INFORMATION ON THE PROCESSING OF PERSONAL DATA

BN DI NAVIGAZIONE S.P.A., Data Controller of personal data already communicated or that will be communicated in the future, wishes to inform you that the data concerning you may be processed, in compliance with the European Regulation on theprotection of personal data 2016/679 / EU (hereinafter also “Regulation” or “GDPR”), by the Company in relation to contractual relationships with you or those that may be entertained in the future.

La società BN DI NAVIGAZIONE S.P.A.
with registered office in CALATA ITALIA 24/A – 57037 – PORTOFERRAIO (LI) – P.I.: 01968710994
PEC: [email protected] – E-MAIL: [email protected]
TEL.: +39 0565.269752 – FAX: +39 0565.919894 (hereinafter, the “Soc ietà”) informs that it is the Data Controller.

The Data Controller may process the following types of personal data communicated by you on the occasion of the conclusion of contracts for the services rendered by the Data Controller:
–  personal and contact data (name, surname, company name, VAT number, SDI code, tax code, address of residence / domicile / registered office, date of birth, nationality, place of residence, license plate and model of the vehicle; telephone number and / orfax; email and / or PEC address, tax data, accounting data.).
–  data necessary to allow the accreditation of the remuneration (bank data, accounting, etc.) and in general the execution of the employment relationship (eg data of the legal representative whosigns the contract on behalf of the customer and / or supplier, etc.).
Personal data will be kept for the entire duration of the contractual relationship and their cancellation is expected at the end of the relationship, unless other regulatory obligations (eg fiscali) and not (eg defense in court of a right of the Data Controller or third parties) do not require longer retention times.

Your personal data, subject to processing for the purposesindicated above, will be kept for the duration of the contract and, subsequently, for the time in which the Data Controller is subject to retention obligations for tax purposes or for other purposes, provided for by law or regulation.
With regard to marketing purposes, your data will be processed for the duration of the contract, without prejudice to your right of revocation.
Subsequently, the data will be stored until the statutory limitation period withreference to the individual rights enforceable by the parties. After these terms, your data will be anonymized or deleted, unless it is necessary to keep it for other and different purposes provided for by express provision of the law.

The personal data provided by the interested party for the purposes described in art. 3 above, may be brought to the attention of or communicated to the following subjects:
(i)  employees and / or collaborators of the Data Controller, as well as professionals and / or professional firms in charge of the administrative and accounting management of the contractual relationship;
(ii)  public or private subjects for tax purposes, etc. (e.g. Revenue Agency, etc.);
(iii)  public or private subjects who, byvirtue of legal provisions and / or an administrative or judicial measure, have the right to access it;
(iv)  private subjects used by the Data Controller for the pursuit of one or more of the purposes indicated in paragraph 2 above (credit institutions;accounting firms, labor consultants; companies offering IT services, etc.).

The Data Controller does not transfer personal data to third countries or to international organizations.
In the possibility of transferring data to a third country or an international organization, for the possible use of cloud services, in which case, it will be the task of the Data Controller to ascertain that for the recipient country where the service providers operate, there is an adequacy decision of the European Commission, or the reference to adequate guarantees pursuant to articles 46 – 49 of the GDPR. The list of “responsible for the processing of personal data” pursuant to art. 28 of the GDPR possibly appointed will be consultable at the headquarters of the Data Controller or can be requested by sending a written request to: [email protected]

Arts. 15-22 of the Regulation confer on the interested party the exercise of the following rights:
• request confirmation of the existence or otherwise of their personal data;
• obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated, and when possible, the retention period;
• obtain the correction and deletion of data;
• obtain the limitation of processing;
• obtain data portability, i.e. receive them from the Data Controller, in a structured format, commonly used and readable by automatic device, and transmit them to another data controller without hindrance;
• oppose an automated decision-making process relating to individuals, including profiling;
• if the processing is based on consent, revoke your consent at any time(ex art.7 paragraph 3 GDPR).

The above rights may be exercised by the interested parties by contacting the Data Controller by sending an email to the email address [email protected], by registered letter with return receipt addressed to BN DI NAVIGAZIONE S.P.A., CALATA ITALIA 24 / A – 57037 – PORTOFERRAIO (LI), or to the PEC address: [email protected].
Pursuant to Article 77 of the GDPR, if the interested party considers that the processing concerning your personal data violates this regulation, he has the right to lodge a complaint with the Supervisory Authority, which in Italy is the Guarantor Authority for the protection of personal data, Piazza Venezia n. 11 – Scala B, 00187, Rome (RM) – www.garanteprivacy.it.