travel

Privacy

 

PRIVACY POLICY FOR CUSTOMERS PURSUANT TO ART. 13 E SS. OF REGULATION (EU) 2016/679 

G21 INVEST srl with registered office in Viale Giovanni Amendola, 548 - 41125 Modena (e-mail: info@g21invest.it) in the capacity of Data Controller, informs that EU Regulation no. 2016/679 (so-called GDPR), together with Legislative Decree 196/2003 and ss. m. regulate the protection of personal data. G21 INVEST srl bases its data processing on the principles of correctness, lawfulness, transparency and necessity, as required by the aforementioned regulations.

G21 INVEST srl also informs that the collected data may be shared with the company Wiligelmo by Modenatur S.c.a.r.l. via Scudari n.10 41121 Modena - Italy - VAT number 02374350367 - Rea 285204, who can in turn process them for the purposes related to the preparation of the Travel Contracts and billing.

 

  1. WHAT DATA WE PROCESS (art.13 paragraph I; art.15 lett. B) GDPR)

G21 INVEST srl, as part of its ordinary activity, does not require the interested party to provide particular data, or personal data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs or union membership, as well as data genetic, biometric data intended to uniquely identify a natural person, data relating to health and / or sexual life (art.9 GDPR). In the event that the service requested from G21 INVEST srl requires the processing of such data, the interested party will receive specific information in advance and will be required to give specific consent.

 

  1. FOR WHAT PURPOSE WE TREAT THE DATA OF THE INTERESTED PARTY (art. 13 paragraph 1 GDPR)

The processing of the personal data of the interested party takes place to carry out the preliminary and consequent activities the stipulation of the contract for the supply of the service and / or the requested product or any other contract aimed at carrying out the business activity, to execute the themselves and for the protection of the credit positions deriving from them; for normal internal operational, managerial and accounting needs; to fulfil any type of obligation under applicable laws or regulations, especially in tax matters.
The legal basis for this treatment is the fulfillment of the services requested by the customer and / or the supplier, as well as compliance with legal obligations.

The provision of consent in relation to these purposes is not necessary, and therefore the related processing may be carried out in the absence of the consent of the interested party. Any failure to provide data will however make it impossible for us to fulfil and comply with the commitments undertaken and deriving from existing contractual and pre-contractual relationships.

 

  1. HOW WE PROCESS THE DATA OF THE INTERESTED PARTY (art. 32 GDPR)

The processing of data may consist, in addition to their collection, in their registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction, as required by art. 4 no. 2) of the GDPR. It can be carried out both with the use of paper support and with the aid of electronic, IT and telematic tools, in a manner and with suitable tools to guarantee the security and confidentiality of the data. In particular, all technical and organizational measures appropriate to data protection will be adopted in order to meet the legal requirements and to protect the rights of the interested parties.

The treatment will be carried out in an automated and / or manual form, with methods and tools, in compliance with the security measures referred to in art. 32 of the GDPR 2016/679, by specifically appointed subjects, in compliance with the provisions of art. 29 GDPR 2016/679.

We point out that, in compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 GDPR 2016/679, the retention period of your personal data is established for a period of time not exceeding the achievement of the purposes for which they are collected and processed and in compliance with the times prescribed by law.

In particular, the data will be retained for the duration necessary for the contractual fulfilment and will be kept for the following period to pursue the legitimate interest of the data controller.

 

  1. TO WHOM WILL THE DATA OF THE INTERESTED PARTY BE COMMUNICATED? (art.13 paragraph 1 GDPR)

The collected data will never be disclosed and will not be communicated and / or transferred without your explicit consent, except for the communications necessary for the performance of the purposes referred to in point 2 a), inherent to legal obligations.

The data of the interested party may be made accessible for the purposes referred to in point 2:

  • to employees and collaborators of the Owners in Italy, in their capacity as agents and / or system administrators;
  • to third-party companies or other subjects (for indicative and non-exhaustive purposes, professional firms, consultants, insurance companies for the provision of insurance services, banks and companies specialized in the management of payments, subjects in charge of auditing the company's financial statements, public authorities o administrations for the fulfilment of the law, to transport companies, drivers for the possible delivery of the ordered goods etc.) who carry out outsourcing activities on behalf of Owners, in their capacity as external data processors. This only for the purposes related to the stipulation and fulfilment of the contract or to comply with legal obligations imposed on the Owner or on companies and third parties;
  • for all the purposes indicated in this statement, the data will not be communicated abroad.

 

  1. WHAT ARE THE INTERESTED PARTY'S RIGHTS? (articles 15-20 GDPR)

At any time, the interested party may exercise, pursuant to articles 15-22 of the GDPR 2016/679, the right to:

  1. request confirmation of the existence or not of your personal data and their communication in an intelligible form;
  2. obtain the indication of:
  • the origin of personal data;
  • the purposes and methods of treatment;
  • of the logic applied in case of treatment with the aid of electronic instruments;
  • of the identification details of the owner, of the managers and of the representative appointed pursuant to art. 3, paragraph 1, GDPR;
  • the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State territory, managers or agents;
  • obtain:
  • updating, rectification or, when interested, integration of data or limitation of processing concerning them;
  • cancellation (e.g. right to object to direct marketing), transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed (so-called right to be forgotten);
  • the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case where this fulfillment proves impossible o involves the use of means manifestly disproportionate to the protected right;
  • the so-called data portability, i.e. the return of data provided in a commonly used format with the right to request transmission to a different owner;
  • the withdrawal, at any time, of consent to the processing of personal data where provided. It should be noted that the withdrawal of consent does not affect the lawfulness of the treatment based on the consent given before the revocation;
  1. object, in whole or in part for legitimate reasons, to the processing of your personal data, even if pertinent to the purpose of the collection.

The interested party, for further clarification on this information or on the privacy issue, or to exercise your rights, can send a written request to the Data Controller at the e-mail address: info@g21invest.it

 

It is also your right, if you find a violation, to lodge a complaint with the supervisory authority (Privacy Guarantor). For any complaints or reports on how we process your data, we will make every effort to respond to your concerns. However, if you wish, you can forward your complaints or reports to the authority responsible for data protection, using the relevant contact details: Guarantor for the protection of personal data - Piazza di Monte Citorio n. 121 - 00186 ROME - Fax: (39) 06.69677.3785 - Telephone: (39) 06.696771 - E-mail: garante@gpdp.it – Certified mail protocollo@pec.gpdp.it.