MORESCO GIOVANNI, with registered office in Via dell'Industria, 49 - 36030 Sarcedo (VI), VAT 04309760249 (hereinafter, "MORESCO GIOVANNI"), as data controller, informs you pursuant to art. 13 Legislative Decree 30.6.2003 n. 196 (hereinafter, "Privacy Code") and art. 13 EU Regulation n. 2016/679 (hereinafter "GDPR") that your data will be processed in the following manner and for the following purposes:

1. Subject of the processing

company_name processes personal, identifying data (for example, name, surname, company name, address, telephone number, e-mail address, bank and payment references - later, "personal data" or "data") communicated by you on the occasion of the conclusion of contracts for the services of the company_name.

2. Purpose of the processing

Your personal data is processed without your express consent (art. 24 letter a), b), c) Privacy Code and art. 6 lett. b), e) GDPR), for the following Service Purposes:

- conclude the contracts for the services of the company_name;

- fulfill the pre-contractual, contractual and fiscal obligations deriving from existing relationships with you;

- to fulfill the obligations provided for by the law, by a regulation, by EU legislation or by an order of the Authority (such as in the field of anti-money laundering);

- exercise the rights of the company_name, for example the right to defend in court.

3. Processing methods

The processing of your personal data is carried out by means of the operations indicated in the art. 4 Privacy Code and to the art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data is subject to both paper and electronic and / or automated processing. The company will treat the personal data for the time necessary to fulfill the purposes mentioned above and in any case for no more than 10 years from the termination of the relationship for the Service Purposes.

4. Access to data

Your data may be made accessible for the purposes of art. 2:

- to employees and collaborators of the company_name, in their capacity as appointees and / or internal processors and / or system administrators;

- to third-party companies or other subjects (as an indication, credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, etc.) that carry out outsourced activities on behalf of the company_name, in their capacity as external managers of the treatment.

5. Data communication

Without the need for express consent (pursuant to art. 24 letter a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the company will be able to communicate your data for the purposes referred to in art. 2 to Supervisory Bodies (such as IVASS), Judicial Authorities, insurance companies for the provision of insurance services, as well as to those subjects to whom the communication is obligatory by law for the fulfillment of the said purposes. These subjects will treat the data in their capacity as independent data controllers. Your information will not be disseminated.

6. Security

The data is kept and checked by adopting appropriate preventive security measures, aimed at minimizing the risks of loss and destruction, unauthorized access, unauthorized processing and deviating from the purposes for which the processing is carried out.

7. Data transfer

The management and storage of personal data will take place within the European Union.

8. Rights of the interested party

As an interested party, you have the right under the art. 15 GDPR and precisely the rights of: i. obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and their communication in intelligible form; ii. obtain the indication: a) of the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in the case of processing carried out with the aid of electronic instruments; d) of the identification data concerning the data controller, data processors and the representative designated pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or appointees; iii. obtain: a) updating, rectification or integration of data; b) the deletion, transformation into anonymous form or blocking of data processed in violation of the law, including data which does not need to be kept for the purposes for which the data was collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, even with regard to their content, of those here