Privacy Policy

Information on the processing of personal data in accordance with EU Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016

This regulation is provided pursuant to and in accordance with Article 13 of Regulation (EU) No.2016/679 (hereinafter also Regulation or GDPR). The processing of personal data by our organization is based on the principles of fairness, lawfulness and transparency and the protection of confidentiality and the rights of the individuals to whom the data refer. In this context, we provide you with the information required by the current regulations and ask for your consent to process certain personal data.

  1. Data subject to processing and their origin

In order to provide you with the services and/or products you have requested or in your favor provided, our Company must have personal data, including data of a sensitive nature concerning you, your family members, relatives or beneficiaries you have appointed. Some data are yet to be acquired, others of which must be provided to us by you or third parties due to legal obligations (e.g. under anti-money laundering regulations), and/or have already been acquired, provided by you or other parties . These data are processed only within the framework of the purposes described below and for the time strictly necessary to fulfill them.

  1. Purposes of the processing

Your personal data is processed solely for the purpose of carrying out insurance brokering services on your behalf, in particular “insurance brokering” necessarily requires that the data be processed for the following purposes and because of the following legal bases:

– Legal compliance: to comply with laws, regulations or EU standards, with which FMoretto Consulting is required to comply.

– Contractual fulfillments: necessary for the management, execution and conclusion of contractually defined relationships in existence or to be defined, such as: study of your insurance risks, preparation and conclusion of insurance policies; collection of premiums; management of insurance claims or payment of other benefits; constitutions, exercise or defense of your rights as an insured.

– Legitimate interests of the Data Controller: for organization, measurement of customer satisfaction, business management and internal control. They include preparation of anonymous statistics and data analysis.

– Commercial: for information and promotion of existing and new services offered similar to those already proposed, market research and surveys on the quality of service provided instrumental to improving the quality of services offered by our Company. Purposes carried out also through telematic means (e.g. by e-mail, fax). The provision of your data and your consent for the purposes indicated therein are optional. Failure to provide them does not affect the provision of our insurance services.

Should the Data Controller intend to carry out processing for purposes other than those indicated above You will receive a new information notice and, in any case, the new processing cannot take place without Your new consent.

  1. Method of processing

The data are processed by FMoretto Consulting – Data Controller – only with methods, tools and procedures, computer, telematic or paper, strictly necessary to achieve those purposes described above, to which you have consented and in accordance with the principles of fairness, lawfulness and transparency. However, the processing of personal data, in various ways, is carried out in accordance with the indications of Article 4, Paragraph 1, No. 2 GDPR: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. The personal data collected will be processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected; for the duration of the contract where, between the Data Controller and the Interested Party via is the conclusion of a contractual act; for the keeping and storage in the terms imposed by law. Specific security measures are observed to prevent data loss, illegal or incorrect use and unauthorized access (data breach). In our Company, the data are processed by those specifically appointed in writing, within the scope of their respective functions and in accordance with the instructions received, always and only for the achievement of those specific modalities indicated in this notice, to which you have consented.

  1. Access to personal data

For the purposes described above, personal data may be accessible:

– to employees of the Data Controller in their capacity as persons in charge and/or internal data processors and/or system administrators;

– to third party companies or other entities (by way of example: professional firms and consultants) that perform outsourcing activities on behalf of the Data Controller, in their capacity as external data processors.

  1. Communication and/or dissemination of personal data to third parties

Your data, in addition to the subjects indicated by the Regulations, may be communicated to any qualified third parties who provide FMoretto Consulting with performances or services instrumental to the purposes indicated in point 2 above. Such conferment will be necessary to carry out the activities carried out by FMoretto Consulting.

  1. Compulsory communications: communications that the company is required to make in accordance with laws, regulations, provisions issued by supervisory bodies: anti-money laundering, Central Accident Records, Civil Motorization, ISVAP, INPS, UIC, ANIA, judicial bodies, law enforcement agencies, etc. These subjects, in carrying out the processing activities delegated to them, will assume the quality of DESTINATARIES.
  2. Communications strictly related to the intercurrent relationship: this type includes communications necessary for the conclusion of new contractual relationships and/or for the management and execution of existing legal relationships, always to the extent necessary for the performance of the requested service, for example: banks, asset management companies, SIM, service companies in charge of processing different types of data, attorneys, accountants, labor consultants, appraisers, doctors, contracted clinics, auto repair shops, car wrecking centers, service companies entrusted with the management, settlement and payment of claims, service companies for the quietanzamento, computer or filing service companies, auditing companies, investigation companies, legal protection consulting companies, commercial information companies for financial risks, fraud control services, debt collection companies, postal services, financial statement auditing companies, consulting companies and certification bodies for quality, environment, data security, other business consulting companies. These subjects, in carrying out their activities and competencies, will assume the quality of DATA CONTROLLER. Also included in this category are subjects from the insurance sector, such as insurers, co-insurers, reinsurers, agents, sub-agents, insurance brokers, indirect collaborators and other acquisition channels. Some of the entities in the insurance sector reside abroad, but still within the European Union.
  3. Communications instrumental to the activities of our Company:Communications aimed at improving the quality of service provided, through customer satisfaction surveys, with the need to communicate your data to Companies related to us and other subjects that can offer quality services to our customers. These subjects, in the performance of the activities delegated to them, will assume the quality of PROCESSING RESPONSIBILITIES.
  4. Communications and dissemination for commercial purposes:Communication and dissemination of the Customer list (limited to the Customer’s name and satisfaction data), who have explicitly authorized it. Such communication and dissemination is made to various determined and unspecified third parties, including through telematic means (e.g. through the Internet site, commercial brochures, e-mail, fax) and are aimed solely at the commercial promotion of FMoretto Consulting and the acquisition of new customers.

The complete list of subjects to whom personal data are communicated, the list of Data Processors, System Administrators and Data Processors is constantly updated and can be easily and freely known by requesting them from the Data Controller, mentioned below in the information notice. FMoretto Consulting does not perform the dissemination of personal data about you to third parties, unless you explicitly authorize it in writing and in case of authorization only in relation to the dissemination of the Client list, as described above.

  1. Transfer of personal data

The personal data processing activities are carried out and managed mainly in-house; notwithstanding this, FMoretto Consulting reserves the possibility to transfer the data to third party operators and/or suppliers for the purpose of pursuing the above purposes. Any transfer of personal data to a third country or International Organization will take place under the sole condition that they have obtained an adequacy decision from the European Commission or alternatively present adequate guarantees. In the event that the communication and/or transfer of personal data is envisaged to a third country that is not deemed adequate by the Commission or that does not present adequate safeguards, an additional informative appendix containing all legal requirements will be required; in the absence of this information and your subsequent consent, no communication/transfer of your data will be arranged.

  1. Rights of the data subject

As a data subject, you have the rights under Art. 15 et seq. GDPR, namely:

– obtain confirmation of the existence or otherwise of personal data concerning you, even if not yet recorded, and its communication in intelligible form;

– to obtain the indication of: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in case of processing carried out with the aid of electronic instruments and the security measures put in place; d) the identification details of the data controller, the person(s) in charge and any representatives appointed under Art. 5, paragraph 2 Privacy Code and Art. 3, paragraph 1, GDPR, within the EU or outside the EU; e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as appointed representative in the territory of the State, managers or appointees;

– obtain: a) the updating, rectification or, when interested, the integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;

– oppose, in whole or in part: a) for legitimate reasons, the processing of personal data concerning you, even if pertinent to the purpose of collection; b) the processing of personal data concerning you for the purpose of sending advertising materials or direct sales or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and / or through traditional marketing methods by telephone and / or mail. It should be noted that the data subject’s right to object, set forth in point b) above, for direct marketing purposes, through automated modalities, extends to traditional ones and that, in any case, the possibility for the data subject to exercise the right to object even partially remains unaffected. Therefore, the data subject may decide to receive only communications by traditional means or only automated communications or neither type of communication. Where applicable, the data subject also has the rights under Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to restrict processing, right to data portability, right to object), as well as the right to complain to the Data Protection Authority. In order to exercise your rights, as well as for more detailed information about the subjects or categories of subjects to whom the data are communicated or who become aware of them in their capacity as data processors or persons in charge, you may send a registered letter to FMoretto Consulting – Via Piave, 7 – 72024 ORIA (Brindisi) tel.fax +39 0831.845686 – e-mail: info@fmorettoconsulting.com

  1. Owner, Manager and of the Data Processing.

The DATA CONTROLLER AND PROCESSOR is FMoretto Consulting in the person of its owner Flavio Moretto C. F. MRTFLV71R10C424Z / P. IVA 02580590749, based in Via Piave, 7 – 72024 ORIA (Brindisi) reachable through the following contacts: cell phone: +39 320.3308159, e mail: info@fmorettoconsulting.com, PEC: flavio.moretto@legalmail.it

CONSENT TO THE PROCESSING OF PERSONAL DATA

Accordingly, we ask you to express your consent for the processing of your data, including data of a sensitive nature, and for the communication to the categories of subjects indicated in paragraphs A and B of point no. 5 and for the purposes referred to in letters 1, 2, 3 of point no. 2. This consent is mandatory for the continuation of the relationship, any refusal would prevent satisfying the search for possible and appropriate insurance contracts; it would prevent satisfying any contracts already in place and the provision of services offered by FMoretto Consulting. Withdrawal of consent subsequent to the request for services or the signing of the contract may not stop the processing of personal data already acquired for contractual and related legal fulfillments, but would lead to the blocking of the fulfillments not yet completed and not legally required.

We also ask you to give your consent for the processing of your data, for commercial communications and for the communication and dissemination to the categories of subjects indicated in letter C of point no. 5 and for the purposes of letter 4 of point no. 2, including through the use of telematic means, such as your e-mail and your fax. This consent is optional and does not prevent the continuation of the contractual relationship and the provision of services offered by FMoretto Consulting.

General conditions of use and site consultation

FMoretto Consulting with registered office in Via Piave, 7- 72024 ORIA (Brindisi) P. IVA 02580590749 in the person of its owner Flavio Moretto as Data Controller, informs, pursuant to art. 13 EU Regulation n. 2016/679 (hereinafter “GDPR”), that the processing of personal data of users who consult the site www.fmorettoconsulting.comavverrà in the manner and for the purposes described below. The information is provided only for the site www.fmorettoconsulting.come not also for other websites that may be consulted by the user through links. Following consultation of this site, data relating to identified or identifiable persons may be processed. The information notice also takes into account Recommendation No. 2/2001 that the European Authorities for the protection of personal data, meeting in the Group established by Article 29 of Directive No. 95/46/EC, adopted on May 17, 2001 to identify certain minimum requirements for the collection of personal data online, and, in particular, the manner, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purposes of the connection. In addition, this notice takes into account the provisions of the domestic legislator – Legislative Decree 196/2003 (Privacy Code) and is updated according to the new European directives set forth in EU Reg. 2016/679. The purpose of the privacy policy is to provide maximum transparency regarding the information the site collects and how it uses it.

  1. Object of Processing.

As a result of consulting this site, data relating to identified or identifiable persons may be processed. Personal data are processed when the user consults the FMoretto Consulting site.

  1. Purposes of the processing

The processing of personal data of those who consult the above site will take place for different purposes depending on the category of data processed. The processing of “Browsing Data” is carried out, in an automated way, in order to obtain commercial information and anonymous statistics on the use of the site and to check its correct functioning and are stored both in the FMoretto Consulting database and by Google’s web analytics facility (for the relevant policy please refer to the link in the “Cookies” section). The data could be used to ascertain responsibility in case of hypothetical computer crimes to the detriment of the site: except for this eventuality, at present the data on web contacts will be deleted. The processing of “Data provided voluntarily by the user”, with reference to the activities of access or registration to a restricted area, for subscription to the newsletter, for the request for advice and / or quotes is necessary to respond to such requests and is done for this specific purpose.

Legal basis of the processing

The legal basis of the processing resides in the legitimate interest of the Data Controller in an efficient and safe navigation of the website, including those of an interactive nature. The legal basis of the processing resides in the data subject’s express consent to the processing of his or her personal data. By using or consulting this site, visitors and users explicitly approve this privacy policy and consent to the processing of their personal data in the manner and for the purposes described above, including the possible disclosure to third parties if necessary for the provision of a service. Providing data and thus consenting to the collection and processing of data is optional, the User may deny consent, and may revoke a consent already provided at any time. However, withholding consent may result in the inability to deliver certain services and the site browsing experience may be impaired.

  1. Categories of data processed

Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols (log files). This information is not collected to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are stored both in the FMoretto Consulting database and by Google’s web analytics facility (for the relevant policy please refer to the link in the “Cookies” section). The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this eventuality, at present the data on web contacts do not persist for more than seven days.

Data provided voluntarily by the user

The optional, explicit and voluntary inclusion of contact data in the formats contained on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data contained in the message. Specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.

  1. Provision of data

Apart from what has been specified for navigation data, the user is free to provide FMoretto Consulting with the personal data contained in the request forms or in any case indicated in contacts with the Office in order to solicit the sending of requested information. Nevertheless, failure to provide them may result in the impossibility of obtaining the performance or service you wish to request. For the sake of completeness, it should be mentioned that in some cases (not the subject of the ordinary management of this site) the Authority may request news and information regarding the protection of personal data, for the purpose of monitoring the processing of personal data. In these cases the response is mandatory under penalty of administrative sanction.

  1. Locations and Methods of Processing

Processing related to the web services of this site takes place at the aforementioned headquarters of FMoretto Consulting and is handled only by technical personnel of the Office in charge of processing. The processing of personal data, in various ways, is however carried out according to the indications of art. 4, par. 1, no. 2 GDPR: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data are processed by automated means for the time strictly necessary to achieve the purposes for which they were collected. This site processes user data lawfully and fairly. Specific technical and organizational security measures are observed to prevent data loss, illegal or incorrect use and unauthorized access (data breach).

  1. Access to personal data

For the purposes described above, personal data may be accessible:

– To employees of the Data Controller in their capacity as data processors and/or system administrators;

  1. Transfer of personal data

The personal data processing activities are carried out and managed mainly in-house; notwithstanding this, FMoretto Consulting reserves the right to transfer the data to third party operators and/or suppliers for the purposes of pursuing the above purposes. Any transfer of personal data to a third country or an International Organization will take place under the sole condition that they have obtained positive assessment of the standards of protection through an adequacy decision by the European Commission ex art. 45 GDPR or, alternatively, adequate guarantees are recognized ex art. 46 GDPR. In the event that the communication and/or transfer of personal data is envisaged to a third country that is not deemed adequate by the Commission or that does not have adequate safeguards, an additional informative appendix containing all legal requirements that allow specific derogations ex art. 49 GDPR is required. In the absence of said information and your subsequent explicit consent, no communication and/or transfer of your data will be arranged.

  1. Rights of the data subject

The data subject has the rights under Art. 15 et seq. GDPR, namely:

– obtain confirmation of the existence or otherwise of personal data concerning him/her, even if not yet registered, and its communication in intelligible form;

– to obtain the indication of: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in case of processing carried out with the aid of electronic instruments and the security measures put in place; d) the identification details of the data controller, the person(s) in charge and any representatives appointed under Art. 5, paragraph 2 Privacy Code and Art. 3, paragraph 1, GDPR, within the EU or outside the EU; e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as appointed representative in the territory of the State, managers or appointees;

– obtain: a) the updating, rectification or, when interested, the integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;

– oppose, in whole or in part: a) for legitimate reasons, the processing of personal data concerning you, even if pertinent to the purpose of collection; b) the processing of personal data concerning you for the purpose of sending advertising materials or direct sales or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and / or through traditional marketing methods by telephone and / or mail. It should be noted that the data subject’s right to object, set forth in point b) above, for direct marketing purposes, through automated modalities, extends to traditional ones and that, in any case, the possibility for the data subject to exercise the right to object even partially remains unaffected. Therefore, the data subject may decide to receive only communications by traditional means or only automated communications or neither type of communication.

Where applicable, the data subject also has the rights set forth in Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to restriction of processing, right to data portability, right to object), as well as the right to complain to the Data Protection Authority.

  1. Methods of exercising rights

The data subject may at any time exercise the rights by sending:

– a registered letter with return receipt to FMoretto Consulting, Via Piave, 7- 72024 ORIA (Brindisi) Italy (Italy);

– an e-mail to the address: info@fmorettoconsulting.com

The DATA CONTROLLER AND PROCESSOR is FMoretto Consulting in the person of its owner Flavio Moretto C. F. MRTFLV71R10C424Z / P. IVA 02580590749, based in Via Piave, 7 – 72024 ORIA (Brindisi) reachable through the following contacts: cell phone: +39 320.3308159, e mail: info@fmorettoconsulting.com, PEC: flavio.moretto@legalmail.it

Every effort will be made to make the functionality of this site as interoperable as possible with the automatic privacy control mechanisms available in some products used by users. Considering that the state of refinement of the automatic control mechanisms does not currently make them free from errors and dysfunctions, it should be noted that this document, published at https://www.fmorettocosulting.com/privacy/ constitutes the “Privacy” of this site, which will be subject to updates.

DO YOU HAVE ANY QUESTIONS? WOULD YOU LIKE TO ASK FOR A FREE QUOTE?

    CONTACT

    Fill out the simple form and we will contact you to evaluate together the best market offer for you

    LEGAL INFORMATION

    flavio.moretto@legalmail.com

    OCF CFA iscr. n.1918 del 04.05.2022
    EFPA ESG Advisor Cert. Nr. IT202221936
    N° iscrizione RUI: B000609294
    FERMA Rimap Cert. n. 20200262