by SCG SRL for the entire duration of the assignment and also thereafter to assert or protect its rights or for administrative purposes and/or to fulfil obligations arising from the applicable pro tempore regulatory and legislative framework and in compliance with specific legal obligations on data retention.
Following, and within the limits and under the conditions provided for by the data protection legislation concerning the exercise of the rights of the Data Subject regarding the processing operations covered by this Information Notice, as a Data Subject you have the right to request confirmation as to whether or not personal data relating to you is being processed, to access the personal data relating to you and concerning such data you have the right to request its rectification, erasure notification of rectification and cancellation to those to whom the data may have been transmitted by our organisation, restriction of processing in the cases provided for by the law, portability of personal data – provided by you – in the cases indicated by the law, to object to the processing of your data and, specifically, you have the right to object to decisions concerning you if they are based solely on automated processing of your data, including profiling. If you consider that the processing operations concerning you violate the rules of the GDPR, you have the right to complain to the Garante according to Article 77 of the GDPR. If you wish to request further information about the processing of your data or to exercise your rights, you may contact SCG SRL in writing.