Information pursuant to art. 13 of EU Regulation 679/2016 (GDPR) laying down provisions for the protection of the processing of personal data of natural persons

With the entry into force of EU Regulation 679/2016 (hereafter GDPR), the undersigned company Metroz Essences s.p.a. with headquarters in Cologno Monzese (Milan), via Andrea Doria 40, Data controller, The eventual appointment of additional internal and / or external managers for particular treatments will be kept up to date and will be sent to you upon specific request. It will also be made available at the offices of the owner.

1. Purposes of data processing

Personal data are processed as part of normal activities for purposes related to and instrumental to the management of contractual relationships; for purposes connected to the obligations established by laws, regulations and community legislation as well as by instructions given by authorities legitimated by law and by supervisory and control bodies; for administrative and accounting obligations; for functional purposes of our activity for which the interested party has the right to express his or her consent and that is management, statistics, commercial, operational, marketing and promotional purposes, market surveys.

the information object of this information refers to all the “personal data” collected by the Data Controller and those that may be acquired in the future for the same purposes.

2. Methods of data processing

The processing of your data may include all the operations provided for in art. 4 n. 2) of the GDPR and will be based on principles of correctness, lawfulness and transparency, will also be carried out in compliance with all precautionary measures, which guarantee its security and confidentiality. The operations may be carried out with the aid of electronic or automated or telematic means and with any other instrument made available by technology and technological development and / or on paper, in a lawful manner, in compliance with the provisions laid down by art. 6 of the GDPR and the laws in force, adopting suitable measures to guarantee the logical, physical security and confidentiality of personal data by art. 32 of the GDPR

3. Provision of data

The provision of data is necessary for the purpose of carrying out the activity indicated at the point 1.

4.Consequence of a possible refusal to answer

Failure to communicate implies the impossibility for the Data Controller to perform its functions, and in some cases, could therefore make it impossible to provide the owner’s business and the management of the business relationship between the parties.

We also point out that any refusal to respond, at the time of collecting information, may result in the objective impossibility for this company to comply with legal and / or contractual obligations related to the performance of the relationship.

5. Categories of subjects to whom the data may be communicated

We inform you that the data you provide or acquired during the contractual relationship may be communicated to the following persons who perform functions strictly connected or instrumental to our activity, functions that must therefore be considered fundamental for the company’s operations:

  • to the Financial Administration, social security and welfare institutions, if necessary to the Public Safety Authority;
  • to transporters or entities for services ancillary to the supply;
  • to companies or professional bodies for fraud control and debt collection;
  • to banks and credit institutions in the context of the financial management of the company;
  • to insurance companies;
  • to persons charged with auditing the financial statements and administrative, tax and contractual consultants.

The personal data you provide may also be disclosed abroad, both in the EU and non-EU. If the communication or transfer must take place in a Third Country not subject to the GDPR, it will only take place if the Commission has given a favorable opinion of adequacy regarding the level of protection of personal data, in accordance with the provisions of art. 45 of the GDPR, or where the transfer is subject to adequate guarantees in accordance with the provisions of art. 46 of the aforementioned Regulation.

Your data will not however be disseminated.

6. Conservation period:

Your personal data will be kept for the time necessary to achieve the goals or for a period not exceeding 10 years.

7. Rights of the interested part

within the limits of the provisions of art. 23 of the GDPR You can exercise the rights referred to in art. 15 of Regulation (EU) 2016/679 and, where applicable, the rights referred to in Articles 16-21 of the aforementioned Regulation, the rights to request access, rectification, deletion of data, the limitation of the processing that concerns him; the right to oppose the processing and the right to data portability; the right to withdraw consent at any time, as well as the right to lodge a complaint with the Guarantor. These rights may be exercised at any time by sending a request to the email amministrazione@metroz.it.