The Future of Loyalty in the Data Era
Increasingly sophisticated and personalized customer experiences...
Read more
Privacy Notice
(art. 13 Reg. UE 2016/679)
Dear Data Subject,
Exelab S.r.l., as the Data Controller, processes your personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR), ensuring the protection of your information.
Pursuant to Article 13 of the GDPR, we provide you with the following information regarding the processing of your personal data and your rights under the law.
Purposes of Processing
The Data Controller collects and processes personal data for the following purposes:
- To allow the data subject to submit inquiries to the company;
- To provide responses, which may include information regarding the services offered, pricing, etc.
The legal basis for processing is the performance of pre-contractual obligations between the Data Controller and the data subject.
Categories of Personal Data Collected and Processed
The Data Controller collects and processes the following personal data:
- Identification data (e.g., name and surname);
- Contact details (e.g., email, phone number);
- Information regarding the corporate role held (optional);
- Details of the inquiry submitted.
Processing Methods
Your personal data will be processed using both paper-based and electronic methods, in compliance with data protection regulations, particularly with Article 32(1) of the GDPR, ensuring adequate technical and organizational security measures to maintain data integrity, confidentiality, and availability.
Source of Data
The data is collected directly from the data subject.
Categories of Recipients
Access to personal data is granted only to employees and collaborators of the Data Controller who require it to respond to inquiries, particularly:
- Administrative staff
- IT staff
- Commercial staff
All employees and collaborators have been informed and trained on the importance of complying with data protection principles and regulations.
Additionally, the Data Controller shares the personal data of data subjects with third-party service providers who assist in managing responses, particularly:
If a service provider gains access to personal data, it will do so in full compliance with data protection laws and under the instructions of the Data Controller. The Data Controller will not disclose personal data to other third parties without the data subject’s consent, unless required by law or regulatory authorities, including in the following cases:
- When necessary for national security reasons;
- For reasons of public interest;
- In response to requests from public authorities.
Providing personal data is optional; however, failure to provide the required data will make it impossible for the Data Controller to process the inquiry and provide a response.
Transfer of Personal Data
Your personal data will not be transferred outside the EU or to international organizations.
Data Retention Period
The Data Controller retains personal data only for the time necessary to fulfill the purposes for which it was collected or as required by specific legal or civil prescription periods.
Automated Decision-Making
No automated decision-making processes are applied to your personal data.
Rights of the Data Subject
You may exercise your rights under Articles 15-22 of the GDPR. Specifically, you have the right to request:
- Access to your personal data;
- Rectification of inaccurate or incomplete data;
- Erasure of your personal data;
- Restriction of processing under certain conditions.
Additionally, you have the right to:
- Object to the processing of your data if it is processed based on the legitimate interest of the Data Controller, should you believe your fundamental rights and freedoms are being violated;
- Withdraw your consent at any time for processing activities where consent is required;
- Request data portability, meaning you can receive your data in a structured, commonly used, and machine-readable format.
Contact Details of the Data Controller
You may exercise your rights without any formal requirements by contacting:
Exelab S.r.l.
Address: Via Angelo Poliziano, 43 – 00184 Rome (RM)
Email: privacy@exelab.com
PEC (Certified Email): exelab@pec.it
The Data Controller will respond to your request within the legally prescribed timeframes.