INFORMATION ABOUT THE PROCESSING OF PERSONAL DATA pursuant to art. 13 and 14 of the Regulation (EU) 2016/679

Relating to the protection of natural persons with regard to the processing of personal data

Syria Web S.r.l. (in the following also "Owner"), with registered office in Statale Road 145,39 Pompei - 80045 with VAT 08704521213 as and in the related annexes to which this information is (the "Contract"), as the data controller and with reference to the software Repair System informs you, pursuant to art. 13 and 14 of European Regulation 679/2016 relating to protection of personal data ("GDPR") of the following. The following rules exclusively the relationship between the Owner and the customer. The data provided by users to customers does not will be used in any way by the Data Controller, as a mere provider of the software, therefore must be regulated by the same customer and third parties.

• TYPE OF DATA PROCESSED

The Supplier is the controller of the personal data communicated at the time of the signing of the Contract and subsequently provided on the occasion of the execution of the contract.

The personal data that the Supplier collects in relation to the management of the contractual relationship and in any pre-contractual phases can be provided directly by the Data Subject (as defined below) or by the Customer, in the case of internal contact persons management of the Contract. The personal data processed by the Supplier may be, example and not exhaustive, the names, qualifications, telephone numbers, code tax, payment and banking data, possibly the company name and mail addresses of natural persons and legal representatives of companies such as parties to the contract and internal referents for the management of contracts (Hereafter, the "Interested Parties" and the "Data").

Some information, such as representative and prosecutor data or financial statements or customer custody, are also acquired from public sources (Chambers of trade information services).

The data processing is carried out by the Supplier in the performance of its activities economic and commercial purposes related to the establishment, management and execution of including the management of the pre-contractual relationship. especially the data provided by the data subjects will be subject to processing, mainly through IT tools, for the following purposes:

1. the performance of obligations closely related to the management of the Contract, including the administrative and accounting management of contracts, the management of payments and invoices, the issuance of services and the management of customer support services. the provision of data for such activities is essential for the correct management of the of the Contract and does not require the consent of the Data Subject (Art. 6(1)(b) of the GDPR);

1. the execution of activities instrumental to the management of the Contract, including the planning of activities, the protection of the management of any litigation and the debt collection so that the provision of data, where necessary, is optional and the processing is based on the legitimate interest of the Supplier;

1. the fulfilment of obligations arising from Community law, regulations or legislation ( tax and accounting obligations) for which the provision of data is mandatory and the processing does not require the consent of the Data Subject (Art. 6(1)(c) of the GDPR);

The Data will be processed by the Company with electronic and manual systems in accordance with the fairness, loyalty and transparency provided for in the applicable legislation on protection of personal data and protecting the confidentiality of the Data Subject through technical and organizational security to ensure an adequate level of security.

The Data will be processed, as far as necessary, by authorized personnel, properly trained and trained, of the Data Controller, as well as by the staff of third parties that provide services to the Data Controller and carry out data processing on behalf of and on the instruction of the latter as data controllers. These are those who provide services (e.g. hosting providers), call center services, debt collection activities, customer support services (e.g. ticketing management), support services to marketing activities (e.g. direct email marketing) and third-party companies, which provide complementary activities. The complete and up-to-date list of subjects that deal with the Data as data controllers, it is available on request to the Responsible for Data Protection.

In cases where the contractual relationship involves the intervention of our business partners, the the Data Controller may share some Data with distributors, resellers and partners part of the Repair System product and service distribution chain.

The Data will not be disclosed under any circumstances and will not be generally transferred out of the from the European Union. However, if, for specific needs related to the location of location of the third party with whom the Data may be shared, the Data must be transferred outside the European Economic Area, the Owner undertakes to guarantee levels of adequate protection and safeguards, including of a contractual nature, including the conclusion of standard contractual clauses (a copy of the commitments made by third parties may be requested in the context of these clauses by request to be sent to the Head of Protection of the Data).

• MARKETING E PROFILING

With the consent of the Data Subject or in any case in the cases permitted by the Legislation in protection of personal data, the Data may be subject to processing by the of the Owner also for the following purposes:

1. the sending by e-mail and with automatic or telephone messages of offers and initiatives related to the products or services of companies as well as the conduct of market research or other customer satisfaction initiatives. If required the provision of any data for this purpose, a completely residual hypothesis, this contribution will be optional. It is understood that the processing of data for this purpose will be possible only with the consent of the Interested Party (art. 6(1)(a) of the GDPR). Consent may be revoked at any time, freely in the manner indicated in point 7 below or through the cancellation link available in each electronic communication. Any failure to issue or revoke the consent shall in no way prejudice the performance of the Agreement;

1. Analysis of the habits of use of the products and services by the Data Subject in function of what may be considered to be of interest to him both in order to improve its products and services with features that may be more interest to customers both to offer the Interested Party products that could respond to the more punctually to his needs. If the provision of any data for this purpose, which is completely residual, this contribution will be optional. It is understood that the processing of data for this purpose will be possible only with the consent of the Data Subject (Art. 6(1)(a) of the GDPR). The possible use of information relating to the use of the products or services attributable to the Customer legal entity may be carried out by the Data Controller. even in the absence of specific consent, unless otherwise expected by law. The consent may be revoked in any time freely in the manner indicated in point 7 below; any failure to do so the granting or withdrawal of consent shall in no way prejudice the performance of the Agreement.

With the consent of the Data Subject, in order to receive promotions and commercial initiatives, the supplier may also communicate the Data to the companies that deal with development of software and vocational training as well as partner companies for the sending by them of promotions and commercial initiatives by them.

Without prejudice to the possibility of exercising the rights to delete data and the rights of objection and limitation of the processing referred to in point 7 of this policy, the Data for the purposes referred to in this point will be preserved and processed in the compliance with the applicable legislation for the protection of personal data throughout the period time necessary to fulfil the above purposes up to a maximum of 24 months or the maximum period allowed by law for profiling referred to in the (a) of this point; otherwise, for the purposes referred to in point (b) of the this point, the processing will be carried out until the consent is revoked by the of the Interested Party.

• WHAT ARE THE RIGHTS OF PERSON CONCERNED

The Data Subject may exercise, in relation to the processing of the data described therein, the rights provided for by the GDPR (Art. 15-21), including

• confirm the existence of the Data and access its content (rights of access);
• update, modify and/or correct the Data (right of rectification);
• request the deletion or limitation of the processing of the Data processed in violation of the including those whose retention is not required in relation to the for which the Data has been collected or otherwise processed (right to be forgotten and right to limitation);
• oppose treatment (right of objection);
• withdraw consent, where given, without prejudice to the lawfulness of the based on consent given prior to revocation;
• complain to the Supervisory Authority (Data Protection Supervisor garanteprivacy.it) in case of violation of the rules on the protection of personal data;
• receive an electronic copy of the Data concerning him as a Data Subject, when data have been returned in the context of the contract and request that such Data be transmitted to another data controller (right to data portability).

In order to exercise these rights, the Data Subject may contact the Person responsible for Data Protection by sending your request to [email protected], or by directing the communication by post to:

Syria Web S.r.l.

Strada Statale 145, 39

Pompei (NA) CAP 80045

VAT IT08704521213

Data Protection Officer

When contacting us, you should make sure that you include your name. email/postal address and/or telephone number(s) to make sure that your request can be be handled correctly.