Diadora S.p.a., with registered office at Via Montello no. 80, in Caerano di San Marco – Treviso, as data controller of your personal data (hereinafter the “Controller”), provides this information notice to the Data Subject in compliance with the European Union and Italian legislation on personal data protection.
The Data Controller has appointed a Data Protection Officer (DPO), which the Data Subject may contact by writing to the following address: firstname.lastname@example.org
Purposes and legal basis of the processing
The Controller processes your data for various purposes:
- respond to requests forwarded through this form, including to obtain information on its products or services (including the sending of brochures, catalogues and/or other corporate information material), to obtain a quote, etc.: in this case, the consent is not required because the processing is necessary to comply with these requests;
- use the Data Subject’s contact information (e-mail address, home and mobile phone number, postal address) to carry out satisfaction surveys and opinion polls, send commercial communications containing information about its products or services, as well as promotions or invitations to events in which the Controller will participate: for this purpose, the express consent of the Data Subject is required. The Data Subject’ consent may be granted and revoked for some of the aforementioned activities only.
Data retention period
The Controller intends to process the data during the following retention period:
- the retention period in relation to your requests for information will be three months from the reply;
- the data provided to enable the Controller to send the commercial communications described above will be kept for 24 months from the last communication, regardless of the channel used;
Mandatory or optional disclosure of data and consequences of the refusal of consent
The provision of data for the purposes referred to in point 1) above is necessary; therefore, any refusal to supply it, whether in whole or in part, may result in the Controller being unable to pursue the above mentioned purposes. The disclosure of your data is optional for the other purposes: where no data is supplied, the Controller will not be able to carry out the corresponding activities but will, in any case, be entitled to pursue the purposes referred to in point 1) above.
Categories of recipients
The Controller will not disseminate your data, although it intends to disclose it to its personnel authorised to carry out the processing as part of their respective duties, as well as commercial agents, credit institutes, credit insurance, credit recovery, commercial information, factoring and consultancy companies, associations and/or business organisations, professionals or service companies, as well as public and private bodies, including following inspections and audits.
In order to be tasked with processing your data on behalf of the Controller, those recipients will be appointed as data processors under a specific agreement or other legal document.
Transfer of data to a third country and/or an international organisation
The data will not be transferred to third non-EU countries nor to international organisations.
Data subjects’ rights
The Data Subject may request from the Controller access to and rectification, where inaccurate, or erasure of his/her personal data and restriction of the data processing, where the relevant conditions are met; he/she may also object to the processing for legitimate interests pursued by the Controller and obtain the portability of personally provided data only if this is subject to automated processing based on consent or contract. Moreover, the Data Subject may withdraw his/her consent when this is necessary to pursue the processing purposes. In this case, however, the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
The Data Subject may exercise his/her rights by sending the form available here to the Controller at the following e-mail address: email@example.com. The Data Subject may also lodge a complaint with the competent authorities, i.e., the Garante per la protezione dei dati personali [Italian Data Protection Authority] (www.garanteprivacy.it).