Mimat Srl, with registered offices in Via I. Newton, 11/13 36034 Malo (VI), VAT No.03078760240 (hereinafter "Mimat"), in its capacity as the data controller, informs you pursuant to art. 13 of It. Leg. Decree 30.6.2003 no. 196 (hereinafter "Privacy Code")
and art. 13 EU Regulation no. 2016/679 (hereinafter "GDPR") that your data will be processed as follows and for the purposes below:
1. What we process
Mimat processes personal and identification data (for example, name, surname, company name, address, telephone, e-mail, bank and payment details – hereinafter, “personal data” or also “data”) transmitted by you during the conclusion of contracts for Mimat
2. Why we process data
Your personal data is processed without your express consent (art. 24 lett. a), b), c) of Privacy Code and art. 6 lett. b), e) of the GDPR), for the following Service Purposes:
- to conclude contracts for Mimat services;
- to fulfil pre-contractual, contractual and fiscal obligations deriving from existing relationships with you;
- to fulfil the obligations established by law, by regulation, by EU legislation or by an order of the Authority (for instance to fight money laundering);
- exercise the rights of Mimat, for example the right to defence before a court.
3. How we process data
Your personal data is processed according to the operations specified in art. 4 of the Privacy Code and art. 4 no. 2) of the GDPR and namely: collection, registration, organisation, retention, consultation, processing, modification, selection, extraction,
comparison, use, interconnection, blocking, transmission, erasure and destruction of data. Your personal data undergoes both paper-based and electronic and/or automated processing. Mimat will process the personal data for the time required to fulfil
the above purposes and in any case for no more than 10 years from the termination of the relationship for the Purposes of the Service.
4. Data access
Your data may be made accessible for the purposes referred to in art. 2:
- to Mimat employees and collaborators, in their capacity as persons in charge and/or internal processing managers and/or system administrators;
- to third-party companies or other parties (by way of example, credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, etc.) providing outsourced services for Mimat, in their capacity as external
5. Data transmission
Without the need for express consent (pursuant to art. 24 lett. a), b), d) of the Privacy Code and art. 6 lett. b) and c) of the GDPR), Mimat may transmit your data for the purposes of art. 2 to Supervisory Bodies (such as IVASS), Judicial Authorities,
to insurance companies for the provision of insurance services, as well as to parties to whom communication is mandatory by law to fulfil said purposes. Said parties will process the data in their capacity as independent data controllers. Your information
will not be disclosed.
The data is stored and controlled by using suitable preventive security measures, aimed at minimising the risk of loss and destruction, unauthorised access, unauthorised processing and processing in violation of the purposes for which the processing is
7. Data transfer
Personal data will be managed and held in the EU.
8. Data subject rights
In your capacity as the data holder, you are entitled to the rights in art. 15 of the GDPR and namely: i. to obtain confirmation of the existence or non-existence of personal data concerning you, even if not recorded yet, and its transmission in an intelligible
form; ii. to obtain information on: a) the origin of the personal data; b) the processing purposes and methods; c) the logic applied in case of processing carried out with the support of electronic tools; d) the identity of the data controller, data
processors and the representative appointed pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, of the GDPR; e) the parties or categories of parties to whom the personal data may be transmitted or who may learn about it as
appointed representatives in the State, as data controllers or appointed personnel; iii. to obtain: a) the update, rectification or integration of data; b) the deletion, transformation into an anonymous form or blocking of data processed in violation
of the law, including data whose retention is unnecessary for the purposes for which the data was collected or subsequently processed; c) the declaration that the operations referred to in letters a) and b) have been brought to the attention, also
in terms of content, of those to whom the data has been transmitted or disclosed, unless this obligation proved impossible to fulfil or involves the use of means manifestly disproportionate to the protected right; iv. to object, in whole or in part
on legitimate grounds, to the processing of personal data concerning you, even if pertinent to the purpose of the collection. Where applicable, you also have the rights referred to in art. 16-21 of the GDPR (Right of rectification, right to be forgotten,
right to limitation of processing, right to data portability, right to object), as well as the right to file a complaint with the Watchdog.
9. How to exercise your rights
You can exercise your rights at any time by contacting us: 1. via e-mail at firstname.lastname@example.org
2. or via e-mail with acknowledgement of receipt at: Mimat Srl, Via I. Newton 11/13 - 36034 Malo (VI)
10. Data controller, data processor and appointed personnel
The data controller is Mimat Srl. The updated list of data processors and appointed personnel is held and available for consultation at the headquarters of the Data controller.