Personal Data Protection Policy Paolo Corazzi Fibre S.r.l., with registered Office Via Paolo Corazzi, 2, Cremona (CR) CF e VAT 00836170191 (“Data Controller”), following the regulations from Art. 13 of ITA D.Lgs. 30.6.2003 n. 196 (“Codice Privacy”) and from Art. 13 of Regulation EU 2016/679 (“GDPR”) informs that personal data belonging to natural persons (“personal data”, or “data”) will be managed the following way: 1. Scope of the data processing The Data Controller stores and processes company and possibly personal data collected during contract stipulation (name, surname, address, phone, email, back account, payment preferences, etc) for the scope of contract management. 2. Purpose of the data processing Your company and possibly personal data will be processed: a) Without your explicit consent (art. 24 lett. a), b), c) Codice Privacy e art. 6 lett. b), e) GDPR), for the following purposes: * Contract stipulation; * Contract and fiscal management; * Compliance to law and regulations; * Protect the rights of the Data Controller, as in court or other dispute; b) Only with your explicit consent (att. 23 and 130 Codice Privacy e art. 7 GDPR), for the following marketing purposes: * Send by email, phone, SMS or other means of communications advertisements on products and services or satisfaction questionnaires; If you are a customer already we have the right to continue processing the data the way we did before. You can submit explict dissent (art. 130 c. 4 Codice Privacy). 3. Data processing modes Data processing will be managed following art. 4 of Codice Privacy e art. 4 n. 2) of GDPR, using electronic and paper format. Data Controllers will process the data for the strict time necessary to the purposes listed above and no more of 10 years as for law and regulations. 4. Access to personal data Your data can be accessed for the purposes listed in 2.a) e 2.b) by: a) Employees or contractors of the Data Controller, in Italy and other countries. b) Third parties as banks, insurances, consultants etc on behalf of the Data Controller and goverment agencies, in Italy, EU and other countries. 5. Data communication Your data won’t be spread. Nevertheless, without explicit consent (ex art. 24 lett. a), b), d) Codice Privacy e art. 6 lett. b) e c) GDPR), the Data Controller can communicate your data to third parties as for art. 2.a). 6. Data transfer Personal data will be stored in Cremona (Italy) and into European Union. The Data Controller could at any moment move the data on extra-UE sites following the regulations. 7. Data collection and denial process Data collection for purposes is art. 2.a) is mandatory to obtain the service as in 2.a) Data collection for purposes as art. 2.b) is optional and it is your right to deny the consent to process all or part of the data as for art 2.b) at any time. Services as in 2.a) will remain untouched. 8. Rights of the data subject You own the following rights as for art. 7 Codice Privacy and art. 15 GDPR: i.Get an attestation of the existence or not-existence of your personal data and, in case they exist, get them in a common exchange format; ii.Get the details about: a. Source of the personal data; b. Purposes and means of the treatment; c. Data controller information, his/her Representatives and Processors as for art . 5, comma 2 Codice Privacy e art. 3, comma 1, GDPR; d. Third parties that can keep a copy of the personal data. iii.Obtain: a. Update of the data, including modifications, rectifications, integrations, emendations; b. Erasure, anonymization or pseudonymization of the data according to the regulations; c. Attestation that operations at a) and b) have ben processed, unless this proves impossible or involves disproportionate effort. iv.Obtain: a. The right to oppose completely or partially to the data processing as in 2.a) , with the consequent service or contract disruption if the data are mandatory. b. The right to oppose completely or partially to the data processed as in 2.b) Other rights could include, where applicable, the rights as in artt. 16-21 GDPR (Rectification, Right to be forgotten, Restriction, Portability, Opposition), and lodge a complaint with the competent supervisory authority of Italy and of the European Data Protection Supervisor, or their respective representatives. 9. Contacts * A registered letter with return receipt to Paolo Corazzi Fibre s.r.l. via Paolo Corazzi 2, 26100 Cremona, Italy. * A simple e-mail to privacy@corazzi.com 10. Data controller, Representatives and Processors The updated list of Data Controllers, Representatives, Processors and processings is available in registered Office in Via Paolo Corazzi, 2, Cremona (CR).