INFORMATION MADE ACCORDING TO ART. 13-14 OF THE GDPR
(GENERAL DATA PROTECTION REGULATION) 2016/679
Updated on 01/05/2019
Black Pixel, as Data Controller of personal data, based in Tirana, Albania, Rr Ndre Mjeda Kompleksi Alba Kulla 1 Kati 6 Ap 263, hereby wishes to provide adequate information to individuals who also operate in the name and for account of suppliers, customers, partners and other subjects involved in contractual, pre-contractual activities or as users of services provided pursuant to articles 13 and 14 GDPR 2016/679 – “European regulation on the protection of personal data”.
1. Data subject to processing
The personal data processed are personal data and contact details provided or received by the interested party on the occasion of:
- visits or phone calls or emails;
- direct contacts obtained following participation in events, etc.;
- requests for commercial information, proposal of offers;
- requests through our websites or through the websites of suppliers, customers, partners, other subjects;
- subsequent transmissions and transactions to orders for the supply of services or goods (supplied / purchased);
2. Purpose of the processing
operating in the name and on behalf of suppliers, customers, partners and other subjects are also treated for:
- formulate requests or fulfill requests received;
- personnel research and selection activities;
- marketing/commercial activity;
- exchange information aimed at the execution of the contractual relationship, including the pre-and post-contractual activities, including those of assistance and support;
- execution of obligations under laws, regulations or EU legislation, as well as to comply with provisions issued by legitimate public Authorities or by supervisory and control bodies to which Black Pixel is subject (think for example of tax assessments ,etc.);
- for ancillary purposes, for example the “News Alerts” via email or SMS. In reference, for example, to cases of communications due to data breach events. The interested party may refuse to provide the owner with his personal data. However, the provision of personal data is necessary for the correct and efficient management of the contractual relationship with suppliers, customers, partners and other parties involved in the activities of the Data Controller (such as, for example, the provision of services, the search for personnel or the sale of goods). Therefore, any refusal to grant data may compromise all or part of the contractual relationship itself or the pre- and post-contractual activities.
The processing for the execution of a contract of which each subject is a party or for the execution of pre-contractual or post-contractual measures adopted at the request of the supplier, the customer, the partner, other subjects or Black Pixel, pursuant to the art. 6.1, lett. b) of the RGDP), are necessary for the fulfillment of a legal obligation pursuant to art. 6.1, lett. c) of the GDPR).
4. Processing methods
The data of the interested parties will be treated in compliance with the principles of lawfulness, correctness and transparency, using manual or automated tools also by inserting in databases, lists and lists suitable for storing, managing and transmitting data, in the ways and within the limits necessary pursuit of the aforementioned purposes.
Black Pixel has established adequate security measures in order to protect the data of natural persons operating in the name and on behalf of suppliers, customers, partners and other subjects, for example: Firewall, antivirus, virtual machine, back up encrypted.
The data will be processed exclusively by persons authorized to process data in Black Pixel, in relation to the purpose of the processing.
5. Data recipients
The personal data processed by the Data Controller will not be disclosed, or will not be disclosed to undetermined subjects, in any possible form, including that of making them available or simple consultation. Instead, they can be communicated to the Owner’s workers and to some external subjects who collaborate with them, always respecting the indicated purposes. In particular, these are employees / collaborators/
6. Data transfer
The data controller does not transfer personal data to third countries or to international organizations: personal data is stored on servers located within the European Union.
If necessary, the Data Controller will have the right to move personal data even outside the EU. In this case, the Data Controller ensures, as of now, that the extra-EU data transfer will be in compliance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses envisaged by the European Commission.
7. Data retention
The Data Controller maintains and processes personal data for the time necessary to fulfill the indicated purposes. Subsequently, personal data will be stored, as documented in our treatment registry. The retention period can vary significantly based on: purpose, type of data processed, legal obligations.
When it is no longer necessary to store personal data, these can be safely deleted or de-indexed or destroyed in accordance with our policy.
8.Rights of the interested party
Pursuant to articles 15 to 22 of the Rules, you can exercise the following rights:
- request confirmation of the existence or otherwise of your personal data;
- obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the storage period;
- obtain the correction and / or deletion of data;
- get the treatment limitation;
- (where applicable) to obtain data portability, ie to receive them from the Data Controller in a structured format, commonly used and readable by an automatic device, and transmit them to another data controller without impediment;
- oppose the processing at any time and also in the case of processing for direct marketing purposes;
- oppose an automated decision-making process related to physical persons, including profiling.
- ask the Data Controller for access to personal data and the correction or cancellation of the same or the limitation of the processing that concerns them or to oppose their treatment, in addition to the right to data portability;
- withdraw consent at any time without affecting the lawfulness of the processing based on the consent given before the revocation;
The same, if exercisable by her, may be asserted by writing to:Black Pixel
Rruga Ndre Mjeda Kompleksi Alba Kulla 1 Kati 6 Ap 263
1001 Tirana, Albania (AL)
+355 67 646 3398
specifying the subject of the request, the right that the interested party intends to exercise and attaching a photocopy of an identity document that certifies the legitimacy of the request.
9.Proposition of a complaint
The interested party has the right to lodge a complaint with the supervisory authority of the State of residence.
For more information on the right to lodge a complaint, you can visit the following web page: