This document also contains the information required pursuant to art. 13 of European Regulation no. 2016/679, relating to the protection of natural persons with regard to the processing of personal data (hereinafter “GDPR”), which came into force on 24 May 2016 and applicable starting from 25 May 2018. Any modifications and adaptations of the document to following the repeal of Legislative Decree 196/2003 which will take place on 24 May 2018, as well as any European or national legislative interventions and/or provisions of the supervisory authorities subsequent to the publication of this document.
Pursuant to art. 13 EU Reg. 2017/679 GDPR relating to certain legal aspects of information society services in the internal market, with particular reference to electronic commerce” the following information is provided:
- name of provider: Energy Management & Consulting srl hereinafter the Owner
- registered office: Piazza di Pietra 26, 00186, 00195 Rome (RM)
- contacts: +39 0689370020, info@energymc.it
- VAT number: 12200871007
INFORMATION ON THE PROCESSING OF PERSONAL DATA
Your data will be processed in the following ways and for the following purposes:
- Object of the Processing
The Data Controller processes personal, identifying data (for example, name, surname, company name, address, telephone, e-mail, bank and payment details) – hereinafter, “personal data” or also “data” communicated by you in occasion of the conclusion of contracts for the Data Controller’s services. - Purpose of the processing
Your personal data is processed:
without your consent art. 6 of the GDPR, for the following Service Purposes:
– conclude contracts for the Data Controller’s services;
– fulfill pre-contractual, contractual and tax obligations deriving from existing relationships with you;
– exercise the rights of the Data Controller, for example the right of defense in court; - Treatment methods
The processing of your personal data is carried out by means of the operations indicated in the art. 4 no. 2 of the GDPR and precisely: collection, recording, organisation, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data is subjected to both paper and electronic and/or automated processing.
The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and in any case for no longer than 5 years from the termination of the relationship for the Service Purposes. Without prejudice to the legal provisions for the retention of tax data.
Browsing data. The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
Data provided voluntarily by the user. The use of contact forms on the site and the optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other data personal information included in the letter.
- Data access
Your data may be made accessible for the purposes referred to in point 2:
– to employees and collaborators of the Data Controller, in their capacity as internal data processors and/or authorized persons and/or system administrators;
– to third-party companies or other subjects (for example, for the provision of shipping and packaging services, postal services, etc.) who carry out outsourced activities on behalf of the Data Controller, in their capacity as external data controllers. - Data communication
Without the need for express consent art. 6 of the GDPR, the Data Controller may communicate your data for the purposes referred to in point 2 to those subjects to whom communication is mandatory by law for the fulfillment of the aforementioned purposes. These subjects will process the data in their capacity as independent data controllers. Data transfer. The Data Controller does not transfer personal data to third countries or to international organisations.
- Nature of providing data and consequences of refusing to respond
The provision of data for the purposes referred to in point 2 is mandatory. In their absence, we will not be able to guarantee the Services provided by the Owner.
- Rights of the interested party
In your capacity as an interested party, you have the rights where applicable referred to in the articles. 15 to 22 of EU Regulation 2016/679 and precisely: right of access, right of rectification, right to be forgotten, right to limit processing, right to data portability, right to object, as well as the right to complain to the Guarantor Authority.
- Methods of exercising rights
ou may exercise your rights at any time by sending an email to the address: info@energymc.it or through a written communication by registered mail with return receipt: to the Data Controller, in the person of the administrator, with registered office in Piazza di Pietra 26, 00186 Rome (RM).
To exercise your rights you can use the following email: info@energymc.it.
The owner assumes the burden of responding to the complaint presented by the interested party within 1 (one) month of the request, even in the event of denial. Term extended up to 3 (three) months in particularly complex cases.
- Consent to processing and minors
The interested party declares to have read the information above, with the communication of the personal data freely provided or otherwise collected during navigation, always carried out in compliance with the privacy regulations in force; gives his consent to the processing, and therefore, by “ticking” in the appropriate box, he expressly accepts the recording and processing of his data which will be based on the principles of correctness, lawfulness and transparency, in the manner indicated above.
Particular conditions are dictated by EU Regulation 679/2016 in the interest of minors in article 8, which clarifies that the processing of personal data of minors under the age of 16 – or, if provided for by the law of the Member States, of an age younger but not under 13 years – is lawful only if and to the extent that such consent is expressed or authorized by the holder of parental responsibility for the minor. Therefore behaviors undertaken by minors without the authorization of those who are required to supervise them under their responsibility, parents first and foremost, are contrary to the provisions and the data controller cannot be held responsible for having the minor violated the law, circumventing the provisions in force.