Privacy policy
For the establishment and execution of contractual relationships with its clients, the following company comes into possession of personal, fiscal, and business-related data, acquired verbally, directly or through third parties. Pursuant to Legislative Decree No. 196/2003 of June 30, 2003, “Code regarding the protection of personal data,” and with regard to the personal data we intend to process according to principles of fairness, lawfulness, transparency, and protection of confidentiality and rights, we inform you as follows.
Data Controller and Responsible Person
The data controller and the person responsible for the processing of personal data is the legal representative domiciled for this function at the company.
Purpose of the Processing
Personal data are processed within the normal activity of the data controller and for purposes strictly connected and instrumental to the management of the relationship at every stage (pre-contractual, contractual, dispute, etc.), to the related contractual obligations and updating of the services offered, as well as compliance with the law, regulations, and community legislation.
Nature of Data Provision
The provision of data is mandatory for all that is required by legal and contractual obligations, and therefore any refusal to provide them or to their subsequent processing may result in the impossibility of carrying out the contractual relationships themselves. Failure to provide data that is not attributable to legal or contractual obligations will be assessed on a case-by-case basis and will determine consequent decisions related to the importance of the data requested for managing the relationship.
Methods of Processing
Personal data processing is carried out using paper and electronic means and exclusively through the phases of collection, registration, organization, storage, classification, communication, deletion, and destruction of the data, performed by personnel within their area of competence and following appropriate training. Data are stored at our headquarters and will be processed for the duration of the contractual relationships established and even thereafter for the fulfillment of all legal obligations.
Data related to the conduct of economic activities are processed in compliance with current legislation concerning business and industrial secrecy. Security measures are employed to guarantee necessary confidentiality and prevent unauthorized access by third parties or unauthorized persons.
Scope of Communication and Dissemination of Data
Without prejudice to communications and dissemination carried out to comply with legal obligations, data are made available exclusively for the purposes listed above and may be communicated (only for aspects related to the specific activity to be performed), nationally and/or internationally, to the following subjects:
- Accreditation bodies
- Professionals and external companies collaborating on audit activities
- Professionals and external companies performing activities for the management and control of our business activities
- Banks or credit institutions
- Credit recovery companies or entities
Additionally, the status of validity of the client organization’s certification (certified, suspended, canceled) may be disclosed to third parties via verbal, paper, internet, or website means, indicating company name, address, reference standard, certification purpose, certificate number, tax code, and VAT number.
Under no circumstances will personal data in our possession be disseminated or communicated to third parties for commercial purposes, except within the limits of Article 16 of Legislative Decree 196/2003.
Rights of the Data Subject
Regarding personal data, your organization may at any time exercise the rights provided by Article 7 of Legislative Decree No. 196/2003, within the limits and conditions set out in Articles 8, 9, and 10 of the same decree, by sending a request by registered mail, fax, or e-mail to the data controller. The addresses are provided on the dedicated page of this website.
