contracts and commercial offers

Trust for trust.

When you entrust us with a project, we don't just want to make sure we give you the best possible service, we also want to ensure that your data and business information are fully protected. So why not start off on the right foot?

Data protection Notice

Contracts and commercial offers

Version 26.06.2024  - MOD.INF.CTR.24-03

Introduction

Archiva S.r.l. a socio unico, hereby informs you about the processing of personal data carried out in the context of the relationship with its customers. This Notice is provided pursuant to Article 13 of Regulation (EU) 2016/679.

Archiva S.r.l. a socio unico with registered offices in via Spagna 24, 37069, Villafranca di Verona (VR), with reference to the personal data processed in the context of the relationship with their customers, take on the role of Data Controllers

Purposes of the processing and legal bases

The personal data of the data subject (in this case in relation to the relationship with its customers: legal representative, internal contacts...) will be processed:

  1. for purposes connected with the execution of pre-contractual or contractual measures, activities connected with and/or instrumental to the provision of such service, for purposes connected with the reprocessing of the same data.
    Legal basis of the processing: execution of the contract (ART. 6.1.B GDPR).
  2. for administrative-accounting fulfilments, such as accounting and treasury management, as well as invoicing, in compliance with what is required by current legislation or for the fulfilment of other obligations provided for by laws, regulations and national and EU legislation.
    Legal basis of the processing: fulfilment of a legal obligation to which the Data Controller is subject (ART. 6 .1.C GDPR).
  3. for purposes related to the need to consult the accounting, fiscal, fiscal and administrative documentation in general, beyond the legal obligations of keeping it for 10 years, in order to respond to any requests and/or checks by the relevant authorities 
    Legal basis of the processing: pursuit of the legitimate interest of the Data Controller (ART. 6.1.F GDPR);
  4. to assert and/or defend the rights of the Controller in extrajudicial, judicial proceedings, litigation management, breach of contract, warnings, settlements, debt collection, credit protection, arbitration;
    Legal basis of the processing: pursuit of the legitimate interest of the Data Controller (ART. 6.1.F GDPR).

Nature and modalities of processing

All Personal Data Processing activities will be carried out in compliance with Regulation (EU) 2016/679, the Privacy Code Legislative Decree 196/2003, as amended by Legislative Decree 101/2018 and/or subsequent additions and will be based on the principles of correctness, lawfulness and transparency, protecting confidentiality and fundamental rights and freedoms.The provision of personal data for purposes 1 and 2 is mandatory for the achievement of the purposes listed above. Therefore, their non-, partial or inaccurate conferment may result in the objective impossibility for the Data Controller to establish or regularly conduct the contractual relationship.

Personal data will be processed mainly at the registered office of the Data Controller in Villafranca di Verona and/or in the locations of any Data Processors appointed pursuant to Article 28 of Regulation (EU) 2016/679 and will not be transferred to non-EU countries.

Categories of persons to whom personal data may be communicated

The personal data transmitted by the Customer or acquired in the course of the contractual relationship may be brought to the attention of employees or collaborators of the Data Controller, for activities connected with the provision of the activities covered by the contract, and of any Data Processors appointed pursuant to Article 28 of Regulation (EU) 2016/679, who, operating under the direct authoritỳ of the Data Controller, shall process data and receive adequate instructions in this regard. The same will be done by any Data Processors in respect of their employees or collaborators.

Personal data may be communicated, within the limits strictly pertinent to the above-mentioned purposes, to the subjects essentially included in the following categories and whose complete list may be requested from the Data Controller at the following address: This email address is being protected from spambots. You need JavaScript enabled to view it.. (also reachable by ordinary email).

Public Bodies and Administrations

for audits and controls in compliance with fiscal and civil obligations.

Banks and Credit Institutions

for the execution of economic/financial movements (payments/collections).

Law firms, consulting firms, notaries, accountants

for consultancy activities in their respective areas of professional competence.

IT infrastructure maintenance companies, software suppliers and manufacturers, cloud service providers

software production and delivery, for normal HW/SW maintenance activities, for any data restoration and for delivery of multimedia content

companies for the elimination of paper documentation and its storage

for the destruction of paper documentation and for its storage

Certification bodies and accreditation bodies

for verification activities in order to obtain and/or maintain the certifications acquired by Archiva S.r.l. a socio unico 

Communication and event organisation agencies

for activities falling within their sphere of competence

Duration of data processing and data retention

The personal data processed shall be kept for the time necessary to fulfil the purposes indicated and for any other legitimate purpose connected with the existing contractual relationship.

In particular, with reference to the section "Purpose of processing and legal bases":

  1. for the entire duration of the existing contractual relationship and, after its conclusion, for a maximum of 10 years pursuant to Article 2220 of the Civil Code. (Keeping accounting records);
  2. for the entire duration of the existing contractual relationship and, after its conclusion, for a maximum of 10 years pursuant to Article 2220 of the Civil Code. (Keeping accounting records);
  3. or a period of 10 years once the retention period dictated by Article 2220 of the Civil Code has ended;
  4. for the entire duration of the extrajudicial and judicial litigation until the expiry of the limitation periods of the right and/or forfeiture of the action and/or the possibility of appeal actions;

Data Protection Officer (dpo)

Archiva S.r.l. a socio unico, on a voluntary basis, has appointed a Data Protection Officer who can be contacted by e-mail This email address is being protected from spambots. You need JavaScript enabled to view it..

Below, by way of non-exhaustive example, are cases in which the DPO may be contacted and/or should be contacted:

  • in the event that you want to exercise a right recognized by the European Regulation;
  • in the event that you wish to contest the rejection of a request to exercise a right or you believe that the response was not satisfactory or did not arrive within the indicated timeframe;
  • in the event that you believe you have suffered a violation of your personal data during the processing carried out by the Data Controller or Data Processor;
  • in the event that it is believed that the information submitted to the interested party is not sufficiently clear and transparent;
  • in the event that it is deemed necessary to receive clarifications or further information regarding the processing carried out on your personal data (purpose, legal basis of reference, storage times, methods of carrying out the processing, etc.);
  • in the event that it is necessary to receive information in order to submit a complaint to the Supervisory Authority.

Rights of the interested party

At any time data subject may exercise his rights towards the Data Controller pursuant to articles 15 to 21 of the GDPR whose regulatory provisions are referred to in full.

The interested party will have the right to ask the Data Controller for access to his/her personal data, rectification, cancellation of the same or to oppose their processing, he/she will also have the right to request the limitation of the processing, as well as to obtain, in a format structured, commonly used and readable by automatic device, the data concerning you. Furthermore, the interested party may, at any time, revoke consent for processing based on this legal basis without prejudice to the lawfulness of the processing, based on consent, carried out before the revocation.

Finally, the interested party may lodge a complaint with the competent Supervisory Authority if he believes that his rights have been violated, in violation of the principles of the GDPR according to the methods indicated for example on the Guarantor's website, accessible on the website www .garanteprivacy.it

The exercise of the aforementioned rights can be activated by completing the appropriate form found on the website www.archivagroup.com or sent communication to the PEC address This email address is being protected from spambots. You need JavaScript enabled to view it. (also reachable by ordinary email).

Changes to the notice

This information notice may be subject to updates in compliance with national and European regulatory provisions as well as by virtue of operational choices made by the Data Controller. Unless otherwise specified, it will continue to apply to personal data processed up to that point.