Personal data processing information statement pursuant to article 13 of EU Regulation 2016/679
Data subjects: agents and representatives.
Ceramica Sant’Agostino S.p.A., in its capacity as Data Controller of your personal data, pursuant to and in accordance with the European Regulation 2016/679 herein "GDPR", hereby informs you that the aforementioned regulation establishes the protection of data subjects as regards personal data processing and that said processing will be grounded in the principles of propriety, lawfulness, transparency and shall ensure the protection of your confidentiality and rights.
Your personal data will be processed in compliance with legislative provisions of the aforementioned regulation and all confidentiality obligations set forth therein.
For the purposes stated in this Privacy Policy Statement, the Data Controller will process your personal data, supplied directly by you or obtained from third parties (e.g. your employer). These data may include ordinary and contact data (such as your name, surname, telephone number, email address and other contacts), and your financial data (IBAN number)
Purposes and legal basis of the processing: your data will be processed for the following purposes related to the implementation of fulfilments related to legislative obligations:
compulsory legal fulfilments in fiscal and accounting sector;
existing legal obligations.
Your data will also be used for the following purposes relating to the execution of measures connected with contractual or pre-contractual obligations:
after-sales assistance;
management of agency agreement and related tasks, including pre-contractual activities;
customers' management;
commission management;
sending information about the company's promotional activities necessary for the promotion of the company's products;
schedule of activities;
customer care service relating to product presentation, sales and after-sales service.
Your data will also be used for the following purposes necessary for the pursuit of the legitimate interest of the Controller:
litigation management.
With regard to the above-mentioned purposes, if you are an employee/contact person of the agency/legal entity, your data will be processed by the need to interact, through you, with the agency/legal entity
Processing method. Your personal data can be processed as follows:
by means of electronic computers using software systems managed by third parties;
disclosed to third parties for processing operations;
BY ENTERING THEM INTO THE CONTROLLER'S CORPORATE CRM;
automated methods of contact (e.g. automated email campaigns, text messages, automated telephone contact, instant messaging, social networking, etc.);
platform for sending corporate communications;
processed by electronic computers;
manually processed in paper files..
Each processing is carried out in compliance with the methods specified in Articles 6, 32 of the GDPR and by adopting the appropriate security measures.
Your data will be processed exclusively by staff explicitly authorised by the Controller and specifically, by the following categories of operators:
General management;
Accounting department;
Commercial department;
Logistics department;
Marketing department.
Your personal data may be processed by third parties belonging, by way of example, to the following categories:
banks and credit institutions;
within the scope of public and/or private entities to which data disclosure is compulsory for the fulfilment of legal requirements, or functional for relations administration;
group companies as per intra-group agreements;
external companies providing hardware, software, cloud services including electronic invoicing;
subjects and external companies that perform services of various kinds on behalf of the Controller, such as: correspondence services, promotion of Data Controller activities and products, etc.
The subjects belonging to the above categories operate, in some cases, as data controllers specifically appointed by the Data Controller in compliance with Article 28 GDPR, and in other cases completely autonomously as separate data controllers, it being understood that, in the latter case, the communication of your personal data to such autonomous data controllers is made solely for the purposes of pursuing the purposes indicated in this information notice.
The list of such entities is available upon request to the addresses indicated in this notice
Disclosure: Your personal data shall not be disclosed anyhow.
Transfer of personal data:
Your personal data may also be transferred, limited to the above mentioned purposes, to countries of the EU.
Period of data retention. Please note that, in accordance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 of the GDPR, the period of retention of your personal data is:
established for a period of time not exceeding the achievement of the purposes for which data is collected and processed for the performance and fulfilment of contractual purposes;
established for a period of time not exceeding the achievement of the purposes for which data is collected and processed and in compliance with the mandatory time limits prescribed by law.
Data Controller: the Data Controller, in accordance with the Law, is Ceramica Sant'Agostino S.p.A. (Via Statale, 247, 44047 Locality Sant'Agostino - Terre del Reno (FE); E-mail: privacy@ceramicasantagostino.it; Telephone: + 39 0532 844111; VAT number: 00531230381). The data protection officer (DPO) appointed by the data controller pursuant to Article 37 of the GDPR is contactable at the following contact details: E-mail: dpo@ceramicasantagostino.it.
You have the right to obtain erasure (right to be forgotten), limitation, updating, amendment, portability from the controller, as well as the right to oppose the processing of your personal data and in general, you can also exercise all rights specified in articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR. You may also lodge a complaint with the competent supervisory authority if you consider that the processing of your data is contrary to the legislation in force.
Extract EU Reg. 2016/ 679: Articles 15, 16, 17, 18, 19, 20, 21, 22 - Rights of the data subject
1. The data subject is entitled to obtain confirmation as to the existence or otherwise of personal data concerning them, even if said data has not yet been recorded, the disclosure of said data in intelligible form, and to lodge a complaint with the Supervisory Authority.
2. The data subject has the right to receive the following information:
a. the origin of personal data;
b. the purposes and processing methods;
c. the logic applied in case of processing carried out by electronic instruments;
d. the identification details of the data controller, of the processors and of the appointed representative according to art. 5, para. 2;
e. the subjects or subject categories to whom the personal data can be disclosed or come into the knowledge thereof, in their capacity as appointed representative in the State, data supervisors or processors.
3. The data subject is entitled to obtain:
a. the updating, correction or, if he/she is interested in this, the integration of the data;
b. the erasure and transformation into anonymous form of any unlawfully processed data or data blocks, including those whose retention is not required in relation to purposes for which data were collected or successively processed;
c. certification that operations specified in letters a) and b) have been disclosed, together with their content, to the people to which data has been disclosed or provided, unless this proves impossible or requires the use of means clearly disproportionate to the right being protected;
d. data portability.
4. The data subject is entitled to raise a total or partial objection:
a. for legitimate reasons, to the processing of personal data concerning them, even if pertaining to the purpose of collection;
b. to the processing of his/her own personal data for the sending of advertising materials, for direct sale, or for carrying out market surveys or commercial reporting.
Terre del Reno (FE) Italy 08.09.25