INFORMATION ON THE PROCESSING OF PERSONAL DATA RELATED TO FILLING IN THE NEWSLETTER FORM
This information supplements the website navigation policy by detailing how the Data Controller will process the data entered in this contact form. So would you kindly please read the navigation policy.
IDENTITY AND CONTACT INFORMATION OF THE DATA CONTROLLER
Wilier Triestina S.p.a., hereinafter also “Wilier Triestina” or “Controller” with registered office in via Fratel M. Venzo 11/1 – 36028 – Rossano Veneto (VI), and available at the e-mail address info@wilier.it, at the certified e-mail address (PEC) wiliertriestina@legalmail.it or the phone number +39 0424 540442.
PURPOSE AND LEGAL BASIS
A. Marketing: using contact data to send commercial communications containing information on products and services, conducting approval and opinion polls and sending invitations to events the Controller will take part in.
B. Defence purposes: the Data Controller may need to process personal data in order to manage any disputes and out-of-court or legal litigation.
Purpose: A
Legal basis (common data): Performance of the service/contract request.
Legal basis (common data): Performance of the service/contract request.
Purpose: B
Legal basis (common data): Legitimate interest of the Data Controller to establish, exercise and defend a right.
Legal basis (common data): Legitimate interest of the Data Controller to establish, exercise and defend a right.
RETENTION PERIOD
Purpose: A
Retention period: Until the Marketing activity by the Controller ceases or the request to un-subscribe received, if earlier.
Retention period: Until the Marketing activity by the Controller ceases or the request to un-subscribe received, if earlier.
Purpose: B
Retention period: 10 years from the final resolution of the dispute.
Retention period: 10 years from the final resolution of the dispute.
NATURE OF DATA PROVISION AND CONSEQUENCES IN A REFUSAL TO PROVIDE DATA
Purpose: A
Type: Needed
Consequences: Unable to receive promotional communications on products or services.
Purpose: B
Type: Needed
Consequences: Unable to manage the dispute.
Type: Needed
Consequences: Unable to receive promotional communications on products or services.
Purpose: B
Type: Needed
Consequences: Unable to manage the dispute.
SCOPE OF COMMUNICATION
Data are processed by authorised internal staff for specific tasks and are communicated externally based on the following rules:
Purpose: A
Categories of external recipients: External consultants, companies offering hosting/management services for technology platforms.
Categories of external recipients: External consultants, companies offering hosting/management services for technology platforms.
Purpose: B
Categories of external recipients: Legal firms; Judicial Authorities.
Categories of external recipients: Legal firms; Judicial Authorities.
Since the data are also processed using computers and IT-enabled systems, they may also be visible to people providing technical support and maintenance services on these systems.
TRANSFER OF DATA TO A THIRD COUNTRY OR INTERNATIONAL ORGANISATION
The Controller transfers personal data to the Countries and under the conditions summarised below:
Purpose: A
Country: USA, Australia, Singapore, Japan, Colombia, UK, Canada, India.
Condition of transfer lawfulness: Data Privacy Framework; Standard Contractual Clauses
Country: USA, Australia, Singapore, Japan, Colombia, UK, Canada, India.
Condition of transfer lawfulness: Data Privacy Framework; Standard Contractual Clauses
Purpose: B
Country: None
Condition of transfer lawfulness: None
Country: None
Condition of transfer lawfulness: None
RIGHTS OF DATA SUBJECTS
Data subjects have the following rights:
Access: they can obtain confirmation as to whether or not personal data concerning them is being processed, and where this is the case, to obtain a copy thereof.
Rectification: they can request updates to their personal data, rectify inaccuracies and supplement incomplete data.
Erasure: they can request the erasure of personal data if certain conditions are met (contact the Data Controller for more details).
Restriction: they can request data to be flagged so that in future it may only be processed if certain conditions are met (contact the Data Controller for more details).
Objection: they can object to the processing of personal data on grounds connected to their particular situation, when the processing is based on legitimate interest or is necessary to perform a task carried out in the public interest or in the exercise of official authority of the Data Controller; they can also object to the processing of personal data for direct marketing purposes.
Portability: they can receive the personal data provided to the Data Controller in a structured format and transfer said data to another Controller if the processing is based on consent or on a contract and is carried out by automated means.
Withdrawal of consent: they can withdraw consent previously given for specific purposes, without affecting the lawfulness of processing carried out up to that point.
The rights effectively exercisable for the processing activities performed are:
Purposes A, B, C, D: Access; Rectification; Erasure; Limitation
Purpose B: Objection
Purpose A: Portability; Revocation of consent
Purpose B: Objection
Purpose A: Portability; Revocation of consent
Data Subjects can exercise the above rights by using the form available at https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1089924 and sending it to: privacy@wilier.it. The data subject may request from the same address to obtain further details in relation to the above information (e.g. balancing test of legitimate interest or list of data processors).
A complaint can be lodged with the Italian Supervisory Authority (Garante per la Protezione dei Dati Personali www.garanteprivacy.it).
