INFORMATION ON THE PROCESSING OF PERSONAL DATA
(Privacy Code – Legislative Decree 196/2003 as amended by Legislative Decree 101/2018
EU Regulation 679/2016 on the processing of personal data – Art. 13)
The purpose of this information notice is to indicate how Mesar s.r.l. processes your data.
1) The Data Controller.
The Data Controller is Mesar s.r.l. with registered office in Piazza D’Ara Coeli 1 – 00186 Rome, CF 07435950584 and VAT number 01776511006.
2) Purpose of the processing and obligatory nature of the conferment
Your personal data ( first name, last name, contact details ) are processed:
A) without your express consent (art. 6 lett. b), e) GDPR), for the following Service Purposes:
– To provide the requested information regarding the services and products of the Controller;
– Fulfilling obligations required by law, regulation, EU legislation or an order of the Authority;
– to exercise the rights of the Controller.
B) Subject to your consent, we inform you that we may carry out direct marketing activities, such as sending – including by e-mail, SMS – advertising material, newsletters and communications having informative and/or promotional content. You may in any case exercise your dissent at any time through the unsubscribe links identifiable at the bottom of the communications received from us or by sending an e-mail to privacy@mesar.it.Il failure to consent will have no consequence on the performance of the main service.
3) Communication and dissemination of data
In order to execute the fulfilments undertaken by virtue of the relationship existing between the parties (referred to in point 2 “Purposes of the processing and obligatory nature of the conferment” of this information) it may be necessary to involve Facilities with which we collaborate; these facilities, which have received a formal assignment from us and have been appointed “Data Processors” or act as “Autonomous Holders”
It is understood that we will communicate only the data necessary to be able to fulfill the service, preferring where possible to anonymize the data. The list of the Companies that collaborate with us can be found in an annex to the Register of Processing Activities of EatHappy ToGo srl to which you can refer to obtain the relevant information.
Your personal data will not be disseminated, i.e. disclosed to the public and/or to an unspecified number of recipients.
4) Transfer of data to third countries or international organizations.
Data management and storage take place on servers of the Data Controller and/or of Third Party Companies appointed as external data processors. These servers are located at the Data Controller (in Italy) and in any case within the European Union.
Personal data are not transferred outside the European Union. In any case, it is understood that, should it become necessary, the Data Controller may also transfer personal data to countries outside the EU, guaranteeing as of now that the transfer of personal data outside the EU will take place in compliance with the applicable legal provisions (starting with EU Reg. no. 679/2016) and therefore by entering into, if and to the extent necessary, specific agreements that guarantee an adequate level of protection of personal data or in any case by adopting the standard contractual clauses provided by the European Commission for the transfer of personal data outside the EU.
The data you provide will not be disclosed to third parties.
5) Methods of processing, automated decision-making processes and data retention times.
Your data may be processed on both paper and computer media, in compliance with the technical and organizational security measures provided for by the EU Regulation on the protection of personal data (GDPR 2016/679).
Those related to the purposes mentioned in points 2B will be kept for 2 years from the time of ‘last purchase.
6) Rights of the data subject and complaint to the Privacy Guarantor.
You have the right to request at any time access to the data concerning you, their modification, integration or deletion, the limitation or opposition to their processing, where there are legitimate reasons, as well as the portability of said data to another Data Controller. You may also lodge a complaint with the National Supervisory Authority where you believe that your data have been processed unlawfully. In order to exercise the rights provided for by the regulations and better specified above, you can contact the Data Controller Mesar srl at its operational headquarters at Via Barsanti Snc 00012 Guidonia (RM) – or via an e-mail to privacy@mesar.it.