NOTICE PER 13 Reg. EU no. 2016/679 AND CONSENT PER 7 Reg. EU no. 2016/679
On processing personal data

BETAMOTOR Spa, Tax Code and VAT No. 00408970481, with registered offices in Via Pian Dell’Isola, 72, 50067 Rignano Sull’Arno (FI), represented by the Chairman of the Board of Directors and legal representative pro tem Bianchi, Giuseppe, (hereinafter “Data Controller”), as the Data Controller, is informing you pursuant to Article 13 EU Regulation no. 2016/679 (hereinafter “GDPR”) that your data will be processed using the procedures and for the purposes set out below:

1. Subject of the Processing
The Data Controller will be processing your personal identification data (in particular, name, surname, tax code, company name, VAT number, e-mail, PEC, telephone number, IBAN and any other information that can identify the person concerned, hereinafter “personal data” or just “data”) communicated for the first processing. The Data Controller will also be processing the data requested and communicated by the data subject in the event of a visit to the online content in the website / (e.g. IP address, operating system, type of browser, details of the device in use, connection data, duration of the session, information necessary to create an account). The Data Controller may also process any information sent by the data subject such as signatures, photographs, opinions, position, etc.).

2. Purpose for Processing
Your personal data will be processed:

for the following purposes:

to fulfill the pre-contractual, contractual and fiscal obligations deriving from the relations in place with the Data Controller based on the activities envisaged within the company’s purpose and to allow access to the online content of the Website / and its products, information and services (also for the purpose of managing their optimization, responding to all online requests, including those for road testing and maintenance of products offered, both at headquarters and at authorized dealerships);

fulfill the obligations provided for by law, regulations, European Community legislation or by order of the Guarantor Authority;

to send your data to the External Processors appointed by the Data Controller, corresponding to the categories of persons (natural or legal) listed in the processing register;

to permit future registration with the website and the newsletter, if necessary;

to prevent or detect fraudulent activities or harmful abuses also perpetrated by third parties;

to exercise the rights of the Data Controller, for example the right of defense in court;

To send you commercial newsletters or requests (opinions, surveys) about the Data Controller’s products and services you already have or similar to those you have already used,

For direct marketing activities, including information on the Data Controller’s products or services sent by email, unless I refuse consent and / or cancel my registration.

3. Processing procedures
The processing of personal data will be performed using the operations indicated in Article 4 No. 2 GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. The personal data of the data subject may be processed on paper, or in electronic and/or automated form.

4. Duration of the processing
The Data Controller will process your personal data for the time necessary to fulfill the purposes set out in Article 2 of this policy notice (in compliance with the principles of minimization and limitation of processing) and in any case no more than 10 years after the termination of all relations with the Data Controller, except where necessary in connection with the relationship with the Authorities. Subsequently, the data will be deleted and/or kept in a form that does not permit identification.

5. Access to the data
Your data may be made accessible for the purposes referred to in Article 2. :
– to employees and contractors of the Data Controller as assigned Internal and/or External Data Processors;
– to third parties (for example: servers, website management and maintenance providers, suppliers, credit institutions, dealers, branches, partners, sales agents, professional firms, service cooperatives, etc.) to whom your data may be disclosed for the performance of activities in outsourcing on behalf of the Data Controller and as External Processors appointed by the Data Controller.

6. Data Storage and Transfer
The management and storage of your personal data will take place on the Data Controller’s servers located within the European Union and / or belonging to third party companies duly appointed and assigned as Data Processors. Currently the servers are located in Italy. The data will not be transferred outside the European Union. In any case, that it be understood that if necessary the Data Controller will have the right to move the location of the servers in Italy and / or in the European Union and / or to non-EU countries. In such a case, the Data Controller hereby ensures that the transfer of the data outside of the EU will take place in compliance with the applicable legal provisions, and if necessary, by concluding agreements guaranteeing an adequate level of protection and/or by adopting the standard contractual clauses provided for by the European Commission.

7. Data communication
Without express consent (per Article 7 GDPR), the Data Controller may communicate your data to supervisory bodies, judicial authorities or to any other subjects to whom the communication is required by law or by order issued by the competent authorities. Your data will not be disclosed in any case.

8. Rights of the data subject
As a data subject, you have rights under Article 15 GDPR and specifically the right: 
i. to obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and their communication in intelligible form; ii. to obtain indication of: a) the origin of personal data; b) processing purposes and methods; c) the logic applied in the event of processing electronically; d) the identity of the Data Controller, Processors and, in the case described by the combined provisions of Articles. 3, paragraphs 2 and 27, paragraph 1, GDPR, of their representative established in the European Union; e) the subjects or categories of subjects to whom your personal data may be communicated and who may have knowledge of said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) assigned to do the processing; iii. to obtain: a) the updating, correction or, when it is in your interest, the addition of data; b) the cancellation, transformation into anonymous form or the blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data was collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to those to whom the data was communicated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected; iv. to oppose, in whole or in part: a) on legitimate grounds, the processing of personal data concerning you, even if pertinent to the purpose of collection; b) the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for doing market research or commercial communications, through the use of automated calling systems without the intervention of an operator by email and/or through traditional marketing methods by telephone and/or by post. It should be noted that the data subject’s right of opposition, as set out in point b) above, for direct marketing purposes by means of automated methods, extends to traditional methods and that, in any case, the possibility for the data subject to exercise the right of opposition even only in part remains unaffected. Therefore, the data subject may decide to receive only communications by traditional means or only automated communications or neither of the two types of communication. Where applicable, you also have rights under Articles 16 – 21 GDPR (Right of correction, right to be forgotten, right to limit processing, right to data portability and right of opposition), as well as the right to lodge a complaint with the Supervisory Authority.

9. Procedures for the exercise of your rights
You may exercise your rights under Articles 16-21 of the GDPR at any time by sending:
– a registered letter with receipt confirmation to BETAMOTOR Spa, Tax Code and VAT No. 00408970481, with registered offices in Via Pian Dell’Isola, 72, 50067 Rignano Sull’Arno (FI),
or else
– a PEC [certified email] to [email protected]

10. Data Controller and Data Processors
The Data Controller is BETAMOTOR Spa, Tax Code and VAT No. 00408970481, with registered offices in Via Pian Dell’Isola, 72, 50067 Rignano Sull’Arno (FI), represented by the Chairman of the Board of Directors and legal representative pro tem Bianchi, Giuseppe.
The updated list of internal and external Data Processors is kept at the registered offices of the Data Controller and may be consulted upon written request.

11. Changes to this Policy Notice
Betamotor may periodically update this notice. In the event of any substantial changes, a notice will be posted on our website, along with the updated Privacy Policy Notice

12. Right to withdraw consent
The Data Controller would like to inform you that, pursuant to Article 7, paragraph 3, GDPR, you have the right to withdraw your consent at any time.