GOVERNING THE PROTECTION OF PERSONAL DATA
IN ACCORDANCE WITH EU REGULATION 2016/679 OF THE EUROPEAN PARLIAMENT AND COUNCIL
Given the following, for the purposes of these regulations:
This is the natural person or legal entity, public authority, service or any other type of body which, whether individually or with other parties, determines the purposes and means of the handling of personal data. When the purposes and means of the handling are determined by the law governing the European Union or the Member States, the Data Controller or specific criteria which apply to its assignment may be established by the law governing the European Union or the Member States.
This is the natural person or legal entity, public authority, service or any other type of body which handles the personal data on behalf of the Data Controller.
Data Protection Officer
This is the new figure appointed by the Data Controller. He/she checks to ensure European Regulations and data security are implemented and applied. He/she also checks to ensure the requests of interested parties to exercise rights recognised by the Regulations are dealt with, and ensures that the Data Controller or Supervisor conduct impact assessments on data protection, and that they request prior authorisation or prior consultation where required.
Third party (Person processing the data)
This is the natural person or legal entity, public authority, service or any other type of body which is not the individual concerned, the data controller, the data supervisor and the persons authorised to handle the data, under the direct authority of the controller or supervisor.
Personal data (interested party)
Any information concerning an identified or identifiable natural person ("interested party"); any person who can be identified, whether directly or indirectly, with particular reference to an identifying element such as a name, identification number, data pertaining to location, an online identification or one or more elements which are characteristic of his or her physical, physiological, genetic, psychological, economic, cultural or social identity, can be considered identifiable.
This is any operation or set of operations, conducted with or without the assistance of automatised processes and applied to personal data or sets of personal data, such as:
adaptation or alteration;
communication by transmission;
diffusion or any other form whereby it is made available;
comparison or interconnection;
cancellation or destruction.
Given all the above, the company hereby states that:
THE DATA CONTROLLER IS:
Forever Living Products Italy S.R.L., a single-member company
Headquarters: Via del Casaletto 305, 00151 - Rome Italy
THE DATA SUPERVISOR IS:
Dott.ssa Carmela Bernardo
Direttore Amministrativo e delle Risorse Umane
Tel: (+39) 06.88 69 8273
Fax: (+39) 06. 88 69 8261
The list of external data officers is available by requesting it from the Data Supervisor, Dott. Dejan Knezevic, General Manager, e-mail: firstname.lastname@example.org
PURPOSE OF THE HANDLING
The personal data involved in the handling, and in particular identifying, administrative, accounting and fiscal, commercial, any of a computerised nature, directly linked to the client or, for data of a purely identifying and computerised nature, to other interested parties (such as staff, employees, referees etc.) communicated by them in executing and fulfilling relationships with the controller, and in observing and respecting provisions governing the handling and protection of personal data, is used for pursuing goals which are instrumental and/or complementary to the activities as set out in the articles of association and which are required to fulfil the contractual/pre-contractual relationship held with the interested party in relation to the services requested by it. In the case of purchases made by the interested party via the Controller's website, we would hereby inform you that the data supplied via the relevant form on the page for entering data shall be handled to fulfil the order, and for purposes linked and instrumental to managing the order and after-sales activities, including any complaints. If consent is given, the data shall also be handled for sending information, commercial and promotional messages concerning activities and services offered by the Controller. This shall be done using automatic means such as e-mail and SMS, as well as traditional means such as telephone contact with an operator, in full compliance with the principles of lawfulness and fairness, and legal provisions.
The data is handled using computerised and telecommunication means and is conducted by internal parties appointed for the purpose. The data is stored in electronic archives with full assurance of the suitable safety measures as stipulated by the New European Regulation 2016/679.
COMMUNICATION AND DISTRIBUTION
The data gathered shall not be divulged or distributed. Any communication to third parties other than the Controller and officers, both internal and external to the company, and the persons appointed to handle the data as identified and appointed, is provided to public bodies as legally required, to the Companies of the Group to which the Controller belongs for administrative and accounting purposes, and where necessary for pursuing the purposes indicated, and in any case within the limits of the same, to third-parties and third-party companies, such as legal and sector consultants, debt collection companies and contractual consultants, dispatchers, third-party companies supplying technical and IT assistance who work to ensure the purposes described are pursued in a fair and proper manner. In any case, the handling by third parties must be carried out in a professional manner and in compliance with the legal provisions in force.
The data shall be stored for the time deemed necessary to fulfil the administrative, accounting and fiscal requirements linked to the established relationship, as well as those resulting from obligations stipulated by law, and in any case within the time limits established for the rights and obligations involved in handling. With reference to handling for purposes of sending commercial and promotional communications of the Controller's services and for sending information messages concerning its activities, the data shall be stored until the interested party exercises the right of opposition adopting the methods made available on a periodic basis for these purposes. Opposition to handling can be submitted by the interested party independently by either means of sending.
PROVISION OF PERSONAL DATA
The provision of data is obligatory to fulfil the requirements stipulated and sanctioned by law. For the remainder, provision is optional but necessary, and any refusal by the interested party shall render it impossible for the Controller to fulfil the relationship being established and implement it properly. Consent for handling the aforementioned data is not necessary in that the data is gathered for fulfilling legal obligations and/or for implementing obligations resulting from the contract in place or from so-called pre-contractual obligations.
RIGHTS OF THE INTERESTED PARTY
Rights of the interested party
The identity of the person responsible for data protection
The contact details for the data protection officer (DPO)
The purpose of the handling which the personal data is destined for and the legal basis of the handling
If the handling should be based on a legitimate interest, the legitimate interests pursued by the data controller or by third parties
The recipients or categories of recipients of the personal data
The intention of a third party is to be found in the United States of America. said date or place in which they were made available
The period of time for which the personal data will be stored or, if not, the criteria used to determine this period
To the personal data, or to rectify or cancel the data, or limit the handling of the personal data to him / her or to oppose their handling, in addition to the right to data transfer
Allow in the event of the handling, including the right to revoke, allow for any time, without compromising the lawfulness of the handling based on allow prior to revocation
The right to submit a complaint to a control authority
If the communication of a personal data is a statutory or contractual obligation or a requisite needed to conclude a contract, and if the party has been
The existence of a decision-making process of an automatic nature, including profiling and at least in such cases, of significant information concerning the logic and the importance involved in said handling for the interested party
The interested party is in the form of an automatic device, the personal data is related to the data controller, and has the right to transmit the data to another data controller without impediments. by the Data Controller they were supplied to.
The party has the right to obtain the cancellation of the personal data. The Data Controller has the obligation to cancel the personal data of the interested party without undue delay.
INFORMATION ON DIRECT MARKETING (THIS CONSENT IS OPTIONAL)
Consent for the handling (Purpose of Handling point 3) is instead necessary in respect of the further and specific purposes as compared to those set out in the contract. In particular, consent is requested for the use of data for the purpose of marketing linked to the services offered by the controller. Communications shall be sent using traditional means as well as automatic ones. It expresses explicit and apposite consent for the purposes described under point 3 (Purpose of Handling).
Profiling is geared solely to the purpose of making targeted services available which conform with the specific needs of the User/Client.
Data transfer is necessary for fulfilling the obligations arising from a contract or pre-contract in which he or she is an interested party, or to fulfil, prior to the conclusion of the contract, specific requests advanced by the interested party, or to conclude or execute a contract stipulated in favour of the interested party.