General Data Protection Regulation (GDPR 2016/679) info
We wish to inform you that, following the entry into force of the General Data Protection Regulation (GDPR 2016/679) on the 25th of May 2018, new regulations are set for organizations that offer products and services to people within the European Union (EU) or that collect and analyze data relating to residents in the same, regardless of where they are.
The changes made to the new regulation provide for greater rights in terms of personal privacy, greater duties in terms of data protection, mandatory reporting of violations and severe penalties for non-compliance.
Article 18 “Right to limitation of treatment”, Art. 19 “Obligation to notify in case of rectification or cancellation of personal data or limitations of processing” Article 20 “Right to data portability”, regulate personal privacy, which can be so simplified,
The customer / supplier has the right to:
- Having access to his personal data,
- Fix errors in his data,
- Delete the personal data,
- Contest the processing of personal data,
- Export the personal data
Responsible for the data handling is OMP Srl, whose registered office is in Rosignano M.mo (LI) – Via degli Artigiani 10, C.F./P.IVA 01938790498, tel. 0586.791174, fax 0586.791173, mail firstname.lastname@example.org pec email@example.com
OMP Srl, being responsible for data processing, is obliged to comply with Article 12 “Information, communications and transparent procedures for exercising the rights of the data subject”, Art. 32 “Security of processing”, Art. 33 ” Notification of a violation of personal data to the supervisory authority “, Art. 34” Communication of a violation of personal data to the data subject “, which can be simplified as follows:
- Protect personal data with appropriate security measures
- Report to the authorities the violations of personal data within 72 hours,
- Receive authorization before processing personal data,
- Keep detailed documentation on data processing,
- Provide clear notices on data collection,
- Highlight the purposes of processing and use cases,
- Define the data retention and deletion criteria.
Legal Representative, ing. Andrea Formichi