Cookie Declaration – en

PRIVACY NOTICE ON THE PROCESSING OF PERSONAL DATA

Pursuant to Law No. 171 of 21.12.2018 of the Republic of San Marino and
EU Regulation 2016/679 (GDPR)

Dear Customer,

PIENISSIMO S.R.L., in its capacity as Data Controller, informs you through this document about the purposes and methods of using your personal data within its activities, in compliance with Law No. 171/2018 of the Republic of San Marino and EU Regulation 2016/679 (GDPR).

The personal data requested from you will be used by the designated staff in full compliance with the above legislation.

1. Introduction

Under Law No. 171/2018 of the Republic of San Marino (Protection of natural persons with regard to the processing of personal data) and the General Data Protection Regulation (GDPR – EU Regulation 2016/679), the Data Controller invites users to carefully read the following information, which will support them in understanding the methods of personal data processing necessary for the activities and purposes related to Pienissimo S.r.l.

2. Source of Personal Data

Personal data may be provided directly by the data subject, by third parties delegated by the data subject, or acquired from entities or third parties authorized by law.

The provision of data is mandatory under San Marino law, EU law (for cross-border citizens), or applicable national regulations, being indispensable for the processing, management, and definition of the practice or procedure concerning each data subject.

When no legal obligation exists, the provision of data is optional (e.g., email address, phone number). Failure to provide such data will not have consequences but may prevent the provision of additional services.

3. General Data Protection Regulation

Law No. 171/2018 of the Republic of San Marino and GDPR (EU Regulation 2016/679) place individuals of San Marino and the EU at the center of data protection and establish principles relating to the protection and free movement of personal data, while safeguarding fundamental rights and freedoms of natural persons.

4. Definitions

  • Data Subject: any user, as a natural person residing in the Republic of San Marino or in an EU Member State.

  • Data Controller: the legal representative pro tempore of Pienissimo S.r.l., with registered office at Strada Rovereta no. 6, 47891 Falciano (RSM), who defines the purposes and means of personal data processing.

  • Data Protection Officer (DPO / RDP): a professional (internal or external) with legal, IT, risk management, and process analysis expertise. The DPO oversees, evaluates, and organizes the management of personal data processing within the company. Pienissimo S.r.l. has not appointed a DPO, as not required under current law.

  • European Representative: a natural or legal person established in the EU designated in writing by the Controller to act as a contact point with supervisory authorities and data subjects on matters related to processing. For Pienissimo S.r.l., the European Representative for Italy is Avv. Caterina Bastida, Via Cairoli no. 41, 47923 Rimini (RN), Italy. Email: rappresentate.privacy.ue@gmail.com.

  • Personal Data: information that allows the identification of users (e.g., name, surname, tax code, identifiers relating to physical, physiological, genetic, psychological, economic, cultural, or social identity, residence, mobile number, email address, internet address).

  • Sensitive Data: data revealing racial or ethnic origin, religious beliefs, political opinions, health status, or sexual life.

  • Processing: any operation carried out on the personal/sensitive data of the Data Subject.

5. Purposes of Processing and Legal Basis

Personal data will be processed for purposes connected with the execution of contracts and service provision, including pre-contractual phases, such as: maintaining records, accounting, invoicing, communications (paper or electronic), tax compliance, organizational management of services, contract drafting, and scheduling.

5a) Contractual and pre-contractual purposes
For consultancy, training, franchising network development, software and related services, platform setup/activation.

5b) Administrative/legal purposes
Compliance with legal, regulatory, or Authority requirements.

5c) Informative/promotional purposes
Sending informative and promotional material (including via email and SMS) relating to the Controller’s activities.

5d) Judicial purposes
To exercise or defend rights in court whenever Authorities exercise jurisdiction.

6. Legal Basis

The provision of data is necessary due to legal obligations, legitimate interests, or for the performance of a contract. Refusal to provide data will make it impossible to perform the contract or comply with the law.

7. Processing Methods

Data processing is carried out using IT, electronic, and manual tools, strictly related to the purposes for which data is collected, ensuring security and confidentiality, in compliance with San Marino Law No. 171/2018 and GDPR.

Processing is mainly carried out by Pienissimo S.r.l. employees duly authorized by the Controller.

Data will be retained for as long as necessary for the stated purposes, unless longer storage is required by law.

8. Nature of Personal Data

The data processed include identification and fiscal information (e.g., personal details, ISS code, tax code, or other personal identifiers).

Such data may be processed without consent as required for contract execution or pre-contractual measures requested by the data subject.

8.1 Special and judicial data
Processing of special categories or judicial data is permitted only where expressly authorized by law, specifying the type of data, operations allowed, and relevant public interest pursued, or upon authorization by the Supervisory Authority.

9. Recipients of Personal Data

Personal data may be communicated to:

  • Consultants, collaborators, and professionals (e.g., accountants) who require the data to perform their tasks.

  • Public or private entities, where required by law or regulation.

  • Banks or postal services for payment processing.

  • Archiving service providers.

  • IT companies providing maintenance for systems/platforms, which may have access to your data.

  • Health, Public Security, Judicial Authorities, and other competent entities, where required by law or in cases of imminent and serious risk to health/safety.

10. Retention Period

Data will be retained for the duration required by applicable laws or for the period strictly necessary for the stated purposes. Where no legal provision applies, data will be stored for at least 10 years.

11. Principles of Processing

Data will be processed according to the following principles:

  • Lawfulness – only for the execution of company activities and tasks, in compliance with provided consent.

  • Minimization – using only the data strictly necessary.

  • Limitation – processing limited to the purposes set out in this document.

  • Security – ensuring the application of international standards and best practices.

  • Fairness – tools provided to ensure data accuracy and updates.

  • Integrity – best practices adopted to minimize errors.

  • Transparency – clear disclosure of processing activities that may involve risks for data subjects’ rights and freedoms.

12. Data Subject Rights

Under Law No. 171/2018 (San Marino) and GDPR, you may exercise the following rights:

  • Right of access

  • Right to rectification and integration

  • Right to erasure (right to be forgotten)

  • Right to restriction of processing

  • Right to portability

  • Right to lodge a complaint with the Supervisory Authority

  • Right to object to processing, including profiling

  • Right not to be subject to automated decision-making (unless required by contract, law, or explicit consent)

  • Right to withdraw consent at any time (where processing is based on consent).

To exercise your rights, please contact:

  • Email: info@pienissimo.com

  • Mail: PIENISSIMO S.R.L., Strada Rovereta no. 6, 47891 Falciano (RSM)

Exercise of rights is free of charge and without formal constraints.

13. Access and Consent Management

You may also request access to or modification of optional consents by writing to info@pienissimo.com. Through this, you can:

  • Access all your personal data.

  • Modify optional consents at any time.

  • Update other personal details (address, phone number, password).

14. Withdrawal of Consent

You may withdraw your consent to processing of your personal data at any time by contacting the Controller at the above addresses.

Republic of San Marino, 03.07.2023