Pursuant to Article 13 of Regulation (EU) 2016/679 (“GDPR”), Twenty-Nine S.r.l. informs that the personal data communicated through the contact form available on the website will be processed according to the purposes and methods specified below.
The Data Controller is Twenty-Nine S.r.l., with registered office in Via Paderno 15/F – 25050 Rodengo Saiano (BS), e-mail: privacy@twenty-nine.eu, PEC: twenty-nine@pec.it.
The personal data subject to processing are those provided by the user in the contact form, such as:
• name and surname;
• e-mail address;
• telephone number;
• any further personal and professional information entered in the message sent.
Such data constitute common personal data pursuant to Article 4(1) of the GDPR.
The personal data provided through the contact form are processed for the following purposes:
a) Management of contact requests
Responding to requests, questions, messages or information sent by the user through the form.
Legal basis: Article 6(1)(b) GDPR (performance of pre-contractual measures requested by the data subject).
The processing of personal data is carried out by means of manual, IT and telematic tools, with logic strictly related to the purposes indicated above and with security measures, technical and organizational, suitable to guarantee the confidentiality, integrity and availability of the data themselves, in compliance with Article 32 of the GDPR. The personal data collected will not be disseminated nor communicated to third parties for purposes other than those indicated. Data may be communicated to subjects providing technical assistance, hosting or IT support services and to subjects (consultants/suppliers) performing outsourcing activities on behalf of the Data Controller. Such subjects operate as Data Processors pursuant to Article 28 GDPR.
Personal data are processed within the European Economic Area (EEA). Should it become necessary, for technical or operational needs connected to the provision of IT services, hosting, system maintenance or technical assistance, to transfer data to Countries located outside the European Union, such transfer will take place exclusively in compliance with Articles 44 et seq. of Regulation (EU) 2016/679.
The data will be retained for the time necessary to manage the request submitted through the form, except where retention is necessary to protect the rights of the Data Controller.
Pursuant to Articles 15 to 22 of the GDPR, the data subject has the right to:
– obtain confirmation of the existence or not of personal data concerning him or her and to access them (right of access);
– request rectification or updating of inaccurate data and integration of incomplete data (right to rectification);
– obtain erasure of personal data in the cases provided for by law (right to be forgotten);
– obtain restriction of processing in the presence of the conditions set out in Article 18 of the GDPR (right to restriction);
– receive personal data in a structured, commonly used and machine-readable format, and to transmit them to another data controller (right to data portability);
– object at any time, for reasons related to his or her particular situation, to the processing of personal data carried out on the basis of the legitimate interest of the Data Controller (right to object);
– withdraw consent at any time, without prejudice to the lawfulness of processing based on consent before withdrawal (right to withdraw consent);
– lodge a complaint with the Data Protection Authority (www.garanteprivacy.it) or bring proceedings before the competent judicial authorities if he or she considers that his or her rights have been violated.
Requests may be sent to the e-mail address privacy@twenty-nine.eu or via PEC to twenty-nine@pec.it.
The provision of data through the contact form is optional; however, failure to provide the data makes it impossible to send the request.