INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ART. 13 OF REGULATION (EU) NO. 2016/679
Pursuant to art. 13 of Regulation (EU) no. 2016/679 (hereinafter the "GDPR"), Crispy Bacon S.r.l.
(hereinafter "Crispy Bacon" or the "Controller") informs you that personal data relating to your
company (hereinafter the "Data Subject") and the natural persons acting on its behalf (hereinafter
the "Data"), collected from the Data Subject or third parties, will be processed in accordance with
the provisions of the GDPR and in accordance with the information notice below. It is understood
that it is the responsibility of the Data Subject to inform the natural persons acting on its behalf of
the processing of the Data referred to in this information notice and to request their consent, where
Data controller. Data processors. The Data Controller is Crispy Bacon S.r.l., with registered office in Bassano del Grappa, Viale XI
Febbraio, n. 1/B (e-mail: firstname.lastname@example.org - pec: email@example.com). The updated list of
the data processors is available at the registered office of the Data Controller.
Purpose and legal basis of the processing. Legitimate interests pursued. The Data will be processed: a) for the purposes of complying with the legal obligations vested upon the Controller; b) for the performance of contracts to which the Data Subject is a party or for the adoption of
pre-contractual measures taken at the request of the Data Subject; c) for the establishment, exercise or defence of legal claims; d) to send commercial communications on products and services similar to those already
purchased, without prejudice to the Data Subject's right to object at any time. The processing of the Data for the purposes under a) does not require the consent of the Data
Subject as it is necessary to comply with the legal obligations to which the Controller is subject,
pursuant to art. 6, para. 1 letter c) of the GDPR. The processing of the Data for the purposes under
b) does not require the consent of the Data Subject as the processing is necessary for the
performance of contracts to which the Data Subject is party or for the adoption of pre-contractual
measures taken on its request, pursuant to art. 6, para. 1, letter b) of the GDPR. The processing of
the Data for the purposes under c) and d) does not require the consent of the Data Subject as it is
necessary for the pursuit of the legitimate interest of the Controller, pursuant to art. 6, para. 1, letter
f) of the GDPR.
Conferment of Data and consequences in case of failure to provide them. The provision of data for the purposes under a) and b) is optional, but necessary in order to fulfil
legal and contractual obligations. The provision of data for the purposes under c) and d) is optional
but necessary for the pursuit of the legitimate interests of the Controller mentioned above. In all
these cases, failure to provide the Data will make it impossible for the Data Controller to establish
and manage the contractual relationship with the Data Subject and carry out the activities related.
Recipients or categories of recipients. The Data may be made accessible, brought to the attention of or communicated to the following
subjects, who will be appointed by the Data Controller, as the case may be, as data processors or
persons in charge of the processing: ● companies of the group to which the Controller belongs (parent companies, subsidiaries,
affiliated companies), employees and/or collaborators in any capacity of the Controller
and/or companies of the group to which the Controller belongs; ● private subjects, natural or legal persons, which the Data Controller uses to carry out the
activities instrumental to achieving the aforementioned purposes or to whom the Data
Controller is required to communicate the Data, pursuant to legal or contractual obligations. In any case, the Data will not be disseminated.
Data retention period. The Controller retains the Data for as long as necessary to fulfil the purposes for which they are
collected, including for the purposes of satisfying any legal or tax requirements. To determine the appropriate retention period for personal data, the Controller considers the
amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use
or disclosure. By law the Controller has to keep basic information about its customers (including contact, identity,
financial and transaction data) for ten years they cease being customers.
Rights of access, erasure, restriction and portability. Data Subjects are entitled to the rights set out in Articles 15 to 20 of the GDPR.
By way of example, any data subject may: 1. obtain confirmation as to whether or not personal data relating to him/her are being
processed; 2. where processing is ongoing, to obtain access to personal data and information relating to
the processing and to request a copy of the personal data; 3. rectify inaccurate personal data and integrate incomplete personal data; 4. obtain, where one of the conditions laid down in Article 17 of the GDPR is satisfied, the
erasure of personal data concerning him/her; 5. obtain, in the cases provided for in Article 18 of the GDPR, the restriction of processing; 6. receive his/her personal data in a structured format that is commonly used and machine-
readable, and request their transmission to another controller if technically feasible.
Right of objection. Every Data Subject has the right to object at any time to the processing of his/her personal data
carried out for the purpose of pursuing a legitimate interest of the Data Controller. In the event of opposition, such personal data will no longer be processed, unless there are
legitimate reasons to carry out the processing that prevail over the interests, rights and freedoms of
the data subject or for ascertaining, exercising or defending a right in a court of law. Every Data Subject has the right to object to the processing of his or her personal data for direct
Right to revoke consent. In the event that consent is required for the processing of personal data, each data subject may, at
any time, revoke the consent already given, without prejudice to the lawfulness of the processing
based on consent given before the revocation.
Right to complain to the Data Protection Authority. Any Data Subject may lodge a complaint with the Data Protection Authority in the event that he or
she believes that his or her rights under the GDPR have been violated, in accordance with the
procedures indicated on the Data Protection Authority's website accessible at:
About Crispy Bacon
Multimedia Communication Studio - Crispy Bacon is an agency that efficiently manages all forms of communication, offering innovative solutions using visual graphics, the latest multimedia systems. Crispy Bacon goes beyond standard communication services, providing clients with comprehensive operative strategic counseling using all technological advancements in media. Crispy Bacon's goal is to help the client's brand become more visible and identifiable.
Given its powerful skills in developing optimal partnerships with the clients and the team's constant study of market evolution, Crispy Bacon offers the advantage of integrating traditional marketing tools with the most innovative communication methods. Crispy Bacon develops Mobile App (iOS & Android), Web sites, SEO, e-commerce platform, Facebook Apps, web marketing as well social marketing campaigns, infographics and interactive videos.
Don’t forget to like our Facebook page, follow us on Twitter and our add us to your Linkedin…STAY SOCIAL STAY CRISPY!