The company B2X S.r.l. wishes to inform you that EU Regulation 2016/679 (general data protection regulation, “GDPR”) seeks to protect natural persons and other subjects in relation to the processing of personal data.
According to this regulation, the processing of such data must be based on the principles of correctness, lawfulness and transparency and protection of your confidentiality and your rights.
In accordance with art. 13 of the GDPR, B2X S.r.l. is required to provide you with some information on the use of the personal data supplied by you.
Purpose of processing operations
The personal data supplied using the ad hoc forms will be used with the sole aim of responding to requests for information and performing related and instrumental activities.
When processing data that might identify, either directly or indirectly, the data subject or the user, we observe the principles of lawfulness, correctness, pertinence, non-excess and transparency.
Optional or compulsory nature of data provision
With reference to the aforementioned purposes, the provision of personal data is compulsory, the consequence being that refusal to provide said data will make it impossible for us to meet your requests
Processing and storage methods
Personal data will be processed using manual and electronic tools, pursuant to art. 32 of the Regulation, by specially appointed parties, in compliance with the provisions of article 29 of the Regulation, with a logic closely related to the purposes of data processing and, in any case, such as to ensure the security and confidentiality of said data.
We inform you that, in compliance with the principles of lawfulness, purpose limitation and data minimisation, pursuant to art. 5 of the Regulation, your personal data will be stored for a period of time not exceeding the achievement of the purposes for which they are collected and processed and in compliance with the terms prescribed by law.
Scope of disclosure and dissemination
Your personal data will not be disseminated or disclosed, but for the purposes of the processing indicated above, and within the limits strictly relating to them, the personal data you have provided will be or may be communicated, in addition to our formally appointed personnel, to public bodies, consultants or other subjects by virtue of legal obligations.
Transfer of personal data
Your personal data will not be transferred to third countries outside the European Union, and will be kept on the Controller’s servers/databases, located in the Italian territory, in compliance with legal obligations.
The data are processed at the headquarters of the Data Controller and in any other place where the subjects legitimately involved in data processing are located.
Data Subject’s rights
Pursuant to articles 15-22 of the Regulation, you may exercise the following rights at any time:
- request confirmation of the existence or otherwise of your personal data;
- obtain information about the purposes of processing, personal data categories, the recipients or categories of recipients to whom the personal data have been or will be disclosed and, when possible, the storage period;
- obtain the rectification and erasure of data;
- obtain data processing restrictions;
- obtain data portability, i.e. receive them from a data controller in a structured, commonly-used, machine-readable form, and to transmit them to another data controller without hindrance;
- object to processing at any time, including processing for direct marketing purposes;
- object to an automated decision-making process relating to natural persons, including profiling.
How to exercise these rights
You can exercise your rights by sending a written request to B2X Srl – Via Coponia, 8 CAP 00131 or by sending an e-mail to the address:
Data Controller, Data Processor and DPO
The data controller is B2X Srl based in Rome, Via Coponia, 8 00131 Rome, VAT number 11020591001, PEC:
The external data processor is ISED SpA with registered office in Via Coponia, 8 – 00131 Rome, VAT number 00976081000.The company has designated the DPO, whose contact address is:
Complaints
Finally, we inform you that if you believe your rights have been infringed by the Controller and/or by a third party, you are entitled to lodge a complaint with the Garante per la protezione dei Dati Personali (Italian data protection authority) and/or to another supervisory authority with competence for GDPR matters, using this link: https://www.garanteprivacy.it/home/footer/contatti#urp