Privacy Policy

PULSAR ENGINEERING Srl, with registered officein Via Marino Serenari, 29 - 40013 Castel Maggiore (BO) - ITALY, VAT number02642481200 (hereinafter, "Holder"), as data controller, informs youpursuant to art. . 13 D.Lgs 30.6.2003 n. 196 (hereinafter, "PrivacyCode") and art. 13 EU Regulation n. 2016/679 (hereinafter,"GDPR") that your data will be processed in the manner and for thefollowing purposes:

1.      Objectof the Treatment

The Data Controller processes personal data,such as name, surname, company name, address, telephone number, e-mail address,bank and payment details, tax references, IP addresses, computer domain namesused by users for links to the sites, the URI code - Uniform ResourceIdentifier) ​​- hereinafter, "personal data" or even "data"communicated by you upon the conclusion of contracts for the services of theowner or direct contact with the owner's employees or participation inorganized events from the same or in which he participated in public form, orsubscription to newsletters or information bulletins.

In addition, personal data related to educationand work (curriculum vitae and work, educational qualifications, professionalskills, tasks, department, work function, compensation and any company assetsassigned to the employee as a benefit or other;

2.      Purpose of the processing

Your personal data are processed:

                                i.           withoutyour express consent (Article 24 letter a), b), c) Privacy Code and art. 6lett. b), e) GDPR), for the following Service Purposes:

·   conclude contracts for services orcollaborations for, with and by the Owner;

·   fulfill the pre-contractual, contractual andtax obligations deriving from relations with you in existence;

·  fulfillthe obligations established by law, by a regulation, by community legislationor by an order of the Authority (such as for anti-money laundering)

·  exercisethe rights of the owner, for example the right to defense in court;

                              ii.           Onlysubject to your specific and distinct consent (articles 23 and 130 of thePrivacy Code and article 7 of the GDPR), for the following Marketing Purposes:

·        sendyou via e-mail, mail and / or sms and / or telephone contacts, newsletters,commercial communications and / or advertising material on products or servicesoffered by the Data Controller and recognition of the degree of satisfactionwith the quality of services;

·         send via e-mail, mail and / or sms and / ortelephone contacts commercial and / or promotional communications of thirdparties (for example, business partners, insurance companies, other companiesof the Group).

Please notethat if you are already present in our archives, as already our customers oranyway as a result of existing contacts, we can send you commercialcommunications related to services and products of the owner similar to thosealready used, except your disagreement (art 130 paragraph 4 of the PrivacyCode).

3.      Processingmethods

The processing of your personal data is carriedout by means of the operations indicated in art. 4 of the Privacy Code and art.4 n. 2) GDPR and more precisely: collection, registration, organization,storage, consultation, processing, modification, selection, extraction,comparison, use, interconnection, blocking, communication, cancellation anddestruction of data.

Your personal data are subjected to both paperand electronic and / or automated processing.

The Data Controller will process the personal datafor the time necessary to fulfill the aforementioned purposes and in any casefor no more than 10 years from the termination of the Service Finalityrelationship and no later than 2 years from the collection of data for theMarketing Purposes.

4.       Access to data

Your data may be made accessible for thepurposes referred to in art. 2.A) and 2.B):

·       toemployees and collaborators of the owner or of the Group companies in Italy andabroad, in their capacity as persons in charge and / or internal managers ofthe processing and / or system administrators;

·       tothird-party companies or other subjects (as an indication, credit institutes,professional firms, consultants, insurance companies for the provision ofinsurance services, etc.) who carry out outsourcing activities on behalf of theOwner, in their capacity as external managers of treatment.

5.       Communication of data

Without the need for express consent (pursuantto Article 24 letter a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR),the Data Controller may communicate your data for the purposes referred to inart. 2.A) to Supervisory Bodies (such as IVASS), Judicial Authorities, toinsurance companies for the provision of insurance services, as well as tothose subjects to whom the communication is mandatory by law for theaccomplishment of said purposes.

These subjects will process the data in theircapacity as independent data controllers. Your information will not bedisseminated.

6.      Data transfer

Personal data is stored on servers located inItaly.

In any case, it is understood that the DataController, if necessary, will have the right to move the servers even outsidethe EU.

In this case, the Data Controller herebyensures that the transfer of non-EU data will take place in accordance with theapplicable legal provisions, subject to the stipulation of the standardcontractual clauses provided by the European Commission.

7.       Transfers of cross-border data

Your data are destined to our client companiesin the Italian territory, in the European Union and may also be communicatedand transferred to client companies outside the European Union in compliancewith the conditions required by law for such transfer to be lawful.

In particular, this transfer may be made to ourbranch located in the United States which has signed or will join the c.d."Privacy Shield.

8.       Nature of the provision of data and consequences of refusal to respond

The provision of data for the purposes referredto in art. 2.A) is mandatory.

In their absence, we cannot guarantee theservices of the art. 2.A).

The provision of data for the purposes referredto in art. 2.B) is optional

You can therefore decide not to give any dataor to subsequently deny the possibility of processing data already provided: inthis case, you will not be able to receive newsletters, commercialcommunications and advertising material concerning the Services offered by theData Controller.

However, you will continue to be entitled tothe Services referred to in art. 2.A).

9.      Rights of the interested party

In your capacity as an interested party, youhave the rights set forth in art. 7 of the Privacy Code and art. 15 GDPR andprecisely the rights of:

a.      to.obtain confirmation of the existence or not of personal data concerning you,even if not yet registered, and their communication in an intelligible form;

b.     b.get the indication:

                                                             I.     aboutthe origin of personal data;

                                                           II.     ofthe purposes and methods of processing;

                                                         III.      of the logic applied in case of treatmentcarried out with the aid of electronic instruments;

                                                         IV.     ofthe identification details of the owner, of the managers and of the designatedrepresentative pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3,paragraph 1, GDPR;

                                                           V.      the subjects or the categories of subjects towhom the personal data may be communicated or who can learn about them asappointed representative in the territory of the State, managers or agents

c.       get:

                                                             I.     the.updating, rectification or, when interested, integration of data;

                                                           II.     thecancellation, transformation into anonymous form or blocking of data processedunlawfully, including data whose retention is unnecessary for the purposes forwhich the data were collected or subsequently processed;

                                                         III.     theattestation that the operations referred to in letters a) and b) have beenbrought to the attention, also with regard to their content, of those to whomthe data have been communicated or disseminated, except in the case in whichthis fulfillment proves impossible o involves a use of means manifestlydisproportionate to the protected right;

d.     toobject, in whole or in part:

                                                             I.     forlegitimate reasons, the processing of personal data concerning you, even ifpertinent to the purpose of the collection; b)

                                                           II.     processingof personal data concerning you for the purpose of sending advertising ordirect sales material or for carrying out market research or commercialcommunication, through the use of automated call systems without theintervention of an operator through mail and / or through traditional marketingmethods by telephone and / or paper mail.

                                                         III.     Itshould be noted that the right of opposition of the interested party, set outin point b) above, for direct marketing purposes through automated methodsextends to traditional ones and that in any case the possibility remains forthe data subject to exercise the right to object even only in 4 part.Therefore, the interested party can decide to receive only communications usingtraditional methods or only automated communications or none of the two typesof communication.

Where applicable, it also has the rightsreferred to in Articles 16-21 GDPR (Right of rectification, right to beforgotten, right of limitation of treatment, right to data portability, rightof opposition), as well as the right of complaint to the Guarantor Authority.

10.   Notificationof a personal data breach

a.   In the case of a personal databreach, the controller shall without undue delay and, where feasible, not laterthan 72 hours after having become aware of it, notify the personal data breachto the supervisory authority competent in accordance with Article 55, unlessthe personal data breach is unlikely to result in a risk to the rights andfreedoms of natural persons. Where the notification to the supervisoryauthority is not made within 72 hours, it shall be accompanied by reasons forthe delay.

b.  The controller shall notify thecontroller without undue delay after becoming aware of a personal data breach.

11.  Minors

The Activities and Services provided by theData Controller are not intended for minors under the age of 16 (art. 8paragraph 1 GDPR) and the Data Controller does not intentionally collectpersonal information about minors.

In the event that information on minors wereunintentionally registered, the Data Controller will delete them in a timelymanner, at the request of users.

12.  How to exercise rights

You can exercise your rights at any time bysending:

                                i.           aregistered letter to:

PULSAR ENGINEERING S.r.l.

Via Marino Serenari,29

40013 Castel Maggiore(BO)

ITALY

                              ii.           ane-mail to privacy@pulsarengineering.com.

13.  Owner, manager and agents

The Data Controller is PULSAR ENGINEERINGS.r.l., with registered office in Via Marino Serenari, 29 - 40013 CastelMaggiore (BO) – ITALY

The updated list of data processors and dataprocessors is kept at the registered office of the Data Controller.

14.  Changes to this Statement

This information may change. It is thereforeadvisable to regularly check this information and refer to the latest versionof the website: www.pulsarengineering.com