Personal Data Protection Policy
In line with its mission and values, Gerotto Federico S.r.l. undertakes to protect the personal data of every person in compliance with the identity, dignity of every human being and the fundamental freedoms constitutionally guaranteed in compliance with the European Regulation 2016/679 (“EU Regulation”) relating to the protection of individuals with regard tothe processing of personal data as well as to the free circulation of such data (“Personal Data”).
The “Data Controller” is the company Grotto Federico s.r.l., P.I. 00308900281, with headquarters in Via Croce n. 26, Campodarsego (PD), e-mail address: firstname.lastname@example.org.
The protection of Personal Data is based on the observance of the principles illustrated in this document that Gerotto Federico S.r.l. undertakes to disseminate, respect and enforce respect to its members and to its employees and collaborators and to the recipients or third parties with whom it collaborates in the context of its business and mission.
Gerotto Federico S.r.1. is committed to ensuring that the Personal Data Protection Policy, and what follows from it, is understood, implemented and supported by all subjects, internal and external, involved in the activities of the company Gerotto Federico S.r.l. taking into account its concrete reality, its investment opportunities and above all its values.
In particular, Gerotto Federico S.r.l. undertakes to:
- communicate and disseminate its policy regarding the protection of personal data
- to listen and pay attention to all interested parties- shareholders, employees, collaborators, investors, promoters, beneficiaries, customers, suppliers, consultants- and taking into account their requests regarding the processing of personal data and giving prompt feedback
- to process personal data: in a lawful, correct and transparent way in line with the constitutional principles and with the current legislation on the matter, in particular the new EU Regulation and only for the time strictly necessary for the intended purposes, including those to comply with the obligations of law
- collect personal data limited to the indispensable ones to carry out the activities (relevant and limited
- process personal data according to the principles of transparency only for specific purposes and expressed in their information
- adopt processes of updating and rectification of personal data processed to ensure that personal data are, as far as possible, correct and updated
- preserve and protect the personal data in its possession with the best preservation techniques available, also using service contracts with suppliers who present sufficient guarantees on the safety
of the treatments and guarantee the protection of the rights of the interested party
- guarantee the continuous updating of the personal data protection measures. This commitment Gerotto Federico S.r.l. will be constantly followed in the context of the principle of accountability by
implementing, with constancy, adequate technical, organizational measures and suitable company policies, to guarantee and be able to demonstrate that the processing si carried out in accordance with the EU Regulation taking into account the state of the art, the nature of the personal data stored and the risks to which they are exposed
- make clear, transparent and relevant the methods of processing Personal Data and their storage in order to ensure adequate security
- provide training and provide information to its members and staff, on the basis of the task performed, on the principles of lawfulness and correctness to which this Policy for the Protection of Personal Data and the processing of personal data must comply, as well as compliance with safeguard measures adopted
- encourage the development of a sense of responsibility and awareness of the entire organization towards personal data, seen as data owned by the individuals concerned
- ensure compliance with the laws and regulations applicable to the protection of personal data, possibly updating the management of the protection of personal data
- prevent and minimize, compatibly with available company resources, the impact of potential violations or illegal and / or harmful processing of personal data
- promote the inclusion of personal data protection in the continuous improvement plan that the organization pursues with its management systems
This Personal DataProtection Policy will be brought to the attention of all internal staff, partners, collaborators, also through specific awareness-raising meetings.
Rev.00 of 29/04/2019