GDPR

INFORMATION

ARTS. 13 AND 14 OF REGULATION (EU) 2016/679

Data Subjects: Navigators, users of the services.

“REVERSE PARADIGM S.R.L.”,  in its capacity as Data Controller of your personal data, pursuant to and for the purposes of Regulation (EU) 2016/679 hereunder under the “GDPR”, hereby informs you that the aforementioned legislation provides for the protection of data subjects with regard to the processing of personal data and that such processing will be based on the principles of fairness,  lawfulness, transparency and protection of your privacy and your rights. 

To achieve its purposes, relating to the management of the relationship, the Data Controller needs to acquire personal data, such as, by way of example, name and surname, telephone or mobile phone number, email address, tax code.

Your personal data will be processed in accordance with the legislative provisions of the aforementioned legislation and the confidentiality obligations provided for therein.

Purpose of processing: Provision of the service: Your data will be processed to respond to any requests that may be made to  the they can be received from the forms for compilation, and forms available on the website, or from requests received by email. 

Legal basis: The legal basis of the processing is contractual in terms of the terms in which data processing is envisaged a request for information followed by a response.

Consequences of failure to communicate: the processing of functional data for the fulfilment of these obligations is necessary for the correct management of the relationship and their provision is mandatory to implement the purposes indicated above. The Data Controller also informs that any non-communication, or incorrect communication, of one of the mandatory information, may cause the Data Controller to be unable to guarantee the adequacy of the processing itself.

Processing methods: The processing is carried out using manual and/or IT and telematic tools, so as to guarantee the security, integrity and confidentiality of the data in compliance with the physical and logical organisational measures, provided for by the provisions in force, so as to minimise the risks of destruction or loss, unauthorised access, modification and unauthorised disclosure in compliance with the procedures set out in art. 6,  32 of the GDPR.

Recipients: To carry out certain activities, or to provide support to the operation and organization of the activity, some data may be brought to the attention or communicated to recipients. These subjects are divided into: 

Third parties: (communication to: natural or legal persons, public authorities, agency or other body other than the data subject, the data controller, the processor and the authorised persons responsible for the processing) including: 

• Companies that manage traditional or computerized postal services 

• Any other subjects whose communication of data is necessary for the achievement of the above purposes indicate. 

Data Processors: (the natural or legal person, public authority, agency or other body that processes data personal data on behalf of the data controller)

• Providers of IT, web, or other services necessary to achieve the necessary purposes to the management of the relationship.

Within the company structure, your data will be processed only by personnel expressly authorized by the Data Controller, with assurance of the adoption of a confidentiality agreement and, in particular, by the following categories of employees:

• Administration; 

• Other employees whose processing is necessary for the proper execution of the relationship;

Dissemination: Your personal data will not be disseminated in any way.

Transfer of data to third countries:  The data controller does not transfer personal data to non-EU countries.  If necessary, the interested parties will be informed in advance, and safeguards will be adopted for the transfer to the recipients, which depending on the case may be: verification of the existence of adequacy decisions for the recipient country by the Commission, signing of standard contractual clauses, verification of the adoption of any additional measures in transposition of Recommendation 01/2020 EDPB.  Notwithstanding these guarantees, for data processing (ref.  of art.  49 of the GDPR), where applicable, the existence of a contract or pre-contractual measures in favor of the data subject or consent to the transfer is verified.

Retention period: We would like to point out that, in compliance with the principles of lawfulness, purpose limitation, data minimization, pursuant to Article 5 of the GDPR, the retention period of your personal data is established for a period of time not exceeding the achievement of the purposes for which they are collected and processed, in the event that a contract is signed, this retention period may end with forfeiture or withdrawal of the contract, the same may be retained, where applicable, for a further period of time for the purpose of managing any disputes, the legal basis for such storage is the legitimate interest of the data controller. 

Data Controller: the Data Controller, pursuant to the legislation, is “REVERSE  PARADIGM S.R.L.“, with legal and operational headquarters in Piazzale Roberto Ardigò, 30 – 00142 Roma (RM), P.iva: 04345950408, Tel: 0541657156 in the person of its pro tempore legal representative.  By sending an e-mail to the following address postmaster@reverseparadigm.com can request more information regarding the data provided.

Reg.to EU 2016/679: Art. 15, 16, 17, 18, 19, 20, 21, 22, 23 – Rights of the Data Subject

1. The data subject has the right to obtain confirmation of the existence or otherwise of personal data concerning him/her, even if not and their communication in intelligible form.

2. The data subject shall have the right to obtain information:

a. the origin of the personal data;

b. the purposes and methods of processing;

c. the logic applied in the case of processing carried out with the aid of electronic tools;

d. the identification details of the data controller, the data processors and the representative designated pursuant to Article 5, paragraph 2;

e. of the subjects or categories of subjects to whom the personal data may be communicated or who may be disclosed in their capacity as designated representative in the territory of the State, of managers or persons in charge.

3. The data subject has the right to obtain:

a. updating, rectification or, when interested, integration of data;

b. the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;

c. certification that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfilment proves impossible or involves the use of means manifestly disproportionate to the protected right;

d. data portability.

4. The data subject shall have the right to object, in whole or in part:

a. for legitimate reasons to the processing of personal data concerning him/her, even if pertinent to the purpose of the collection;

b. to the processing of personal data concerning him/her for the purpose of sending advertising material or direct sales or for the purpose of sending the performance of market research or commercial communication.

Complaint: Data subjects, if the conditions are met, also have the right to lodge a complaint with the Guarantor as the supervisory authority according to the procedures provided. For any further information, and to assert your rights under the European Regulation, you can contact the data controller at the references above.