Privacy policy – Solarites

INFORMATION REGARDING THE PROCESSING OF PERSONAL DATA

Pursuant to and in accordance with Article 13 of EU Regulation 679/2016 of April 27, 2016, “on the protection of natural persons with regard to the processing of personal data and on the free movement of such data,” Solarites S.r.l. (hereinafter “the Company”), as Data Controller, is required to provide you with information regarding the use of your personal data in connection with the establishment and/or management of the employment relationship. In general, any information or personal data provided to Solarites S.r.l. in the context of commercial and technical contacts will be processed in accordance with internationally recognized principles of lawfulness, fairness, transparency, purpose limitation and retention, data minimization, accuracy, integrity, and confidentiality. This information was drafted on January 31, 2023; We may occasionally need to modify it, including due to changes in applicable legislation. To stay up-to-date, we invite the interested party to visit this section regularly to review the most recent and updated version. This policy also applies to the processing of personal data carried out by the parties who perform, on behalf of Solarites S.r.l., the technical and organizational tasks described in paragraph 2.

1. Data Controller

The data controller is Solarites S.r.l., with registered office at Piazza Vittorio Emanuele II, 14 – 12073 Ceva (CN), Tax Code/VAT No.: 03894180045 (email: amministrazione@solarites.it, certified email: solarites@multipec.it, telephone: +39 0174 704201).

2. Purpose of Processing

The personal data held by the Company are generally provided directly by the individual to whom the personal data refers (the Data Subject). Personal data may also be acquired from third parties (for example, private entities authorized to provide labor brokerage, companies that perform personnel selection activities on behalf of third parties, trade unions, professional associations, etc.).

Your personal data is processed by the Company for the following purposes:

• conducting negotiations and fulfilling the requirements prior to entering into a contract;

• fulfilling obligations arising from contracts entered into with the Company;

• checking and assessing the results and progress of the relationship, as well as the risks associated with it (such as: accuracy of the data provided, solvency, even during the relationship);

• sending offers to its Customers;

• managing any disputes (for example, breaches of contract, arbitration, legal disputes, etc.);

• fulfillment of obligations established by laws, regulations, and EU legislation;

• fulfillment of legal obligations in the tax and accounting fields;

• internal management control.

3. Processing Methods

In relation to the aforementioned purposes, personal data is processed using computerized and manual tools (e.g., the use of paper documents and IT support), lawfully and correctly for the purposes indicated above. Your personal data will be protected with appropriate security measures that guarantee its confidentiality, integrity, accuracy, availability, and timeliness. Your data will be processed only by personnel expressly authorized by the Data Controller.

4. Data Subject to Processing

In relation to the purposes described in paragraph 1 above, the Company processes your personal data relating to: First and Last Name; residential address; tax code; bank account identification details (IBAN), financial data, etc.

5. Communication and dissemination

The above data will not be disseminated, but may be communicated, for the sole purposes indicated above, exclusively to the following categories of entities: – entities involved in the transmission, transportation, and sorting of communications (e.g., Poste Italiane); – public bodies and administrations; – social security and welfare institutions; – banks and credit institutions; – insurance companies; – administrative, tax, occupational safety, and quality consulting firms; – reliability verification consultants. The recipients of the communications described in this policy operate completely independently, as separate data controllers, or, in some cases, have been designated by the Company as data processors.

Certain categories of persons, acting as data processors, may access your personal data for the purpose of fulfilling their assigned tasks. Other natural or legal persons who, pursuant to a contract with the data controller and appointed as data processors, provide specific processing services or perform activities related to, instrumental to, or supporting those of the data controller, may also become aware of your personal data. The identity of these persons may be disclosed as indicated in paragraph 8 below. The personal data processed by the Company and by the persons performing the technical and organizational tasks described in paragraph 2 on its behalf are not disclosed.

6. Personal data retention period

Personal data will be processed for the entire duration of the contractual relationships established, and also subsequently, to fulfill all legal obligations and, in any case, for a period not exceeding 10 years from the establishment of the contractual relationship or longer in cases expressly required by law.

7. Rights of the Data Subject

We inform you that the legislation on personal data protection grants Data Subjects the right to exercise specific rights (as provided for in Articles 15 et seq. of EU Regulation 679/2016). In particular, each Data Subject has: a. the right of access, expressly provided for in Article 15 of Regulation 679/2016, i.e. the right to access all personal information concerning them; b. the right to rectification, expressly provided for in Article 16 of Regulation 679/2016, i.e. the right to obtain the updating of inaccurate personal data concerning them without undue delay; c. the right to be forgotten, expressly provided for in Article 17 of Regulation 679/2016, consisting of the right to erasure of personal data concerning the data subject; d. the right to restriction of processing when one of the conditions set out in Article 15 applies. 18 of Regulation 679/2016; and the right to data portability, expressly provided for by art. 20 of Regulation 679/2016, i.e. the right to obtain your data in an interoperable format and/or the right to have your personal data transmitted to another data controller without hindrance from this Company; f. the right to withdraw consent at any time, expressly provided for by art. 7 of Regulation 679/2016; g. the right to lodge a complaint with the Data Protection Authority in the event of a violation in the processing of data pursuant to art. 77 of Regulation 679/2016; h. the right to seek judicial remedy in the event of unlawful data processing, including against actions taken by the Data Protection Authority pursuant to art. 78 of Regulation 679/2016. The Data Subject has the right to object, for legitimate reasons, to the processing of personal data concerning him or her, even if pertinent to the purpose of the collection. You may also object to the processing of your personal data for the purposes of sending advertising or direct sales materials, or for market research or commercial communications. These rights may be exercised by submitting a specific request to the certified email address: solarites@multipec.it

8. Mandatory or optional nature of data provision and consequences of refusal to respond

The provision of personal data described above is optional. Refusal to provide such data will make it impossible to carry out the operations necessary to establish and manage the employment relationship.

9. Right to complain

Data subjects who believe that the processing of their personal data by Solarites S.r.l. or its representatives violates the Regulation have the right to lodge a complaint with the Data Protection Authority, as provided for by Article 77 of the Regulation, or to take appropriate legal action (Article 79 of the Regulation).