Privacy Policy

Information Notice pursuant to Article 13 of European Regulation No. 679/2016

Pursuant to Article 13 of European Regulation (EU) 2016/679 (hereinafter also referred to as "GDPR"), which sets forth provisions for the protection of individuals and other subjects concerning the processing of personal data, we wish to inform you that the personal data provided by you will be processed in compliance with the aforementioned regulation.

1. - Data Controller and Data Protection Officer

The Data Controller is Selvatiq S.r.l., Tax Code and VAT No. 13474090969, with registered office in Milan, Via degli Olivetani 10.
The Controller can be contacted at the email address admin@selvatiq.com or at the certified email address selvatiq@legalmail.it.
The Controller has not appointed a Data Protection Officer (DPO).

2. - Legal Basis for Processing

The Controller lawfully processes your personal data when the processing:

  • is necessary for the execution of the contract to which you or your company are a party or for the execution of pre-contractual measures taken at your request;
  • is necessary to fulfill a legal obligation to which the Controller is subject;
  • is based on your explicit consent for specific activities (e.g., sending newsletters, marketing activities).

3. - Purposes of Data Processing

The processing is carried out to ensure the correct execution of the contractual relationship. Therefore, your data will be processed for the following purposes:
a) execution and management of the contract;
b) fulfillment of legal obligations related to the contractual relationship;
c) protection of contractual rights;
d) only with explicit and separate consent, pursuant to Article 9, paragraph 2, letter a) of the GDPR, to properly execute the contract by providing the most suitable product and/or service, the processing may involve your special category data, meaning, for the purposes of this notice, personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic data, biometric data for uniquely identifying a natural person, and health-related data;
e) only with explicit and separate consent, revocable at any time, marketing activities through the sending of promotional and advertising material related to products or services provided by the Controller in its commercial activities.

4. - Consequences of Failure to Provide Personal Data

Regarding the personal data necessary for the execution of the contract to which you or your company are a party or for compliance with a legal obligation, failure to provide such data will prevent the establishment or execution of the contractual relationship.

5. - Processing Methods and Retention

Processing will be carried out in automated and/or paper form, in compliance with Article 32 of the GDPR concerning security measures, by specifically designated personnel, including third parties providing specific processing, administrative, or instrumental services necessary for achieving the processing purposes, always in compliance with Article 29 of the GDPR.
We inform you that, in compliance with the principles of lawfulness, purpose limitation, and data minimization as per Article 5 of the GDPR, your data will be retained for the time necessary to achieve the purposes for which they are collected and processed and, thereafter, for the period required to comply with legal, including tax-related, retention obligations. All data processing operations are carried out to ensure data integrity, confidentiality, and availability.

6. - Data Disclosure

Your personal data may be disclosed to:

  • third-party service providers for processing, accounting, tax, administrative, legal, or other purposes instrumental to the above-mentioned objectives;
  • Authorities of any kind, for compliance with legal obligations.
    Beyond these cases, your data may be disclosed to third parties, specifically identified at least by category, only with your informed and explicit consent.

7. - Profiling and Data Dissemination

Your personal data will not be subject to dissemination or any fully automated decision-making process, including profiling.

8. - Data Transfer

Your data will not be transferred to EU Member States or non-EU countries.

9. - Data Subject Rights

At any time, pursuant to Articles 15 to 22 of the GDPR, you may exercise the following rights by submitting a written request to the Controller at the contact details provided in Section 1:

a) request confirmation of whether or not your personal data exists;
b) obtain information regarding the purposes of processing, categories of personal data, recipients or categories of recipients to whom personal data has been or will be disclosed, and, where possible, the retention period;
c) request rectification or deletion of data;
d) request restriction of processing;
e) obtain data portability, i.e., receive data from a data controller in a structured, commonly used, and machine-readable format and transmit it to another data controller without hindrance;
f) object to processing at any time, including for direct marketing purposes;
g) object to automated decision-making processes, including profiling;
h) request access to personal data and rectification or deletion of the same, or restriction of processing concerning them, or object to processing;
i) withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
j) lodge a complaint with a supervisory authority.