We care about the privacy of our visitors and we deem it necessary to inform them properly about the processing of their personal data. Accordingly, below please find an information notice on the processing of personal data, provided in compliance with (EU) Regulation 2016/679 and, more generally, with applicable legislation.
Who we are
The company Custom S.p.A. (hereinafter "Custom"), with registered office in Via Berettine no. 2/B, 43010 - Fontevivo (PR), is a technology company that designs and manufactures OEM (Original Equipment Manufacturer), ODM (Original Design Manufacturer), POS (Point of Sale) and Retail software products. In carrying out its activities, Custom pays the greatest attention to respecting security and confidentiality of its users' personal data and, therefore, complies with the principles of lawfulness, correctness and transparency provided for by the European Regulation 2016/679 (hereinafter also "GDPR”).
The data controller is Custom S.p.a., with registered office in Via Berettine 2/B 43010 Fontevivo (PR), E-mail: firstname.lastname@example.org, switchboard +39 0521 680111.
Data Protection Officer
No Data Protection Officer (DPO) has been appointed, as it is not required under Reg. 2016/679. However, the data subjects may contact Custom to exercise their rights under the GDPR by writing to the email address: email@example.com.
Nature of personal data we may collect
The following categories of personal data may be collected:
- contact details: information regarding name, place, date of birth, social security number, address, phone number, cell phone number, email address, and other;
- interests: information you provide to us regarding your interests, there including products you are interested in;
How we collect data
Custom collects and processes personal data under the following circumstances:
- if you access or register with one of our websites (www.custom.biz - www.customlife.com - www.keepupsuite.it - www.custom4u.it - brand.custom.biz - www.fasy.it - careers.custom.biz - www.bizeta.net - www.systemretail.it);
- if you download our software;
- when you purchase our products or submit a service request;
- when you fill out one of our forms to request technical information;
- if you respond to our marketing campaigns, for example, by filling in a form, entering data on one of our websites or at trade fairs and events (in such cases, data shall only be processed subject to the data subject's consent);
- if other Custom Group companies or business partners legitimately transfer your personal data to us.
Purposes of personal data processing
Data provision is required to manage the relationship with the users. Custom will not be able to execute any relationship in the event of failure to provide your data. The conditions requiring personal data processing are listed below:
- stipulation and execution of a contract the data subject is a party to, or execution of pre-contractual measures adopted on request of the same data subject and consequent obligations: Custom may process contact data for the purpose of establishing and executing contractual relationships, providing the services requested and responding to claims and complaints. Custom may also use your contact information, and in particular your email address, to provide information or communications relating to the service (for example, to execute purchase orders);
- operational management and purposes strictly connected to it, for access to the website, in particular its reserved areas: Custom collects contact information and Website Use data to allow you to access your personal area for the purpose of: (i) downloading documents relating to purchased services from the personal area; (ii) meet other requests received through the Website;
- execution of marketing activities on products and services of Custom Group companies: Custom may process contact data for marketing activities regarding products and services of the Group companies, carried out using the methods defined in the previous paragraph;
- use - in an aggregate and anonymous form - of the data relating to page access or to forms filled in, as referred to in the preceding paragraphs, with the aim of creating and using audience segment targets for commercial purposes;
- compliance with a legal obligation, regulation or order of a judicial authority the data controller is subject to, or to exercise a right in court;
- pursuit of the legitimate interests of the data controller or third parties, in particular security protection, there including information technology, and crime prevention.
With regard to the marketing activities referred to in points 3 and 4, the legal basis for data processing is the data subject's consent. Failure to provide the consent referred to in the preceding paragraph may make it impossible to execute the agreement, in whole or in part.
How we secure your personal data
Custom is ISO27001 certified and uses all the necessary security measures to improve protection and maintenance of your personal data security, integrity and accessibility. All personal data are stored on our secure servers (or appropriately stored hard copies) or those of our suppliers or business partners, and are accessible and usable in accordance with our standards and security policies (or equivalent standards for our suppliers or business partners). The data are processed at the Data Controller's Headquarters, as indicated above.
Who can access data
Data are shared only where strictly necessary, subject to all applicable precautions regarding confidentiality. In such cases, data may be communicated to:
- internal data controllers;
- employees or collaborators, in their capacity as data processors;
- companies belonging to Custom Group, duly appointed as data processors, where necessary;
- suppliers of outsourced services and/or commercial partners, as duly appointed external data processors;
- third parties, autonomous owners or co-owners, in the event that this is required pursuant to legal obligations, regulations or measures issued by the judicial authority.
Data transfer outside the EU
For how long will your information be kept
We shall retain personal data for as long as necessary to achieve the purposes for which they were collected, and in any case for no longer than 10 years after collection, unless otherwise provided by law. We restrict access to personal information only to those who need to use it for purposes consistent with this policy. Data that are no longer required or for which there is no longer a legal basis for storage will be irreversibly anonymized or securely destroyed.
Data protection rights
By writing to the email address firstname.lastname@example.org, you may exercise the rights listed below:
- access to personal data;
- rectification of the data in our possession;
- deletion of any data for which we no longer have any legal basis for processing;
- limitation of the methods we use for processing personal data, within the limits provided for by applicable legislation on the protection of personal data;
- opposition to the processing of personal data where provided for by applicable legislation;
- revocation of consent, in the even that data processing is subject to your consent;
- portability, in order to have a copy of the personal data you have provided to us.
In addition, the user may lodge a complaint with the competent supervisory authority based on his or her place of residence, place of work or place of infringement of his or her rights. For Italy, the competent authority is the Data Protection Supervisor, that can be contacted at the website www.garanteprivacy.it. For other states, please request information in order to identify the appropriate authority.
Last updating: 15 February 2022.