Get In Touch

Privacy Policy

Plus Technology > Privacy Policy

PRIVACY POLICY ON THE PROCESSING OF PERSONAL DATA AND CONSEQUENCES OF REFUSING TO PROVIDE PERSONAL DATA REQUESTED

 (EU Regulation 679/2016)

This privacy policy on the processing of personal data is provided in accordance with the provisions contained in Articles 13 and 14 of EU Regulation 2016/679 relating to the protection of individuals with regard to the processing of personal data, as well as the free movement of such data (General Data Protection Regulation, hereinafter “GDPR“).

1. Personal Data

    The personal data of the customer will be acquired with reference to the relationships established and will be subject to processing in compliance with the above mentioned regulation. The data processing is carried out in compliance with the rights of fundamental freedoms, as well as the dignity of the person concerned, with particular reference to confidentiality and personal identity and the right to protection of personal data.

    Pursuant to Articles 13(1) and 14(1) of the GDPR, the personal data of the customer that will be acquired and processed are as follows: first and last name, tax code, residence, predominant activity carried out, customer characteristics, economic activity, connection with entities residing in countries at risk, geographical area of customer interest, criminal proceedings, origin of the funds used (hereinafter referred to as the “Personal Data“).

    The customer is responsible for the completeness and truthfulness of the Personal Data and shall therefore hold the Data Controller harmless from any liability towards third parties in the event of untrue, incomplete, partial and/or inaccurate data.

    2. Purpose of treatment

    The Personal Data you provide will be processed for the purposes:

    (a) from d. lgs. 21 November 2007, No. 231, as amended by the d. lgs. 25 May 2017, No 90  (hereinafter the “Decree“) of Implementation of the Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, as subsequently amended and supplemented.

    Information relating to the required identification and professional performance data and services may be used for the detection of suspected money laundering transactions, which Plus Technology DOO, as represented  by its Legal Representative, Mr. Salamina Umberto, in its own name and in the name and on behalf of the Company (hereinafter the “Company”) is required to report to the UIF, under the current anti-money laundering legislation.

    In any case, sensitive data is not acquired and processed.

    3. Personal Data and Consequences of Refusal to Provide Personal Data – Mandatory Nature of Personal Data Delivery

    The provision of the required Personal Data is mandatory for the fulfillment of the legal obligations in this matter and in order to proceed with the continuation of the reports. Any refusal will therefore require the Company to refrain from establishing or continuing the ongoing relationship or to carry out operations with the other party that will oppose rejection. In addition, the refusal to provide the necessary data for identification may be reported to the UIF.

    The information and Personal Data requested must enable the Company to comply with the obligations of adequate verification of customers in relation to the conduct of its institutional activity and, in particular, to:

    1. identify the customer and verify their identity based on documents, data or information obtained from a reliable and independentsource;
    2. identify the actual owner and verify their identity;
    3. obtain information on the purpose and nature of the ongoing report oroperation;
    4. carry out a constant check in the course of the relationship.

    Attached forms must be returned to the Company duly filled out and completed of the documents requested, taking into account the following clarifications:

    • Unexpired identification document: are considered valid for identification, the documents listed in articles 1 and 35 D.P.R. 28 Dec. 2000, n. 445 (identity card, passport, driving or nautical license, pension booklet, license for the conduction of heating systems, weapons permit, as well as identification cards provided that they bear a photograph and a stamp or other equivalent marking, issued by a State administration, or any document bearing a photograph of the holder and issued on paper, magnetic or computer support, by an Italian or other public administration, which allows the personal identification of the holder). For the identification of non-EU citizens and minors, the provisions in force apply; with reference to unborn and conceived children, the identification is carried out in relation to the legal representative.
    • Official documentation in case of a legal entity: chamber visures, certificates, council or assembly resolution extracts, which show the identification data of the legal entity (corporate name, legal location and code of fisc. / VAT number) and the power of representation of the individuals delegated to the investment, in addition to the identification document of the delegates to the signature, as shown above.
    • Identification of the beneficial owner, under Article 20 of D. Lgs. 90/2017.

    The term “beneficial owner” refers to the individual or individuals, other than the client, in whose interest or whose interests the ongoing relationship is ultimately established, the professional service is rendered or the transaction is executed.

    More specifically, the beneficial owner of customers other than individuals is the individual or individuals who ultimately own or control the entity, either directly or indirectly.

    If the client is a corporation:

    • direct ownership means the ownership by a natural person of more than 25% of the client’s capital;
    • the ownership of a percentage of shares exceeding 25% of the client’s capital, held through subsidiaries, trust companies or third parties, constitutes indirect ownership.

    In the hypotheses in which the examination of the ownership structure does not make it possible to unequivocally identify the natural person or persons to whom the direct or indirect ownership of the entity can be attributed, the beneficial owner coincides with the natural person or persons who, in the final instance, can be attributed control of the same by virtue of:

    • control of the majority of the votes that can be exercised at the ordinary shareholders’ meeting;
    • control of sufficient votes to exercise a dominant influence at the ordinary shareholders’ meeting;
    • the existence of specific contractual constraints that allow to exercise a dominant influence.

    If the application of the criteria set out in the previous paragraphs does not make it possible to unequivocally identify one or more beneficial owners, the beneficial owner shall coincide with the natural person or persons holding powers of administration or management of the company.

    In the event that the client is a private legal person, as referred to in D.P.R. 361/2000, the following shall be cumulatively identified as beneficial owners

    • the founders, when alive;
    • the beneficiaries, when identified or easily identifiable;
    • the holders of management and administration functions;
    • the obliged parties shall keep a record of the checks carried out for the purpose of identifying the beneficial owner.

    Politically exposed people:

    Politically exposed people are defined as individuals who have been in employment or have ceased to occupy important public office for less than a year, as well as their family members and those who have notoriously close ties with those who have known close ties, as follows:

    • are individuals who hold or have held important public office those who hold or have held the office of:
      • President of the Republic, President of the Council, Minister, Deputy Minister and Under-Secretary, President of Region, Regional Councillor, Mayor of the Provincial Capital or Metropolitan City, Mayor of municipalities with population not infedwith 15,000 inhabitants as well as similar posts in foreign states;
      • deputy, senator, European parliamentarian, regional councillor, as well as similar offices in foreign countries;
      • member of the central governing bodies of political parties;
      • judge of the Constitutional Court, magistrate of the Court of Cassation or the Court of Auditors, State Councillor and other members of the Council of Administrative Justice for the Sicilian Region as well as similar positions in foreign states;
      • member of the governing bodies of central banks and independent authorities
      • ambassador, chargé d’affaires or equivalent positions in foreign states, senior officer of the armed forces or similar positions in foreign states;
      • member of the administrative, management or supervisory bodies of companies that are controlled, even indirectly, by the Italian State or by a foreign State, or in which the Regions, provincial capitals and metropolitan cities and municipalities with a total population of at least 15,000 people hold a majority or total stake;
      • general manager of ASLs and hospital companies, university hospital companies and other bodies of the national health service;
      • director, deputy director and member of the management body or person performing equivalent functions in international organizations;
    • are family members of politically exposed persons: parents, spouses or persons linked in civil partnership or de facto cohabitation or institutions similar to the politically exposed person, children and their spouses as well as persons linked to children in civil partnership or de facto cohabitation or similar institutions;
    • are subjects with whom politically exposed people have notoriously close ties:
    • natural persons related to the politically exposed person by virtue of joint beneficial ownership of legal entities or other close business relationship;
    • natural persons who only formally hold total control of an entity known to have been established, in fact, in the interest of and for the benefit of a politically exposed person.

    4. How Personal Data is processed

    The processing of Personal Data will be carried out by appropriate means in order to comply with the storage obligations provided for in the Decree. Personal Data will be collected and retained by the Company for the purposes of the insertion and management of the archive itself. The Company will maintain the archive ensuring the transparency and clarity of the information and the ease of consultation, research and processing of Personal Data.

    The operations inherent to the processing of Personal Data will be carried out by persons in charge of the processing who operate under the direct authority of the Owner or the Manager (as defined below). The data processors are identified in accordance with the GDPR.

    The processing of Personal Data will take place in such a way as to ensure the security and confidentiality of the Personal Data, including in the event of any disclosure to third parties and in accordance with the GDPR.

    The Personal Data will be kept in the archive for ten years after the completion of the transaction or the termination of the relationship in reference to which the same were acquired pursuant to applicable law.

    5. Persons to whom the Personal Data may be communicated or who may become aware of it in their capacity as managers or appointees; scope of dissemination of Personal Data

    The Personal Data contained in the archives may be communicated to the Supervisory Authorities, in the ways and for the purposes provided for by the regulations in force, for information purposes related to the in-depth analysis and investigation activities in relation to suspected money laundering operations.

    6. Personal Data Controller and Data Processor

    The Data Controller (hereinafter also referred to as the “Data Controller“) and the Data Processor (hereinafter also referred to as the “Data Processor“) is the Legal Representative, Mr. Salamina Umberto, domiciled for this purpose at the registered office.

    7. Rights of the interested party

    Subscribers are granted the right to obtain confirmation from the Data Controller as to whether or not Personal Data concerning them are being processed and, if so, to obtain access to the Personal Data and to the following information (a) the purposes of the processing; (b) the categories of Personal Data concerned; (c) the recipients or categories of recipients to whom the Personal Data have been or will be disclosed, in particular if they are recipients in third countries or international organizations; (d) when possible, the expected period of retention of Personal Data or, if this is not possible, the criteria used to determine such period; (e) the existence of the customer’s right to request from the Data Controller the rectification or erasure of Personal Data or the restriction of the processing of Personal Data concerning him or her or to object to their processing; f) the right to lodge a complaint with a supervisory authority; g) where the Personal Data are not collected from the customer, all available information about their origin; h) the existence of automated decision-making, including profiling and, at least in such cases, meaningful information about the logic used, as well as the importance and expected consequences of such processing for the customer.

    8. Transfer of Personal Data to third parties

    Personal Data provided by subscribers will be transferred exclusively to the individuals or entities necessarily involved in the execution of contracts for products and services or in the sending of messages of an informative or advertising nature, where the user has given his or her express consent (e.g. individuals or entities in charge of sending the newsletter).

    In addition, Personal Data provided by you may be transferred to companies affiliated with the Company, or to agents or consultants acting on behalf of the Company in order to perform the contract for products or services or, if you have given your express consent, for marketing purposes.

    9. Right to be forgotten

    The customer has the right to obtain from the Data Controller the erasure of Personal Data concerning him/her without undue delay and the Data Controller is obliged to erase the Personal Data without undue delay if any of the following reasons apply: (a) the Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) the customer withdraws the consent on which the processing is based; (c) the customer objects to the processing and there is no overriding legitimate reason to proceed with the processing; (d) the Personal Data has been unlawfully processed; (e) the Personal Data must be erased in order to comply with a legal obligation under the law of the European Union or the Member State to which the Data Controller is subject; and (f) the Personal Data has been collected in connection with the provision of services by the company.

    10. Right to restrict processing

      The customer has the right to obtain from the Data Controller the restriction of the processing when one of the following cases occurs (a) the customer disputes the accuracy of the Personal Data, for the period necessary for the Data Controller to verify the accuracy of such Personal Data; (b) the processing is unlawful and the customer objects to the erasure of the Personal Data and instead requests that its use be restricted; (c) although the Data Controller no longer needs the Personal Data for processing purposes, the Personal Data is necessary for the customer to ascertain, exercise or defend a right in court; (d) the customer has objected to the processing.

      11. Right to the portability of Personal Data

        The customer has the right to receive in a structured, commonly used and machine-readable format the Personal Data concerning him/her that he/she has provided to a controller and has the right to transmit such Personal Data to another controller without hindrance from the controller to whom he/she has provided them if the processing is based on consent and the processing is carried out by automated means.

        12. Right to object

          The customer has the right to object at any time, for reasons related to his or her particular situation, to the processing of Personal Data, including profiling on the basis of these provisions. The Data Controller shall refrain from further processing the Personal Data unless he demonstrates the existence of compelling legitimate grounds for processing that override the interests, rights and freedoms of the customer or for the establishment, exercise or defense of legal claims. If Personal Data is processed for direct marketing purposes, the customer shall have the right to object at any time to processing of Personal Data concerning him or her carried out for such purposes, including profiling insofar as it is related to such direct marketing.