ARTICLES. 13 AND 14 OF REGULATION (EU) 2016/679
Interested Subjects: Surfers, users of the services.
“PESARESI GIUSEPPE S.P.A.”, as Data Controller of your personal data, pursuant to and for the purposes of Regulation
(EU) 2016/679 hereafter ‘GDPR’, hereby informs you that the aforementioned legislation provides for the protection of
data subjects with respect to data processing personal and that this treatment will be based on the principles of correctness,
lawfulness, transparency and protection of your privacy and your rights.
To achieve its purposes, relating to the management of the relationship, the Data Controller needs to acquire personal data,
such as, for example, the name and surname, the telephone or mobile phone number, the email address, the tax code.
Your personal data will be processed in accordance with the legislative provisions of the aforementioned legislation and
the confidentiality obligations set forth therein.
Purpose of treatment: Service delivery: Your data will be processed to respond to any requests that may be received from
the forms for compilation, and forms available on the website, or to requests received by email.
Legal basis: The legal basis of the processing is contractual in the terms in which data processing is envisaged in response
to a request for information followed by a response.
Consequences of failure to communicate: the processing of functional data for the fulfilment of these obligations is
necessary for the correct management of the relationship and their provision is mandatory to implement the purposes
indicated above. The Data Controller also informs that any non-communication, or incorrect communication, of one of the
mandatory information, can cause the inability of the Data Controller to guarantee the adequacy of the processing itself.
Processing methods: The treatment is carried out with manual and / or IT and telematic tools, in order to guarantee the
security, integrity and confidentiality of the data in compliance with the physical and logical organizational measures,
provided for by the current provisions, in order to minimize the risks of destruction or loss, unauthorised access,
unauthorised modification and disclosure in compliance with the methods set out in articles 6, 32 of the GDPR.
Recipients: For the performance of certain activities, or to provide support for the operation and organisation of the
activity, some data may be brought to the knowledge or communicated to recipients. These subjects are divided into:
Third parties: (communication to: natural or legal persons, public authorities, service or other body that is not
the interested party, the data controller, the data processor and authorized persons data processors) including:
- Companies that manage traditional or computerized postal services
- Any other subjects whose data communication is necessary to achieve the aforementioned purposes.
Data processors: (the natural or legal person, the public authority, the service or other body that processes personal data on
behalf of the data controller)
- Providers of IT, web, or other services necessary to achieve the purposes necessary for managing the relationship.
Within the company structure, your data will be processed only by personnel expressly authorized by the Data Controller,
with assurance of adoption of a confidentiality agreement and, in particular, by the following categories of employees:
- Other employees whose treatment is necessary for the correct execution of the relationship;
Spreading: Your personal data will not be disclosed in any way.
Transfer of data to third countries: The owner does not transfer personal data to non-EU countries. If there is a need, the
interested parties will be informed in advance, and guarantee measures will be taken for the transfer to the recipients,
which depending on the cases may be: verification of the existence of adequacy decisions for the recipient country by the
Commission , signing of standard contractual clauses, in the case of USA
verification of adhesion to the international Privacy Shield agreement; by way of derogation from these guarantees, the
existence of a contract or pre-contractual measures in favor of the interested party or consent is verified.
Retention period: We inform you that, in compliance with the principles of lawfulness, purpose limitation, data
minimization, pursuant to art. 5 of the GDPR, the retention period of your personal data is established for a period of time
not exceeding the achievement of the purposes for which they are collected and processed, in the event that a contract is
signed, this retention period may cease with the forfeiture or withdrawal of the contract, the same data can be kept, where
applicable, for a further period of time for the purpose of managing any disputes, the legal basis for this conservation is the
legitimate interest of the data controller. The retention period for marketing data processing is functional to the purposes
pursued by the data controller,
Data Controller: The Data Controller, pursuant to the legislation, is “PESARESI GIUSEPPE SPA”, with registered and
operational headquarters in Via Emilia, 190 – 47922 Rimini (RN), VAT / Tax Code: 01231130400 in the person of its legal
representative pro tempore. By sending an e-mail to the following firstname.lastname@example.org may request more
information regarding the data provided. The sitewww.pesaresi.com reports further information on the privacy policies
adopted by our Company.
EU Reg. 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22, 23 – Rights of the interested party
1. The interested party has the right to obtain confirmation of the existence or not of personal data concerning him, even if
not yet registered, and their communication in an intelligible form.
2. The interested party has the right to obtain the indication:
a. the origin of personal data;
b. the purposes and methods of treatment;
c. the logic applied in case of treatment carried out with the aid of electronic instruments;
d. the identity of the owner, manager and the representative appointed pursuant to article 5, paragraph 2;
e. of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about
them as appointed representative in the territory of the State, managers or agents.
3. The interested party has the right to obtain:
a. updating, rectification or, when interested, integration of data;
b. the cancellation, transformation into anonymous form or blocking of data processed in violation of the law,
including those whose retention is unnecessary for the purposes for which the data were collected or subsequently
c. the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards
their content, of those to whom the data have been communicated or disseminated, except in the case where this
fulfilment proves impossible o involves the use of means manifestly disproportionate to the protected right;
d. data portability.
4. The interested party has the right to object, in whole or in part:
a. for legitimate reasons, the processing of personal data concerning him, even if pertinent to the purpose of the
b. to the processing of personal data concerning him for the purpose of sending advertising materials or direct
selling or for carrying out market research or commercial communication.
Complaint: The interested parties, if the conditions are met, also have the right to lodge a complaint with the Guarantor as
supervisory authority according to the procedures provided. For any further information, and to assert the rights
recognized by the European Regulation, you can contact the data controller at the references above.