- Who may receive, process or use the Personal Data
- Data Controller
- address: 21 Rue Glesener, L-1631 Luxembourg
- Tel: +352 661146480
QUANTYX ADVISORS s.r.l.:
- address: Via Amedei, 15 - 20123 Milan
- Tel: +39 02 83555901
(Each, as case-by-case applicable, hereinafter also referred to as "QUANTYX")
- Persons in charge of the processing
In order to obtain an up-to-date list of the persons in charge of processing, Data Subjects are invited to contact the Controller at the addresses indicated in Section 2.1.
- Data Processors and other entities to which Personal Data are disclosed
We may disclose Personal Data to institutions, authorities, professionals, external collaborators, including in an associated form, our business partners or third parties, including for example:
- providers of administrative accounting software;
- companies providing banking and insurance services;
- auditing companies; tax and accounting consultants; fraud control companies; accountancy firms; professional firms; debt collection law firms;
- Other companies within the Quantyx Group.
We may also disclose Personal Data to third parties in the event of a merger, acquisition, sale of a company or business or other extraordinary transaction. Personal Data may also be disclosed to any person who is a legitimate recipient of communications under law or regulation, such as in the case of legal proceedings, requests by courts and competent authorities or in connection with other legal obligations and if QUANTYX in good faith believes that the disclosure of Personal Data is necessary to comply with obligations under applicable law and to protect and defend the rights and property of QUANTYX.
An up-to-date list of the Data Processors and of the persons to whom Personal Data are disclosed is available, free of charge, upon request to QUANTYX at the addresses indicated in Section 2.1.
- What data are collected and how
- Data voluntarily provided by the Data Subjects and/or collected from third parties
QUANTYX may acquire and process Personal Data provided directly by Data Subjects, including by post, telephone, web.
QUANTYX may also process Personal Data of which it legitimately becomes aware in the context of the business relationship, during the performance of services and/or the execution of a contract involving the Data Subject.
- Modalities of the processing and Extra EU Data transfers
Personal Data is not disclosed or transferred outside the European Union.
Personal Data is not disseminated.
- Place of data processing
With unique reference to the processing of Personal Data carried out by QUANTYX directly, this takes place at the premises of QUANTYX referred to in Section 2.1 and is handled by QUANTYX's staff in charge of processing.
- Legal basis and purpose of processing
- Legal basis of the processing
Personal Data are processed for taking steps at the request of the Data Subjects prior to entering into a contract and/or for the performance of a contract to which the Data Subjects are a party or for the fulfilment of contractual obligations.
Furthermore, Personal Data can be processed since the processing is necessary for compliance with a legal obligation to which the controller is subject, such as tax and accounting obligations and compliance obligations.
Eventually, Personal Data can be processed to pursue the legitimate interests of QUANTYX or of other companies of the Quantyx Group in relation to activities in connection with fraud control, debt recovery or to exercise rights in courts and also for internal administrative purposes within the Quantyx Group.
- Purposes of the processing
Personal Data may be processed for the following purposes:
- fulfil obligations provided for by law, regulations and EU legislation;
- fulfil tax and/or accounting obligations;
- acquiring information prior to the conclusion of contracts;
- comply with specific requests of the customer prior to the conclusion of the contract;
- perform obligations arising from the contract concluded;
- administering customers (master data, negotiating contract conditions, managing work accounts);
- to provide a service or enable the provision of the same;
- answering questions and requests for information;
- fraud control and debt recovery;
- to exercise rights in court, in case of judicial proceedings, requests by courts and competent authorities or in relation to other legal obligations and if QUANTYX in good faith considers that the processing of Personal Data is necessary to fulfil obligations arising from applicable legislation and to protect and defend the rights and property of QUANTYX.
- Compulsory or optional nature of providing Personal Data
The provision of Personal Data is necessary for the establishment, execution and proper management of commercial and contractual relations and is also mandatory for the fulfilment of legal obligations. Therefore, failure to provide Personal Data will make it impossible to establish and execute contracts with the customer.
Personal Data will not be used for marketing or profiling purposes, except with the express consent of the Data Subjects.
- Data retention time
Personal Data are kept only for the time necessary to carry out the purposes from time to time pursued and indicated above, unless it becomes necessary to continue to process the Personal Data following further requests (for example, following the stipulation of a contract for the further provision of services). The Personal Data will be retained by QUANTYX for 10 years after the end of the contracual relationship. In any case, Personal Data shall be kept for a period of time not shorter than that prescribed by civil and fiscal laws and shall not be disclosed.
If you wish to obtain further information on the storage of your Personal Data, you can write to QUANTYX at the contact details given in section 2.1.
- Rights of Data Subjects
In accordance with the GDPR, and the Privacy Applicable Laws, the Data Subjects have:
- the right to obtain from QUANTYX confirmation of the existence and processing of their Personal Data and their written (electronic) copy in a clear and comprehensible form;
- the right to access the Personal Data and information on the processing, such as the following information:
- origin of Personal Data and categories of Personal Data processed;
- purposes and methods of processing;
- identity of the data controllers and data processors;
- recipients or categories of recipients to whom the Personal Data have been or will be disclosed.
Data Subjects also have the right to obtain from QUANTYX:
- the rectification of their Personal Data, such as updating, correcting and supplementing Personal Data;
- the deletion, transformation into anonymous form, blocking or restriction of the processing of Personal Data;
- the certification that any data protection right exercised on the Personal Data by the Data Subjects has been brought to the attention, also as regards their content, of those to whom the Personal Data have been communicated, except where this proves impossible or involves the use of means manifestly disproportionate to the right protected;
- the portability of Personal Data, in the cases and within the limits provided by the Privacy Applicable Laws.
In addition, Data Subjects are always entitled to object to the processing of their Personal Data in whole or in part:
- for legitimate reasons, to the processing of your Personal Data even if it is relevant to the purpose for which it was collected by QUANTYX;
- to the processing of their Personal Data for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication.
Data Subjects may also lodge a complaint with the competent supervisory authority.
Data Subjects may exercise their rights freely and at any time by writing to QUANTYX at the e-mail address or at the contact details given in Section 2.1.
- Security measures
QUANTYX ensures that the Personal Data of the Data Subjects are kept and controlled with the adoption of suitable and preventive security measures, so as to reduce to a minimum the risk of destruction or loss, including accidental loss, of the data themselves, of unauthorised access, or of processing that is not permitted or does not conform to the collection purposes indicated in the information notice. However, QUANTYX declines all responsibility in the event that such destruction or loss of data, or unauthorised access to them, depends on the equipment used by the Data Subjects. Data Subjects must therefore ensure, among other things, that their computer and internet provider use suitable and up-to-date software systems to protect the electronic transmission of data (for example: antivirus, firewall, spam filters).