Privacy Information notice under Article 13 of the EU 2016/679 Regulation

For Privacy Protection Policy, for the website www.food-forward.it (hereinafter the “Website“) refers to the measures implemented by Officine Innovazione S.r.l. (hereinafter the “Company“) in his capacity of Data Controller, provides the following privacy Information notice pursuant to Art.13 of the EU 679/2016 Regulation (hereinafter the “Regulation” or “DGPR”) related the protection of personal data of the following provisions.

  1. Categories of Personal Data

The personal data collected shall be those provided by the applicants when filling in the online application form (complete name, e-mail address) (hereinafter the “Data”), other additional data provided through the Web navigation. This personal data will be handled according to the Regulation and the Italian Law, including potential orders issued by the Italian Supervisory authority (Garante per la protezione dei dati personali), if applicable;

  1. Purpose of processing

The Company shall process the personal data above strictly for the following purposes purpose, including:

  1. enabling the request of information, in order to answer to the question;
  2. subject to your express consent, the Data collected through the completion of the contact form (name, e-mail address) will be used for sending informative communications, including any invitations to events and / or conferences organized or otherwise sponsored by the Company;
  3. c) branding and promotion of the services of Deloitte;

Personal data will be processed by the Company also for compliance with legal and regulatory provisions (e.g. Fiscal and accounting obligations).

The interested parties (hereinafter the “Interested Parties”) shall authorize the processing of their personal data for the above mentioned purposes in order to provide a valid application and attend the Event. In fact, the processing will be based on point (a) of Art.6 (1) of the Regulation.

  1. Means of data processing

Personal data will be processed using computerized and transmission systems, specially designed to allow data storing, management and transmission. Personal data shall be processed fairly, lawfully and transparently, ensuring respect for the right to privacy and other rights of the data subject.

  1. Mandatory or voluntary nature of data provision

The providing of data is not mandatory, however, however it is strictly functional to the request for information to the Company. Failure to provide data or incomplete information will prevent the owner of Data to complete the request.

  1. Communication, release of Data and data transfer

Without prejudice to the information provided for compliance with legal and contractual obligations, the personal data collected might be communicated, for the above listed purposes to:

  • companies and other legal entities of the Deloitte Network
  • companies and/or natural persons providing services to Deloitte
  • third persons to whom access to personal data is granted by law, regulation and Community provisions, strictly according to law.

Some of the Data recipients might not be located in the European Union. The Controller shall ensure adequate protection for the transfer of personal data to Third countries, according to the provisions laid down in the Regulation at Chapter V (articles 44 to 49). This will include, among others, contractual means and the adoption of standard contractual clause. A list of data recipients located outside of the European Union, shall be made available to the data subject at his or her request to the Data Protection Officer.

Within the Organizational Structure of the Company, personal data will be handled from authorized subjects, acting under the authority of the Company and following its instructions. Personal data will be processed mainly using electronic and hand systems, according to the principles laid down in Art.5 of the Regulation.

In accordance with the specific nature of the request, personal data of the Interested Parties might be diffused for the above-mentioned purposes.

  1. Data Storage

Personal data shall be retained in accordance with applicable legal requirements for data protection trough the duration of the Event and for as long as necessary to fulfill the purposes for which they are collected. Personal data necessary for compliance with fiscal and civil obligations will be retained to comply with the obligations concerned.

  1. Rights of the data subject

With regard to the processing of personal data, the data subject might exercise all the Rights provided under articles 15 to 21 of the Regulation, including:

  • The right to obtain from the Controller confirmation as to whether or not personal data concerning him or her are being processed, and where that is the case, access to the personal data and the information provided at Art. 15 of the Regulation (Right of access);
  • The right to obtain from the Controller, without undue delay, the rectification of inaccurate personal data concerning him or her, the data subject shall have the right to have incomplete personal data completed (Right to rectification);
  • The right to obtain from the Controller the erasure of personal data when this data have been unlawfully processed, and the erasure of personal data for which there are no overriding legitimate grounds for the processing (Right to be forgotten);
  • The right to object at any time to processing of personal data concerning him or her;
  • The right to withdraw his or her consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
  • The right to lodge a complaint with the Supervisory Authority in case of violation of the data protection legislation;
  • The right to object at any time to processing of personal data concerning him or her;
  • The right to withdraw his or her consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
  • The right to lodge a complaint with the Supervisory Authority in case of violation of the data protection legislation;
  • The right to receive the personal data concerning him or her, which he or she has provided to a Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another Controller (Right to data portability);

To exercise these rights, the data subject shall submit a request to the Controller at the address indicated above.

  1. Data Controller

Officine Innovazione S.r.l. with registered office in Milan, via Tortona 25, 20144.

I accept to receive commercial communications customized by the Company, and/or by third parties:

  • I expressly agree to receive from the Company, both on behalf of the Company and/or on behalf of third parties, commercial communications, promotions, direct offers and newsletters, also different from brokering, through traditional methods, by using the telephone operator and/or also through automated systems (e-mail, SMS, MMS, Fax).

I authorize the processing of my data for profiling purposes:

  • I authorize the processing of my personal data, also integrated with additional data acquired from third parties that, where applicable, have regularly collected your specific consent to personal data transfer to other independent owners, for profiling purposes aimed at personalizing direct marketing from the Company also through the use of electronic and automated tools.

I authorize the communication and/or transfer of my data to business partners, even in non-EU countries:

  • I authorize the communication and/or transfer of my data to business partners, as indicated in the Privacy Information notice – also to countries not belonging to the European Community – for their marketing and commercial initiatives with both automated (e-mail, SMS, MMS, Fax) and not automated tools (paper mail, telephone with operator) in order to promote products and/or services also different from those related to the one offered by the Company.