Skip to content
POLICY ON THE PROCESSING OF PERSONAL DATA, PURSUANT TO EU REGULATION 2016/679, ARTICLES 13-14

 

EU Regulation 2016/679 (henceforth, the “GDPR”) and Italian Legislative Decree 196/08 (the “Privacy Code”) govern the processing of personal data. As the Data Controller, Manta Systems informs you that your data and your rights concerning it shall be processed in accordance with the principles of accuracy, lawfulness, transparency and the preservation of confidentiality, in line with the aforementioned regulation.

This policy describes how your data is collected and used.


The data we process

This falls under the following categories (the purposes for which each category is then processed can be found later in this policy):

  • personal data used to identify you, such as your name, surname, tax code, bank details;
  • contact and log-in details, such as your address, email address, telephone number;
  • navigation data, such as IP addresses, log data, domain names and other defining features relating to your computer, operating system and IT system;
  • data taken from public sources, such as those published in the Companies Register.

The purposes and lawful basis for processing

Your data is collected and processed for the following purposes and lawful bases:
(a) purposes relating to compliance with legal or contractual obligations, such as:

  • carrying out all procedures and actions required for the performance of a contract;
  • carrying out all procedures required under tax and revenue legislation;
  • pursuing active or passive defence initiatives, which here includes beginning or defending legal proceedings, even where the intent is to recover or grant credit, including actions taken through third parties;
  • technical or functional access to the website;
  • purposes linked to improving online navigation or personalised content management;
  • purposes linked to user navigation statistics and analysis.

(b) purposes relating to compliance with legal or contractual obligations or for the Data Controller’s legitimate interests: if you are already a customer, we will use your data to send newsletters and promotional and marketing communications for products and services similar to those we have provided to you in the past. In that instance, you may choose to deny your consent to receiving further communications at any time, by clicking the appropriate button at the bottom of the newsletter/message;

(c) where you are not already a customer, we can only send you newsletters and promotional and marketing communications with your consent; this is considered expressly given when you a request the newsletter through our website or by signing the end of this policy where it has been provided in paper format.


When it is mandatory/optional for you to provide your data

The need to comply with contractual and legal obligations means it is mandatory for you to provide data for the purposes described under letter (a).
As a Data Subject, you may choose whether to provide your data for the purposes described under letters (b) and (c). In this instance, not providing us with such data shall not compromise the establishment and/or continuation of the relationship, nor how accurately your data is processed.


How your data is processed

Your personal data will be processed by one of the following methods:
(a) for the purposes set forth under letter (a):

  • automated bookkeeping systems using third-party software;
  • automated bookkeeping systems using software systems managed or programmed directly by US;
  • processing on a temporary basis, where the data has been anonymised;
    non-automated, manual processing on paper;

(b) for the purposes set forth under letters (b) and (c):

  • automated bookkeeping systems using third-party software;
  • automated bookkeeping systems using software systems managed or programmed directly by US;
  • automated, using electronic or magnetic storage media;
  • processing of data collected by third parties.

All processing is carried out by methods compliant with articles 6 and 32 of the GDPR, adopting the security measures set forth therein.
Your data will only be processed by staff to whom the Data Controller has given its express authorisation and, specifically, by those working in the Retail and Marketing departments.


Where your data is processed

Your data is processed and stored at the registered offices of Manta Systems, Via Manzoni 19, 42014 Castellarano (RE) – Italy. It is also processed at the offices of professionals and/or companies entrusted with technical, development, management and administrative/accounting activities.


How your data is shared

All data collected and processed may be shared in Italy exclusively for the purposes indicated above. The recipients of that data fall under various categories, specifically:

  • public and/or private officials with whom we are obliged to share the data, either in order to comply with legal obligations or because sharing the data with them is crucial to managing our relationship with you;
  • credit institutions, companies that process credit or debit card payments, insurance companies, factoring companies;
  • Retail, Marketing and Administrative Department employees, who have express authorisation;
  • consultants and contractors, including incorporated ones;
  • freight forwarders, carriers, owner-drivers, the postal service, logistics companies;
  • software companies.

Your personal data shall not be disseminated in anyway nor used for profiling.


How long we store your data

Pursuant to art. 5 of the GDPR and in line with the principles of lawfulness, purpose limitation and data minimisation, your personal data will be stored for the following periods of time:

  • for the purposes set forth under letter (a), for only as long as necessary to accomplish the purpose for which the data was collected and processed, in order to perform and carry out the objects of a contract and to fulfil legal obligations.
  • for the purposes set forth under letters (b) and (c), for two years after the data was provided.

Managing cookies

The ways in which the Manta Systems website uses cookies are set out in detail in the Cookies Policy.
As the Data Subject, you are entitled at any time to intervene on the use of cookies, so as to prevent their being set and read. For example, this can be done by changing the Privacy settings in your browser so that it blocks certain types of cookies. For further information, please read our Cookies Policy, available at www.mantasys.com.


The Data Controller

Pursuant to the legislation in force, the Data Controller is Manta Systems – address: Via Manzoni 19, 42014 Castellarano (RE) – Italy; e-mail: info@mantasys.com; tel. +39-331-9469530 – in the person of its pro tempore legal representative.
As a Data Subject, you have the right to: obtain access to, erase (right to be forgotten), restrict, update or rectify any personal data held by the Data Controller. Additionally, you have the right to data portability, the right to object to the processing of your personal data and may generally to exercise all the rights set forth in articles 15, 16, 17, 18, 19, 20 and 21 of the GDPR.


Data Subject rights

With regard to the processing of the data described in this Policy you, as a Data Subject, may exercise the rights set forth in the GDPR articles 15-22 at any time. That includes the rights to:

  • receive confirmation that your data is being held and to access its contents (right of access);
  • obtain information regarding (i) the source of the personal data, (ii) the purposes and methods of processing it, (iii) the logic applied (where data is processed using electronic tools), (iv) the identification details of the Data Controller or any data processors and (v) the subjects or types of subject who may receive the data or come to have access to it, in their role as a data processor;
  • request the erasure or restrict the processing of any data processed in an unlawful manner, including where the data is stored for longer than necessary for the purposes for which it was collected or is processed in another way (right to be forgotten and right to restrict processing);
  • object to the processing (right to object);
  • withdraw consent, where it was given, without prejudice to the lawfulness of any processing having taken place prior to you withdrawing your consent;
  • file a complaint with the competent authority (Italian Data Protection Authority – Www.garenteprivacy. it) in the event of a breach of data protection legislation;
  • receive an electronic copy of any of your personal data, which can be sent to you or to another service provider. This applies where consent is the basis for the company processing your data, where the processing is required in order to provide the services and/or products you have requested and where it is performed using automated means (right to data portability).

In order to exercise your rights, you may send the Data Controller a request by email to info@mantasys.com or by post to Manta Systems, Via Manzoni 19, 42014 Castellarano (RE) – Italy.