|
Information pursuant to Article 13 of European Regulation 2016/679
Dear user,
COGES MOBILE SOLUTIONS, S.R.L. (hereinafter referred to as the "Data Controller"), would like to inform you about the processing of your personal data, carried out in full compliance with EU Regulation 2016/679 (hereinafter "GDPR").
|
Pursuant to art. 13 of the GDPR, we provide the following information with reference to your personal Data which the Data Controller will gain the availability of through the "Pay4Vend" app:
|
Data Controller
The Data Controller is COGES MOBILE SOLUTIONS, S.R.L. with registered office in via Degani,10 REGGIO EMILIA (RE) 42100 Italy, VAT no. 02666240359.
The Data Controller can be contacted by email at the support@pay4vend.com address.
|
|
Purpose of data processing
The provision of data is necessary to access and register with the software called "Pay4vend" and preparatory to benefit from the relevant functionalities, which will be enabled at the first connection to the vending machine.
The Data provided by you to the Data Controller will be processed:
a) for registration purposes, or instrumental to it, and in order to provide the Pay4Vend service;
b) to process any request for assistance to the requested services;
c) to fulfil any possible legal requirement, regulations, International regulations, provisions issued by authorities (such as, for example, accounting records and tax compliance; anti-money laundering legislation).
d) for possible marketing activities in the event that you give your consent in the forms provided by law (in the case, the marketing activity, always connected to the use of the Pay4vend software, will be managed by a different entity from the Data Controller, will be a data processor);
|
|
Legal basis for the processing
The Data Controller processes your Data lawfully when such processing:
art.6 a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes
art. 6, b)- processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
|
|
Consequences of failure to communicate Data and failure to provide consent
Failure to communicate your data prevents the completion of the contractual relationship and consequently the provision of the Service.
|
|
Data retention
Your data, subject to processing for the purposes indicated above, shall be retained for a period of 24 months from the last use of the Technology and, subsequently, for the time in which the Data Controller is subject to retention obligations for tax purposes or for other purposes provided for by law or regulation applicable on the national territory.
|
|
Recipients of the Data - Data Processors
In order to achieve the aforementioned purposes, your data may be disclosed to third parties who are involved in various capacities in the provision of the service provided, in the capacity of Data Processor, , subject to information and any request for consent, if necessary.
Your Data may be communicated to the Accounting and / or Tax and / or IT consultants engaged by the Data Controller, who may process the Data within the limits of the assignments received in their capacity as Data Processor.
|
|
Rights of the Data subject
We inform you that, as a data subject, With regard to all personal data processed may exercise the rights provided for by the GDPR and specifically:
- Right of access to data collected and processed (Art. 15);
- Right to have data rectified (Art. 16);
- Right to erasure and right to be forgotten (Art. 17);
- Right to obtain limitation of processing (Art. 18);
- Right to data portability to another data controller (Art. 20);
- Right to object to processing (Art. 21)
- Right not to submit to automated processing (Art. 22);
- Right of withdrawal of consent (where processing is based on consent), without prejudice to the lawfulness of processing based on consent given before withdrawal (Art. 7);
- Right to lodge a complaint with the Supervisory Authority (Art. 77);
|
|
Methods of treatment.
The personal data concerning you will be processed according to the principles of correctness, lawfulness, transparency and protection of your privacy and your rights. The data will be processed in the following ways:
- Access to data and files allowed only to data controllers;
- protection of data and areas through technical and organizational security measures as required by art. 32 GDPR, adequate and systematically monitored;
- registration and processing both by means of files and printed media and by means of computerised media
- storage by means of storage and storage in paper archives but mainly in the hardware systems of the Data Controller or its manage
|
|
|