Privacy Policy

PRIVACY POLICY
Mvtech Srl (hereinafter "owner") provides you, pursuant to art. 13 Legislative Decree . no. 196/2003 (hereinafter "Privacy Code") and art. 13 EU Regulation no. 2016/679 (later GDPR) the following information:
  1. SUBJECT OF THE TREATMENT . The owner processes personal, identifying and non-sensitive data (e.g. name, surname, tax code, VAT number, email, telephone number, etc.) - hereinafter "data" - communicated by you when requesting information through the owner's website, or when registering on the owner's website or when subscribing to the newsletter service offered by the owner.
  2. PURPOSE OF THE TREATMENT.
    Your data is processed:
    A. without your express consent (art. 24 lett. a, b, c Privacy Code and art. 6 lett. b, and GDPR) for the following service purposes:
    - respond to your requests for information;
    - conclude the contracts for the owner's services;
    - fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships with you;
    - fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority (e.g. in the matter of anti-money laundering);
    - exercise the rights of the owner (e.g. right of defense in court for breach of contract);
    - prevent or discover fraudulent activity or abuse harmful to the website.
    B. Only with your specific and distinct consent (Articles 23 and 130 of the Privacy Code and Article 7 of the GDPR) for the following information and marketing purposes:
    - allow you to register on the website;
    - allow you to subscribe to the newsletter service provided by the Data Controller and any additional services you may request;
    - send you via email newsletters, commercial communications and/or advertising material on products or services offered by the Data Controller and detection of the degree of satisfaction with the quality of services;
    You can, however, revoke the consent given for the treatments indicated under B. at any time by sending an e-mail to that effect without formalities to the address specified in point 10.
    We point out that, if you are already our customer, we will be able to send you commercial communications relating to the owner's services and products similar to those you have already used, unless you disagree (Article 130 paragraph 4 of the Privacy Code).
    If the owner intends to process your data for a purpose other than those described in this paragraph, you will be informed before such further processing.
  3. LEGITIMATE INTERESTS OF THE HOLDER .
    The legitimate interests of the owner consist in respecting and honoring the contractual obligations signed by the parties. Pursuant to art. 6 GDPR the lawfulness of the processing is based on the clearly expressed consent of the interested party.
  4. DATA ACCESS AND COMMUNICATION .
    Your data may be made accessible for the purposes referred to in point 2:
    A. to employees and collaborators of the owner in their capacity as persons in charge and/or internal data processors and/or system administrators;
    B. to third parties (credit institutions, transport companies, professionals and external consultants (e.g. the accountant) for the sole purpose of credit protection and better management of our rights relating to the individual commercial relationship) who carry out outsourced activities on behalf of the owner, in the capacity of independent external owners or data processors appointed by the owner.
    Without your express consent (art. 24 letter a), b), d), of the Privacy Code and art. 6 lett. b) and c) GDPR) the holder may communicate your data for the purposes referred to in point 2.A. to supervisory bodies, judicial authorities as well as to all other subjects to whom the communication is mandatory by law for the accomplishment of the aforementioned purposes.
    These subjects will process the data in their capacity as independent data controllers.
    Your information will not be disseminated.
    The management and storage of data will take place on servers (located within the European Union) of the owner and/or third-party companies appointed and duly appointed as data processors. The data will not be transferred outside the European Union.
  5. OPTIONAL / MANDATORY PROVISION .
    The provision of data for the purposes referred to in point 2.A. it is mandatory as it is required by legal and contractual obligations. Any refusal to provide them or any subsequent lack of authorization for their treatment may determine the impossibility of the owner to proceed with the contractual relationships themselves (the interested party does not receive the service, breach of contract with related liability, non-fulfilment of law with related legal sanctions, etc.). The provision of data for the purposes referred to in point 2.B. however, it is optional and failure to provide them or failure to authorize the processing will make it impossible to send you newsletters, commercial communications and/or advertising material on products or services offered by the owner and detection of the degree of satisfaction with the quality of the services.
  6. DATA STORAGE TIMES .
    Without prejudice to the five-year or ten-year terms for keeping only documents and related data of a civil, accounting and tax nature as required by the laws in force, any other data will be kept for 5 years from the termination of the supply/supply of the service/product withdrawal of consent or request for cancellation by you.
  7. RIGHTS OF THE INTERESTED PARTY .
    Except in cases of legal obligations, public interest or the exercise of public authority, you have the right, at any time, to revoke your consent to the processing of data and, in this case, the lawfulness of the processing based on the consent expressed before the revoke. The art. 7 of the Privacy Code and art. 15 of the GDPR grants you, as an interested party in the treatment, the exercise of specific rights, including that of obtaining from the owner confirmation of the existence or otherwise of your personal data and their making available in an intelligible form; the right to have knowledge of the origin of the data, of the purposes and methods of the processing, of the logic applied to the processing, of the identification details of the owner and of the subjects to whom the data may be communicated; the right to obtain the updating, rectification and integration of data, cancellation, transformation into anonymous form or blocking of data processed in violation of the law; the right to object, for legitimate reasons, to the processing of your data.
    The GDPR provides for the right to have your data forgotten (art. 17), to their limitation (art. 18), to their portability (art. 20) and, in the event of an automated decision-making process (so-called profiling), to their humane treatment (Article 22).
    The exercise of rights is not subject to any formal constraint and is free.
  8. TIMES OF RESPONSE TO INSTITUTIONS.
    In the event of a request from you for information relating to your data, the owner will reply as soon as possible - unless this proves impossible or involves a disproportionate effort - and, in any case, no later than 30 days from the request. Any impossibility or delays by the owner in satisfying the requests will be justified.
  9. CLAIMS AND APPEALS.
    If you feel harmed in one of the rights listed in point 7, you can lodge a complaint with the Guarantor for the protection of personal data (following the procedures and indications published on the Authority's website at www.garanteprivacy.it ) or an appeal administrative or judicial.
  10. OWNER OF THE TREATMENT.
    The data controller is the legal representative of MV Tech srl who can be contacted for any request, request or information, including the exercise of the rights referred to in point 7. Email:info@aqvaboats.com