Privacy Policy

Personal Data Processing: Information

AREA3D Srl, registered office: via del Pallone, 10 57123 Livorno – VAT No: 01287900490

As Data Controller, provides the following information regarding the provision of personal data.

1. Subject of the Processing
The Data Controller processes personal data such as first name, last name, company name, address, telephone number, email address, and bank and payment details (hereinafter referred to as “personal data” or simply “data”) that you have provided when entering into contracts for the Controller’s services.

2. Purpose of the Processing
Your personal data is processed:

Without your express consent (Art. 6, letters b) and e) of the GDPR), for the following Service Purposes:
to enter into contracts for the Controller’s services;
to fulfill pre-contractual, contractual, and tax obligations arising from our relationship with you;
to comply with legal obligations, regulations, EU legislation, or orders from authorities (such as anti-money laundering regulations);
to exercise the Controller’s rights, for example the right to legal defense.
Only with your specific and separate consent (Art. 7 GDPR), for the following Marketing Purposes:
to send you via email, post, SMS and/or telephone contacts, newsletters, commercial communications and/or advertising material regarding the services offered by the Controller.

3. Processing Methods
The processing of your personal data is carried out through the operations listed in Art. 4 of the Privacy Code and Art. 4 no. 2) of the GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, retrieval, comparison, use, interconnection, blocking, communication, erasure, and destruction of data.
Your personal data is processed both in paper form and by electronic and/or automated means.
The Controller will process your personal data for the time necessary to fulfill the purposes outlined above and, in any case, for no longer than 10 years from the end of the relationship for Service Purposes and no longer than 2 years from data collection for Marketing Purposes.

4.Data Access
Your data may be made accessible for the purposes referred to in Art. 2.A) and 2.B):
to employees and collaborators of the Controller;
to third-party companies or other entities (such as credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, etc.) that perform outsourced activities on behalf of the Controller, in their capacity as external data processors.

5.Data Disclosure
Without the need for express consent (pursuant to Art. 6, letters b) and c) of the GDPR), the Controller may disclose your data for the purposes referred to in Art. 2.A) to Supervisory Bodies, Judicial Authorities, as well as to those entities to whom disclosure is mandatory by law for the fulfillment of the stated purposes.
Such parties will process the data in their capacity as independent data controllers.
Your data will not be disseminated.

6. Data Transfer
Personal data is stored on servers located within the European Union. It is understood, however, that the Controller, if necessary, may relocate the servers outside the EU. In such cases, the Controller hereby ensures that any transfer of data outside the EU will take place in compliance with the applicable legal provisions, including the prior adoption of the standard contractual clauses established by the European Commission.

7. Nature of Data Provision and Consequences of Refusal to Provide Data
The provision of data for the purposes referred to in Art. 2.A) is mandatory. Without it, we will not be able to provide the services outlined in Art. 2.A).
The provision of data for the purposes referred to in Art. 2.B) is optional. You may therefore choose not to provide any data or to deny consent at a later time for data already provided; in that case, you will not receive newsletters, commercial communications, or advertising material related to the services offered by the Controller.
However, you will still be entitled to the services referred to in Art. 2.A).

8. Data Subject Rights
As a data subject, you have the rights set out in Article 15 of the GDPR, specifically the rights to:

  • obtain confirmation as to whether or not personal data concerning you exists, even if not yet recorded, and receive such data in an intelligible form;
  • obtain information on:
    the origin of the personal data;
    the purposes and methods of the processing;
    the logic applied in case of processing carried out with the help of electronic tools;
    the identification details of the Controller, the processors, and the designated representative pursuant to Article 3, paragraph 1 of the GDPR;
    the entities or categories of entities to whom the personal data may be communicated or who may become aware of it in their capacity as designated representatives in the territory of the State, processors, or persons in charge of the processing;
  • obtain:
    the updating, rectification, or, when interested, the integration of the data;
    the erasure, anonymization, or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which it was collected or subsequently processed;
    certification that the operations referred to in letters a) and b) have been brought to the attention, including with regard to their content, of those to whom the data was communicated or disclosed, except where this proves impossible or involves a manifestly disproportionate effort compared to the right being protected;
    object, in whole or in part:
    for legitimate reasons, the processing of personal data concerning you, even if pertinent to the purpose of collection;
    to the processing of personal data concerning you for the purpose of sending advertising material via email and/or through traditional marketing methods such as telephone and/or postal mail.
    Please note that the data subject’s right to object, as referred to in point b) above, with regard to direct marketing carried out through automated means, also extends to traditional methods. In any case, the data subject retains the right to object even only in part. Therefore, the data subject may choose to receive communications only through traditional methods, only through automated methods, or neither type of communication. Where applicable, you also have the rights referred to in Articles 16–21 of the GDPR (right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object), as well as the right to lodge a complaint with the Supervisory Authority.

 

9.How to Exercise Your Rights
You may exercise your rights at any time by sending a registered letter with return receipt to AREA3D Srl, registered office: via del Pallone, 10 – 57123 Livorno – VAT No: 01287900490, or by sending an email to: info@area3d.it

10.Data Controller
The Data Controller is AREA3D Srl, with registered office at Via del Pallone, 10 – 57123 Livorno – VAT No: 01287900490.