M.P.C. – Musso Personal Computer S.r.l. (net division)
(version July 2019)
Dear visitor to the website www.sinedtechnology.com , simply browsing the site does not entail any conferment of personal data except for data collected via cookies, for details of which please refer to the specific section.
In the case of on-line contact (online support via chat) there is no exchange of personal data except for those data communicated by the customer during the request.
MPC processes personal information in compliance with the provisions on the protection of personal data and the principles of correctness, lawfulness, transparency, integrity and confidentiality.
The Controller invites you to read this information carefully.
The data controller of the personal data of the e-commerce websites www.mpcnet.it, is MPC – Musso Personal Computer s.r.l.- Via Luigi Pulci, 15, – 20126 Milano (MB) – C.F. and REA 11811400456 | P.Iva: 11811400456 – PEC firstname.lastname@example.org.
For any information you may contact the Data Controller at the e-mail address email@example.com.
ORIGIN OF YOUR DATA AND CATEGORIES OF PROCESSED DATA
The data processed are anonymous data collected by the site or communicated within the contract form. The service provided also includes “on-line support” where you can exchange information with one of our employees. The online support provides for the communication of only those data that are indispensable to provide the service. You are invited to limit the personal information communicated during the assistance phase to the indispensable minimum.
INFORMATION COLLECTED WHEN BROWSING THE SITE – COOKIES
PURPOSE OF THE TREATMENT
MPC – Musso Personal Computer s.r.l. processes your personal data as defined and indicated above for the purposes illustrated below and according to the lawfulness bases mentioned in the GDPR and specified alongside.
a) To respond to specific requests from visitors to the site (GDPR, art. 6, paragraph 1, letter b), and for the relative sending of information and/or informative material;
b) For legal obligations to which the data controller is subject (GDPR, art. 6, paragraph 1, letter c);
c) For the pursuit of the legitimate interest of the data controller (GDPR, Art. 6, para. 1, lett. f). By way of example only:
– the security and safeguarding of its information systems and site;
– fraud prevention;
– protection of the company’s rights in and out of court.
– statistical analysis of the visits made and the most visited pages;
the mpc-net site does not carry out profiling.
The services provided are in line with the provisions of Legislative Decree 70/2003 “Implementation of Directive 2000/31/EC on certain legal aspects of information society services in the internal market, with particular reference to electronic commerce”.
OBLIGATION TO PROVIDE DATA
The provision of the requested personal data is compulsory to enable the proper provision of the service under the contract.
PLACE OF DATA PROCESSING AND PROCESSING METHODS
Your data is processed on Italian territory. All operations – collection, processing, consultation, printing, filing, modification, updating – may be carried out on paper or by means of electronic instruments.
COMMUNICATION OF YOUR DATA TO THIRD PARTIES
MPC s.r.l. directly manages the development and maintenance of its websites; the website and the mail domain used for receiving visitors’ requests and sending information are managed in hosting by Aruba S.p.A within the territory of the European Union.
Some products/services provided to customers are connected to cloud services managed by AWS (Amazon Web Services INC. – Ireland.) AWS INC. is registered in the register of cloud service providers (CSP) for the public administration “cloudmarketplace” through a qualification process managed by the Agenzia Italia Digitale (AgID).
Personal data related to the contract, appropriately minimised, will be transmitted to:
– Invoicing management system of the Revenue Agency;
– Accountant for the execution of bookkeeping.
Only the minimum data necessary for the execution of the part of the service for which they are responsible will be communicated to these subjects. These subjects, where applicable, will be appointed as data processors. None of these subjects is authorised by MPC s.r.l. to carry out further processing.
In case of purchase with electronic money, the sales system interfaces with the banking system. In this case no personal data are transmitted to the banking system, but only data related to the purchase (order number, amount). Personal data are requested by the banking system, which acts as an independent data controller.
Personal data are processed by persons in charge of the processing under the authority of MPC s.r.l., all of whom are instructed on the relevant privacy regulations.
Personal data are not subject to dissemination.
DATA RETENTION PERIOD
The data collected for the purposes a) and b) of the previous point will be kept for the period envisaged by law and no longer than 10 years from the end of the calendar year in which the sale took place.
Data collected for the purpose c) shall be retained for 1 year from the end of the year of the request, without prejudice to other legal terms.
Data, including personal data, provided by customers are stored as specified in the contract.
With reference to your data and its processing by mpc s.r.l., you may, with the exceptions provided for by the regulations in force, exercise the following rights
– right of access to your personal data, pursuant to Article 15 GDPR;
– the right to rectification of your personal data, pursuant to Article 16 GDPR;
– right to erasure of your personal data, pursuant to Article 17 GDPR;
– right to restriction of processing of your personal data, pursuant to Article 18 GDPR;
– the right to portability of your personal data, pursuant to Article 20 GDPR
– right to object to the processing of your personal data, pursuant to Article 21 GDPR.
You may address any request regarding your rights to the e-mail address: firstname.lastname@example.org.
You also have the right to lodge a complaint with the supervisory authority in accordance with Article 77 GDPR.
The data controller reserves the right to update this notice. The interested party is invited to always take note of the updates published on the site.
Privacy Regulation: Set of all legislation relating to the protection of personal data represented by, but not limited to: EU Regulation 2016/679 (GDPR), Legislative Decree 196/2003 (CODE), Directive 680/2016, Legislative Decree 101/2018, Legislative Decree 51/2018, EDPB Guidelines (formerly WP29), deontological rules and general authorisations of the Guarantor Authority, measures of the Guarantor Authority where applicable, international scope legislation, e-privacy Guidelines, technical standards on the security of processing, …. ).
Processing: any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
Data controller: the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data
Personal Data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable person is one who can be identified, directly or indirectly, by reference in particular to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his physical, physiological, genetic, mental, economic, cultural or social identity.
Special Data: (or sensitive) Special categories of personal data: Personal information relating to ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, state of health, life or sexual orientation of the data subject, as well as genetic, biometric and geolocation information.
Data Subject: an identified or identifiable natural person connected to the Customer (such as contact details) to whom the data refer.
User: general visitor to the website.