The European Regulation — Regulation (EU) 2016/679 (GDPR) — concerning the protection of natural persons with regard to the processing of personal data and the free movement of such data was published in the Official Journal of the European Union on 4 May 2016 and became fully effective on 25 May 2018.
This regulation, which defines the right to personal data protection as a fundamental right, imposes a series of obligations on Data Controllers — expressed through the concepts of privacy by design and privacy by default — to ensure safeguards and guarantees for the data processed in accordance with the principle of accountability.
Setek S.r.l., in order to ensure an adequate level of data protection, is committed to processing data in accordance with the principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, confidentiality, and accountability.
Data Controller
The Data Controller of the personal data held by Setek S.r.l., whether collected in automated or paper-based databases or not, is the Administrator.
Exercising data subject rights
In accordance with Regulation (EU) 2016/679, data subjects may at any time exercise:
- The right to access their data
- The right to request rectification, erasure, or restriction of processing
- The right to object to processing
- The right to data portability
- The right to withdraw consent at any time (Art. 7(3))
To exercise these rights, the data subject may contact the Data Protection Officer at Setek S.r.l. (dpo@setek.it).