Privacy Policy


GDPR – X3 Solutions Information Model

Information pursuant to art. 13 of Legislative Decree 196/2003 and Article 13 of Regulation (EU) n. 2016/679
X3 Solutions s.r.l., with registered office in Piazza Garibaldi, 36 / a 06049 Spoleto (PG) (hereafter, “Owner”), as owner of the
treatment, informs you that, pursuant to art. 13 EU Regulation n. 2016/679 (hereinafter, “GDPR”) your data will be processed with the
methods and for the following purposes.
The Data Controller processes personal data, such as: name, surname, company name, address, telephone number, e-mail address, references
bank and payment) you have communicated on the conclusion of contracts for the services and products of the Owner.
Your personal data are processed:
1) without your express consent, pursuant to art. 6 lett. b), e) GDPR, for the following service purposes:
– conclude contracts for the services and products of the Owner;
– fulfill the pre-contractual, contractual and tax obligations deriving from relations with you in existence;
– fulfill the obligations established by the law, by a regulation, by community legislation or by an order of the Authority
(such as for anti-money laundering);
– exercise the rights of the owner, for example the right to defense in court;
2) only upon your specific and distinct consent, pursuant to art. 7 GDPR, for the following marketing purposes:
– send you via e-mail, mail and / or text messages and / or telephone contacts, newsletters, commercial communications and / or advertising material
on products or services offered by the Owner and recognition of the degree of satisfaction with the quality of services;
– send you via e-mail, post and / or sms and / or telephone contacts commercial and / or promotional communications of third parties.
Please note that it is already our customer, we can send you commercial communications related to services and products of the similar owner
to those you have already used, except your dissent.
The processing of your personal data is carried out by means of the operations indicated in art. 4 n. 2) GDPR and precisely: collection,
registration, organization, conservation, consultation, processing, modification, selection, extraction, comparison, use,
interconnection, blocking, communication, deletion and destruction of data. Your personal data are processed either
paper that is electronic and / or automated. The Data Controller will process personal data for the time necessary to fulfill the purposes of
above and in any case for no more than 10 years from the termination of the relationship for the purposes of service and no later than 2 years from collection
data for marketing purposes.
Your data may be made accessible for the aforementioned purposes:

– to third-party companies or other subjects (as an indication, credit institutions, professional firms, consultants, insurance companies
for the provision of insurance services, etc.) which carry out outsourced activities on behalf of the Owner, in their quality
external managers of the treatment.
Without the need for express consent pursuant to art. 6 lett. b) and c) GDPR, the Data Controller may communicate your data for the purposes of service
suindicate to Supervisory bodies, Judicial authorities, insurance companies for the provision of insurance services, as well as a
those subjects to whom the communication is mandatory by law for the accomplishment of the said purposes. These subjects will treat i
data in their capacity as independent data controllers.
Your information will not be disseminated.
Personal data are stored on servers located at the headquarters, within the European Union. It remains understood in any case
that the Data Controller, where necessary, will have the right to move the servers even outside the EU. In this case, the Holder ensures that now
the transfer of non-EU data will take place in accordance with the applicable legal provisions, subject to the stipulation of the contractual clauses
standards set by the European Commission.
The provision of data for the aforementioned service purposes is mandatory. In their absence, we can not guarantee the services themselves. The
conferment of data for the marketing purposes shown above is optional. He can therefore decide not to give any data either
to subsequently deny the possibility to process data already provided: in this case, it will not be able to receive newsletters, communications
commercial and advertising material related to the services offered by the owner. However, he will continue to be entitled to the services
pre-contractual and contractual conditions.
In your capacity as an interested party, you have the rights set forth in art. 15 GDPR and precisely the rights of:
GDPR – X3 Solutions Information Model
– obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their
communication in an intelligible form;
– obtain the indication: a) of the origin of personal data; b) of the purposes and methods of the processing; c) of the applied logic
in case of treatment carried out with the aid of electronic instruments; d) of the identification details of the holder, of the
responsible and the designated representative pursuant to art. 3, paragraph 1, GDPR; e) of the subjects or categories of subjects
to which personal data can be communicated or who can learn about it as a representative
designated in the territory of the State, managers or agents;

– obtain: a) updating, rectification or, when interested, integration of data; b) cancellation, the
transformation into anonymous form or blocking of data processed in violation of the law, including those that are not required
conservation in relation to the purposes for which the data were collected or subsequently processed; c) the attestation that
the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of
those to whom the data have been communicated or disseminated, except in the case where such fulfillment proves impossible or
involves the use of means that are manifestly disproportionate to the protected right;
– object, in whole or in part: a) for legitimate reasons, to the processing of personal data concerning you, even if pertinent
for the purpose of collection; b) to the processing of personal data concerning you for the purpose of sending advertising material or
direct sales or for market research or commercial communication, through the use of systems
automated call without the intervention of an operator by e-mail and / or through marketing methods
traditional by telephone and / or paper mail. Please note that the right of opposition of the interested party, for purposes of
direct marketing using automated methods extends to traditional ones and anyway the possibility remains
for the interested party to exercise the right of opposition even in part. Therefore, the interested party can decide to receive
only communications using traditional methods or only automated communications or neither
types of communication.
Where applicable, it also has the rights referred to in Articles 16-21 GDPR (right of rectification, right to be forgotten, right to limitation of treatment,
right to the portability of data, right of opposition), as well as the right to complain to the Guarantor Authority.
You can exercise your rights at any time by sending:
– a registered letter a.r. at X3 Solutions s.r.l., – Operating office in Terni, Piazza Solferino 8 – 05100 Terni (TR).
The Data Controller is X3 Solutions s.r.l., with registered office in Piazza Garibaldi, 36 / a 06049 Spoleto (PG).
The updated list of data processors and data processors is kept at the registered office of the Data Controller.