Privacy disclaimer
PRIVACY DISCLAIMER
With this information, DCA Consulting Srl, hereinafter “DCA” as the data controller, informs you of how your personal data will be processed.
Our registered office is in via Pietro Fedele n. 40 – 00179 Roma, the operational headquarters is located in via Archimede n. 153 – 00197 in Roma. Email: privacy@dcaconsulting.it
Data Protection Officer:
Ing. Andrea D’Innocenzo c/o Systema Consulting S.r.l. Via C. A. Jemolo, 303 Roma email: DPO@scitalia.com
Categories of processed data
DCA Consulting will be able to treat, depending on the case, the following data referring to you as an individual and / or if a legal person to the reference personnel (employees or collaborators) and / or to the partners or directors of the company that you represent to which it is required communicate this information.
The type of personal data processing includes the following data types / categories:
personal data (name, surname, date of birth, address etc.)
contact details of members only, natural persons or company personnel who have exchanges of communications with DCA (telephone number, email etc.)
personal data suitable to reveal the possible existence of criminal convictions as well as criminal and civil proceedings in progress (judicial data)
any other data connected with the execution of the expert, legal investigative mandate and associated with the activity for which the data is provided
Matching or combination of data sets
Communications history data
Particular data (with reference only to health data that must be treated for the management of claims)
Consent data
Electronic / electronic data of customers
contact info
Interaction data
Information on customer behavior with reference to reported claims
Electronic identification data
Accounting and financial data
Housing data
Policy data
Vehicle data or assets insured by the Customer and relating to reported claimsCategories of interested parties
The categories of persons appointed and authorized to process the data are:
Insurance intermediary or insurance company
Claimer
Client
Assured
Representative of the insured or of the injured
Referee
Victimum
Test Damaged
Eromes of the victim
Cursors and / or guardians and subjects exercising parental authority over minors or incapacitated
public Professionals who carry out the activities necessary for the settlement processPurpose, legal basis of processing and nature of data provision
The purposes of processing data related to services are:
Business continuity e disaster recovery
Treatment, management and support for the settlement of claims
Customer involvement with reference to reported claims
Detect and prevent fraud
Finance, accounting, taxes and treasury
Information and analysis
Legal, regulatory or statutory obligations
Registration and monitoring
Technology Management
Telematics
Other purposes
The data referred to in point 1 will be treated for the management of the professional activity with you and / or with the company it represents, including the related legal, administrative and accounting requirements.
The processing of all the categories of data indicated may be necessary for the fulfillment of obligations provided by the Law, regulations or Community legislation or by provisions issued by:
Authorities legitimated by the Law or by supervisory and control bodies;
Sometimes for the management and settlement of claims;
Prevention and identification of insurance frauds and legal actions;
The constitution, exercise or defense of the rights of the insurer represented, subject to his express and free consent, referred, if appropriate, also to his personal data of a sensitive nature (eg data suitable for detecting the state of health contained in the medical records and medical reports);
For the fulfillment of legal obligations to which DCA is subject as envisaged by art. 6, par. 1 letter c) GDPR and for the execution of the professional mandate conferred or the contract stipulated pursuant to art. 6, par. 1, lett. B) GDPR.
The provision of such data is necessary for the execution of the Activity and the failure to provide them results in the impossibility for DCA to execute the signed contracts and the professional mandates received.
In addition to the execution of the Activity, the only personal data referred to in point 1, letters a) and b), may be used for the sending, by DCA, of communications related to the Activity through newsletters, institutional communications and invitations to events, even with automated and individual modes.
This processing is carried out on the basis of the legitimate interest (art. 6, par. 1, letter f) GDPR) of DCA to develop relations with its customers.
The provision of data for this purpose is free and failure to provide it does not affect the execution of the Activity. You will always have the possibility to request that the data will not be processed for this purpose or, if the processing is already in progress, to exercise your right to object.
Identification of the appointees
Once the various areas of treatment have been determined, the identification of the appointees and / or authorized parties takes into account the profile that each subject appointed by the data controller possesses according to his or her own subjective nature: insurance expert, coroner, investigator, lawyer, trainee or employee to the secretariat or to the management or to the investigative practices also as collaborator.Consequently, a series of homogeneous instructions are given, which apply to each individual appointee and / or authorized, regardless of the profile and scope of treatments assigned.
Processing methods
The processing of data will be carried out in compliance with the principles of correctness, lawfulness and transparency, with manual, paper, computerized, telematic, automated tools, also suitable for memorizing, managing or transmitting the data, however suitable for guaranteeing security and privacy some data.
The DCA adopts an internal code aimed at treating and regulating the ways in which the confidentiality of the processed data is safeguarded.
Period of storage of personal data
The Data will be stored at the headquarters of DCA for the entire duration of the contractual and / or professional relationship and subsequently:
for the period of time envisaged by the legislation, including accounting, applicable to the aforementioned report and, in any case, for a period not exceeding 10 years (prescription term), for the other purposes, for a period of five years;
At the end of these periods the data will be deleted or made anonymous. The Data may be known and used within DCA, in particular, according to the tasks assigned to them, by the employees of the operating structures (accounting, human resources, administrative offices, management and maintenance of IT and marketing systems), as well as by professionals and members of DCA.
DCA also makes use of some service providers appointed as external processors. The list of these subjects is constantly updated and, together with the copy of appropriate or appropriate guarantees, is available at the DCA headquarters. For information on the point can write an email to the email address: privacy@dcaconsulting.it
The processing of data is carried out exclusively within a Member State of the European Union (EU) or within a member state of the European Economic Area (EEA), unless this is necessary to fulfill legal obligations or by regulations.
Scope of communication and dissemination of personal data and transfer abroad
-
- The Data may be known and used within DCA, in particular, according to the tasks assigned to them, by the employees of the operating structures (accounting, human resources, administrative offices, management and maintenance of IT and marketing systems), as well as by professionals and members of DCA.
DCA also makes use of some service providers appointed as external processors. The list of these subjects is constantly updated and, together with the copy of appropriate or appropriate guarantees, is available at the DCA headquarters. For information on the point can write an email to the email address: privacy@dcaconsulting.it
The processing of data is carried out exclusively within a Member State of the European Union (EU) or within a member state of the European Economic Area (EEA), unless this is necessary to fulfill legal obligations or by regulations.
-
Rights of the interested party
You have the right to obtain confirmation of the existence or not of personal data concerning you, and you have the right to obtain the indication:
of the origin of personal data;
of the purposes and methods of processing;
of the logic applied in the case of processing carried out with the aid of electronic instruments;
of the identification data concerning the data controller, data processors and the designated representative;
the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or appointees.
You also have the right to obtain:
access to your personal data;
updating, rectification or, when interested, integration of data;
the limitation of processing in cases of dispute over the accuracy of data, opposition to the processing or deletion of personal data towards the holder, as well as for the ascertainment, exercise or defense of a right in court;
the deletion, transformation into anonymous form or blocking of data processed in violation of the law, including those for which conservation is not necessary in relation to the purposes for which the data were collected or subsequently processed;
in a structured format, commonly used and readable by an automatic device, the personal data supplied and to transmit them, directly or through the owner, to another data controller (c.d. the right to data portability).
You also have the right to object, in whole or in part:
for legitimate reasons, to the processing of personal data concerning him / her, even though they are relevant to the purpose of the collection;
to the processing of personal data concerning him for the purpose of sending advertising materials or direct sales or for carrying out market research or commercial communication.
If you believe your rights have been violated by the owner and / or a third party, you have the right to lodge a complaint with the Authority for the protection of personal data and / or other competent control authority under the GDPR.To exercise these rights, you can write an email to the email address: privacy@dcaconsulting.it