Privacy Policy

Registry and Privacy Statement in accordance with the EU General Data Protection Regulation (GDPR). Last reviewed on May 3, 2023.

1. Data Controller

Sopra540

Via Bastiglia 15
Borgiallo (TO) 10080
Italy

2 .Contact Person for the Register

Minna Peuralinna
sopra540@gmail.com
+39 353 4542972

3. Register Name

Customer Register

4. Purpose of Processing Personal Data

Customer information is collected and processed with the customer’s consent or for the performance of a contract with the customer.

The collected personal data is used for customer identification, management of user rights, delivery of customer orders, maintenance, and development of customer relationships.

The information is not used for automated decision-making or profiling.

5. Contents of the Register

The register may include the following information: name, position, company/organization, contact information (phone number, email address, address), website addresses, information about ordered services and any changes, billing information, and other information related to customer relationships and ordered services.

Personal data is retained for as long as necessary for the performance of a contract with the customer or for the development of customer service.

6. Regular Data Sources

The information stored in the register is obtained from the customer through various channels, including online forms on the sopra540.com website, email, phone calls, social media services, contracts, customer meetings, and other situations where the customer provides their information.

7. Regular Disclosures and Transfers of Data outside the EU or EEA

Information is not regularly disclosed to third parties. Information may be published as agreed with the customer.

The data may be transferred by the data controller outside the EU or EEA. Data is not transferred to the United States without the explicit consent of the individuals concerned.

8. Principles of Register Protection

The register is processed with care, and appropriate measures are taken to protect the information processed by the information systems. When the register information is stored on Internet servers, the physical and digital security of the hardware is appropriately taken care of. The data controller ensures that stored data, as well as the access rights and other information critical to the security of personal data, are treated confidentially and only by employees who need it for their work.

9. Right of Inspection and Right to Request Corrections

Each individual in the register has the right to access their personal data stored in the register and to request the correction of any inaccurate information or completion of incomplete information. If a person wants to access their stored information or request corrections, the request must be sent in writing to the data controller. The data controller may request the requester to prove their identity if necessary. The data controller will respond to the customer within the time frame provided in the EU General Data Protection Regulation (usually within one month).

Individuals in the register have the right to request the erasure of their personal data from the register (“right to be forgotten”). Individuals also have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests must be sent in writing to the data controller. The data controller may request the requester to prove their identity if necessary. The data controller will respond to the customer within the time frame provided in the EU General Data Protection Regulation (usually within one month).