Information pursuant to art. 13-14 of the European regulation (gdpr) 2016/679

With this extended information on the processing of personal data, the Data Controller, as defined below, wishes to inform you about the purposes and methods of processing of the personal data provided by you through the website www.promecc-group.it and about the rights that the European Union Regulation 2016/679 (GDPR – relating to the protection of natural persons with regard to the processing of personal data, as well as the free circulation of such data), recognizes to you.

Data Controller and Data Protection Officer
The Data Controller is:

Promecc Aerospace Srl
Zona Artigianale S.S. 16 – Km 978
73022 Corigliano d’Otranto –  Lecce -Italy
VAT IT04496840754

The Data Controller can be contacted by email at: promecc@promecc-group.it

The Data Controller has not appointed a data protection officer (RPD or data protection officer, DPO) as it is not required under the aforementioned legislation.

Common personal data processed
For the purposes indicated in this Policy, the Data Controller processes common personal data such as personal data (name, surname, telephone number, email and other contact details).

Source of personal data
Your personal data processed by the Data Controller are those provided by you directly by filling in the forms on the website.

Cookie Management
All information relating to cookies is provided on the page Cookie Policy.

Purpose of data processing
The data collected is processed for the following purposes:

• Perform statistical analysis and contact management;
• Comply with legal obligations;
• Respond to your requests contained in the message you sent via the form on the contact page.

Methods of data processing
Personal data may be processed using both paper and electronic archives (including portable devices) and processed in ways strictly necessary to meet the purposes indicated above and in ways that are suitable to guarantee their security and confidentiality in accordance with the provisions of Article 32 of the GDPR.

Data storage
Your personal data will be stored in a controlled access archive and/or database for a period of time deemed necessary to pursue the purposes described in this information. After this period, the user’s personal data will be retained only to comply with legal obligations, or to allow proof of the respective rights and obligations to be maintained.

Optional nature of providing data
Providing data is optional. However, refusal to provide data will make it impossible to be contacted again and it will not be possible to fulfill the purposes of data processing.

Data provided voluntarily by the user
The optional, explicit and voluntary sending of email messages to the address indicated on this site and/or the completion of data collection forms, involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data entered.

Communication, sharing and dissemination of data
Your data, subject to processing, will not be disclosed, sold or exchanged in any case with third parties. They are not subject to dissemination or to any fully automated decision-making process, including profiling.
The scope of communication of the data is limited exclusively to the subjects competent for the fulfillment of contractual operations and compliance with legal obligations. They may therefore be communicated to third parties (such as: Revenue Agency, judicial or administrative authorities, for the fulfillment of legal obligations, consultants and accountants or other lawyers who provide functional services for the purposes indicated above; subjects who process the data in compliance with specific legal obligations or as appointed Data Processors; collaborators appointed for the management and maintenance of the IT systems appointed by the data controller).
Rights of the interested party
In relation to the processing described in this information, as an interested party you may, under the conditions set out in the GDPR, exercise the rights established by Articles 15 to 21 of the GDPR and, in particular, the following rights:

• ask the Data Controller for access to your personal data and information relating to them;
• the rectification of inaccurate data or the integration of incomplete data;
• the deletion of personal data concerning you (if one of the conditions set out in Article 17, paragraph 1 of the GDPR occurs and in compliance with the exceptions set out in paragraph 3 of the same Article);
• the limitation of the processing of your personal data (if one of the hypotheses set out in Article 18, paragraph 1 of the GDPR occurs);
• right to rectification – Article 16 GDPR: right to obtain, without undue delay, the rectification of inaccurate personal data concerning you and/or the integration of incomplete personal data;
• request and obtain from the Data Controller – in cases where the legal basis of the processing is the contract or consent, and the same is carried out by automated means – your personal data in a structured and machine-readable format, also for the purpose of communicating such data to another data controller (so-called right to portability of personal data);
• right to object – Article 21 GDPR: at any time to the processing of your personal data in the event of particular situations that concern you;
• revoke consent at any time, limited to cases where the processing is based on your consent for one or more specific purposes and concerns common personal data (for example, date and place of birth or place of residence), or particular categories of data (for example, data that reveal your racial origin, your political opinions, your religious beliefs, your state of health or sexual life). The processing based on consent and carried out prior to its revocation, however, retains its lawfulness;
• propose a complaint to a supervisory authority (Personal Data Protection Authority www.garanteprivacy.it).