INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ART. 13 and 14 of the GDPR 2016/679
This page describes the ways in which the personal data of users who access - through the Portal, which allows you to pay bills, taxes or other payments due to the Public Administration in a simple way, is processed, standardized and reliable.
Maggioli in turn adheres to the national PagoPA circuit, a service at national level, which allows citizens and businesses to pay electronically.
PagoPA's Node of Payments-SPC technological infrastructure, which ensures interoperability between the players involved in the system, was created by AGID, the Agency for Digital Italy.
The personal data provided by the User with the compilation of the form or received by SPID for the User who accesses through this System, are processed in accordance with the provisions of the "European Regulation 2016/679 relating to the protection of individuals with regard to data processing personal data, as well as the free movement of such data and which repeals Directive 95/46 / EC "(hereafter GDPR).
Pursuant to articles 13 and 14 of the GDPR, we therefore inform you of the following:
a. The processing of your personal data has the exclusive purpose of carrying out all the administrative and technical activities related to the payment service requested by the User. The acquisition of your data and the related processing are mandatory in relation to the purposes described above; it follows that any refusal to provide them may determine the impossibility of the Data Controller to provide the requested service. The processing of data therefore finds its legal basis in art. 6 paragraph 1 lett. b) of the GDPR;
b. The Data Controller is the public creditor body that has joined the IT payment system. The identity and his contact details, as well as those of his Personal Data Protection Officer,can be found on the corporate website of the organization.
c. The data of users who use the service are recipients: AGID, which makes available, through the public connectivity service, the technological platform for interconnection and interoperability between public administrations; Maggioli as a technological intermediary that offers the technological infrastructure to allow dialogue with the members (public administrations and / or managers of public services that adhere to the payment system) as well as Data processing manager appointed by the Public Creditor Body;
d. your data are processed, in compliance with the principles of correctness, lawfulness, minimization of data and protection of confidentiality, in paper and computerized methods, exclusively by persons appointed by the Data Controller, authorized and instructed in this regard, or by companies expressly appointed as Managers of the treatment, adopting all those adequate technical and organizational measures to protect the rights, freedoms and legitimate interests that are recognized by law as an interested party.
e. your personal data will in no way be transferred to a non-European third country, nor to communication to third parties outside the cases provided for by current legislation or automated decision-making processes including profiling.
As an interested party, you can exercise the rights provided for in articles from 15 to 22 of the GDPR (including those to obtain confirmation of the existence or not of your Personal Data and make them available in intelligible form; to have knowledge of the logic and purposes on which the treatment is based; to obtain cancellation, transformation into anonymous form or limitation or blocking of Data processed in violation of the law, as well as updating, correction or, if interested, integration of data; to oppose the processing itself for legitimate reasons ) by contacting the Data Controller or Data Protection Officer, the contact details of the Public Creditor Body.
You may also exercise the right to lodge a complaint with the supervisory authority or to appeal to the competent judicial authorities if the processing of personal data takes place in violation of the provisions of the GDPR, in accordance with articles 77 and 79 of the GDPR.