Privacy Policy

By subscribing to our newsletter, you declare that you are 18 years of age or older and give your consent to the processing of your data to receive information and / or commercial communications and / or information and promotional material via e-mail ("newsletter") by the Controller, Forequest Italia S.r.l.

In accordance with the provisions of art. 13 of the EU General Data Protection Regulation 2016/679 ("GDPR") and Legislative Decree 196/2003 ("Privacy Code") we are to provide you, as data subject, with the all necessary information regarding the purposes and data processing methods, as well as the scope of communication and dissemination of the such data .

Please only provide us with your email addresses. In the event that you provide us with the data of third parties (e.g. friends, family, etc ...) you will need to make sure that these third parties have been informed and that they have authorized you to use them on an appropriate legal basis that legitimizes the processing of the such data. In any case, with respect to this hypothesis, you  areas an independent Controller and assume all the obligations and responsibilities of the law. Therefore, if you provide us with the data of third parties, you grant  indemnity for any dispute, claim, request for damages that we might be received from such third parties.

  1. Controller

The Controller is Forequest Italia S.r.l., Tax Code. 11164110964, in the person of its pro tempore legal representative , with registered office in Milan (20123 - MI), Via Vincenzo Monti, 8.

  1. Purpose of the processing, legal basis and data retention period

The data processing is aimed at sending newsletters  via e-mail by the  Controller and the legal basis is your free and specific consent pursuant to art. 6 n. 1 letter a) GDPR.

The provision of data for the above purpose is facultative and it is strictly necessary to allow the  Controller to send you the newsletters. Please note that if you refuse to give your data to the Controller, the latter can’t  send you the newsletters.

In any case, you will have the possibility to withdraw the consent at any time, without affecting the lawfulness of the processing based on the consent before the withdrawal.

The Personal data will be processed in accordance with the principles of minimization and limitation of conservation pursuant to art. 5 n.1 lett. e) GDPR and will be retained until your unsubscription through the opt-out option present in the footer of each e-mail and / or after 24 months from the last interaction with the Controller.

  1.  Data processing methods

The data processing is carried out through any operations or set of operations as established in art. 4 n. 2 GDPR and  the operations of data processing will be performed whether or not by electronical instruments or automated to logics that fully correspond to the purposes carried out by the Controller.

Pursuant to art. 5 GDPR the personal data shall be processed lawfully and fairly and limitedly to what is necessary in relation to the purposes of  point 2.

In the event of withdrawal of consent, the data will be deleted within a maximum period of 3 months from the request, without prejudice to specific legal obligations on data retention.

  1. Data communication and dissemination

The Personal data are not object of dissemination. Your personal data shall be processed by employees and collaborators of the Controller under the authority of the latter. . Furthermore, your data shall be communicated to all those subjects to whom the communication is necessary to carry out the purposes such as established above,  by way of example consultants, advisors  and in general all the third party that working on behalf of the Controller.

These subjects shall process the data as the independent controllers or as the Processors pursuant to art. 28 GDPR.

In any case, these subjects shall process the data strictly necessary to fulfill the tasks assigned to them, without prejudice to the rights of the data subjects.

The updated list of all data recipients can be requested by sending a request to the Data Controller.

  1. Data Transfer extra EU

The Personal data shall be processed in the European Union. In the event of data being transferred to third countries, the data shall be processed in accordance with art. 44 and following GDPR. You can get more information by contacting the Controller.

  1. Subject rights

Pursuant from art. 15 to 22 GDPR, you shall be in the position to exercise your rights by contacting the  Controller.

In particular, you have the right to:

  • Obtain the access to the personal data concerning you, information related  the data processing in a clear, transparent and understandable manner (Article 15 of the GDPR);

  • Obtain the  rectification or integration of inaccurate personal data (Article 16 of the GDPR);

  • Obtain the deletion of personal data concerning you in the following cases: (a) the data are no longer necessary in relation to the purposes for which they were collected; (b) the data subject withdraws  consent on which the data processing is based, where the legal basis of the processing is your consent; (c) You have objected to the data processing concerning you, where the legal basis is the legitimate interest of the Controller. In any case, we recall you that the data retention by the  Controller is lawful where  the data processing  is necessary for the establishment , exercise or defence of legal claims (Article 17 of the GDPR) ;

  • Obtain the restriction of the data processing where (a) you contest the accuracy of the personal data, for a period enabling the Controller to verify the accuracy of such personal data; (b) the processing is unlawful but you  oppose the erasure of personal data and you request  the restriction of their use instead; (c) the personal data are necessary for the establishment, exercise or defence of legal claims; (d) You have objected to the processing and pending the verification whether the legitimate grounds of the Controller override those of the data subjects (Article 18 of the GDPR);

  • Receive your personal data concerning you in a structured, commonly used and machine-readable format, where the processing is based on your consent or on a contract (Article 20 of the GDPR);

  • object at any time to the processing of your data, where the processing is based on the legitimate interest of the Controller, unless the  Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subjects or for the establishment, exercise or defence of a legal claims. Furthermore, you can object to the data  processing at any time where your personal data are processed for direct marketing purposes (Article 21 of the GDPR);

  • Withdraw the consent at any time, where the processing is based on your consent. In any case, the withdrawal of the consent shall not affect the lawfulness of the processing based on consent before the withdrawal;

  • Lodge a complaint with the supervisory authority in the member state where you have habitual residence or in the place where the alleged infringement  occurred. The Italian Supervisory Authority is the Garante Privacy ( https://www.garanteprivacy.it/ ).

 

  1. Contact details of the Controller

The Data Controller is Forequest Italia Srl, Tax Code. 11164110964, with registered office in Milan (20123 - MI), Via Vincenzo Monti, 8, which can be contacted at the following e-mail address: info@forequest.it