The data controller is the Company, with registered office and address for service at Via Achille Papa 30, 20149 Milan, Italy, in the person of its acting legal representative (the Data Controller).
You can contact the Data Controller via email at firstname.lastname@example.org or by post at the above address.
The Data Controller may appoint internal or external data supervisors (the Data Supervisors) and appointed people with the authority to process data (the Appointed People). A full up-to-date list of the Data Supervisors and Appointed People is available from the Data Controller at the above addresses.
Under article 37 of the GDPR, the Company has also appointed a Data Protection Officer (DPO), who can be contacted via email at email@example.com and by post at the above address.
In providing its services, the Company obtains your personal data directly from you. In particular, the Company processes the following kinds of non-sensitive personal data:
The Company processes your personal data specifically in order to provide services for the following purposes:
Based on this type of information and with your consent, we show you content or specific promotions from Enervit based on your interests. This use of your personal data is voluntary; therefore, you may object to having your data processed for these purposes.
The lawful bases for processing users’ personal data for the above purposes include:
You must provide the personal data that the Company needs to execute its contractual (section 3, letters a)–c)) or legal obligations (section 3, point d)) regarding the services, so no specific consent is needed to that end under GDPR article 7. Nor is consent required about data processed in the Data Controller’s legitimate interest (section 3, point g)). In these scenarios, if you do not provide your personal data or if you do not let us process it, then we shall be unable to enter into a contract with you, and you will be unable to receive our services.
In other scenarios, you will be asked for consent for the Company to use your personal data (section 3, points d)–f)). You do not have to provide your personal data for those purposes, so if you do not do so or if you do not let us process it, then the Company will still be able to enter into a contract with you. The Company and the other companies in Enervit group and any third-party companies will not, however, be able to update you about events, new product/service presentations, promotions, etc., nor will you be able to receive invitations, advertising, information or other publications that might interest you.
Your personal data may also be used, with no need for your prior consent, if it comes from public registers, lists, records or documents accessible to anyone and, in any event, if the data is processed (not including dissemination) to assert or defend the Company’s rights in a court of law.
Your personal data is processed by people with the necessary training in personal data processing. They may be employees, contract staff or external consultants specifically appointed by the Data Controller as Data Supervisors or Appointed People within the context of their respective roles. Your personal data is also processed using electronic, automated, telematic and digital means and, in any event, for reasons strictly related to the above purposes, in order to keep the personal data confidential and secure. The Company processes data lawfully, transparently, meticulously and proportionately, with honesty and integrity, only where the processing is relevant to and necessary for the purposes involved, while safeguarding your privacy and your rights.
We shall keep your personal data for the period of time permitted by law or by regulations, where applicable, and in any event for no longer than is strictly necessary for the purposes involved and in line with Enervit’s Data Retention policy. Your personal data will be processed and kept in electronic storage systems at the Company headquarters and at the offices of the professionals and/or service companies to which your personal data is sent for the above purposes and in line with our supplier/consultancy agreements with them.
To comply with specific legal obligations or for reasons strictly instrumental to the execution of the contract with the Company, your personal data gathered in the process of supplying the service may be shared for the above purposes with the following recipients:
The service suppliers are external companies that we use to help run our business (for order fulfilment, payment processing, fraud monitoring, identity verification, credit recovery, developing or operating our website, support services, promotions, data analysis, customer services, etc.). The service suppliers and their appointed personnel may access and use your personal data only on our behalf and in line with our instructions. These recipients are obliged to keep your personal data confidential and secure.
To comply with specific legal obligations or for reasons strictly instrumental to the execution of the contract, your personal data may be shared with other companies in our group. If your data is sent outside the EU, then your rights will be safeguarded and protected to the same extent as under the GDPR.
You may exercise your rights regarding your data under GDPR article 15 at any time, i.e.:
You can exercise the above rights by contacting the Data Controller informally via email at firstname.lastname@example.org or by post at Via Achille Papa 30, 20149 Milan, Italy.
Sede legale: Viale Achille Papa, 30 – 20149 Milano - Capitale versato: €4.628.000 - P.IVA: 02375690134 - REA MILANO 1569150
©Enervit 2012-2020, All rights reserved. Engineered by Mind The Value