Studio Legale Arché

PRIVACY POLICY (CLIENT)

DISCLOSURE PURSUANT TO ART. 13 OF D. LGS. 196/2003 AND OF ARTICLE 13 OF EU REGULATION N. 2016/679

Archè Studio Legale is active in protecting the privacy of its customers. Therefore, it provides this information.
Pursuant to art. 13 of Legislative Decree 196/2003 (hereinafter “Privacy Code”) and art. 13 of the EU Regulation n. 2016/679 (hereafter “GDPR 2016/679”), laying down provisions for the protection of persons and other subjects regarding the processing of personal data, we wish to inform you that the personal data provided will be processed in compliance with the aforementioned law.

Data controller

The Data Controller is “Archè Studio Legale”, with headquarters in Genoa, Via Bartolomeo Bosco 15/7, P.IVA P.I. 02,424,940,993.
The Owner can be contacted by telephone (010.0897500), fax (010.0897501) and mail (info@arche-lex.net). The law firm has not appointed a person responsible for the protection of personal data (RPD or, data protection officer, DPO).

Purposes of data processing

The treatment is aimed at the correct and complete execution of the professional assignment received, both in judicial and extrajudicial field.

Your data will also be processed in order to:

• fulfill the obligations envisaged for tax and accounting purposes;
• comply with the obligations incumbent on the professional and required by current legislation;
• communicate to the Client updates and / or new legislation and / or jurisprudence on the matters covered by the Study, studies and publications as well as events organized or sponsored by the Firm.

Personal data may be processed by means of both paper and electronic files (including portable devices) and processed in ways strictly necessary to meet the aforementioned purposes.

Basis of the processing

The Studio treats your personal data lawfully, where the treatment:

• it is necessary for the execution of the mandate, a contract of which you are a part or the execution of pre-contractual measures taken on request;
• it is necessary to fulfill a legal obligation incumbent on the professional;
• is based on the express consent.

Consequences of failure to communicate personal data

With regard to personal data relating to the execution of the contract of which you are party or related to the fulfillment of a regulatory obligation (for example the obligations related to the keeping of accounting records and tax), failure to disclose personal data prevents the improvement of the contractual relationship itself. With regard to the execution of the other purposes based on the express consent (for example, the sending of newsletters), the processing is carried out on the basis of the legitimate interest of the Owner to develop relations with its customers. The provision of data for this purpose is free and does not affect the execution of the activity. You will always have the possibility to request that the data are not processed for these purposes, or to exercise the right of opposition, if the treatment is already in place.

Data retention

Your personal data, object of treatment for the above purposes, will be kept for the duration of the professional relationship and, subsequently, for the time when the professional is subject to conservation obligations for fiscal purposes or for other purposes foreseen by legal or regulatory provisions. At the end of these terms, the data will be made anonymous, or deleted.

Data communication

Your personal data may be disclosed to:

• consultants and accountants or other lawyers who provide functional services for the purposes indicated above;
• banking and insurance institutions that provide functional services for the purposes indicated above;
• subjects who process data in execution of specific legal obligations;
• Judicial or administrative authorities, for the fulfillment of legal obligatio

Profiling and dissemination of data

Your personal data are not subject to disclosure or to any fully automated decision making process, including profiling.
Personal data is stored on servers located within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU. In this case, the Data Controller hereby ensures that the transfer of non-EU data will take place in accordance with the applicable legal provisions

Rights of the interested party

Among the rights recognized by the GDPR are those of:

• ask the professional to access your personal data and information relating to them; the correction of inaccurate data or the integration of incomplete data; the cancellation of personal data concerning you (upon the occurrence of one of the conditions indicated in article 17, paragraph 1 of the GDPR and in compliance with the exceptions provided for in paragraph 3 of the same article); the limitation of the processing of your personal data (upon the use of one of the hypotheses indicated in Article 18, paragraph 1 of the GDPR);

• request and obtain from the professional – in the cases in which the legal basis of the treatment is the contract or consent, and the same is done by automated means – your personal data in a structured and readable format by automatic device, also in order to communicate such data to another data controller (so-called right to the portability of personal data);
• oppose at any time the processing of your personal data to the occurrence of particular situations that affect you;
• revoke the consent at any time, limited to the cases in which the processing is based on your consent for one or more specific purposes and concerns common personal data (for example date and place of birth or place of residence), or particular categories of data (eg data revealing your racial origin, your political opinions, your religious beliefs, your health status or your sex life). The treatment based on consent and carried out prior to the revocation of the same preserves, however, its lawfulness;
• propose a complaint to a supervisory authority (Authority for the protection of personal data – www.garanteprivacy.it).

You may exercise these rights at any time by contacting the Data Controller at the addresses indicated above.