MARO GROUP SRL – PRIVACY GENERAL INFORMATION We inform customers / suppliers (interested in the processing) and their contact persons (hereinafter “interested”, pursuant to Article 4, paragraph 1 of the GDPR)) that the professional relationships established with the undersigned Data Controller may involve the processing of personal data, in compliance with the following general principles: • all data are processed in a lawful, correct and transparent manner towards the data subject, in compliance with the general principles set out in Article 5 of the GDPR; • specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access; • the Data Controller is the undersigned Company: MARO GROUP SRL Via Marconi 16a – 26040 Bonemerse (Cremona) Italy • it is possible to contact the Data Controller to exercise all the rights provided for in articles 15-21 of the GDPR (right of access, rectification, cancellation, limitation, portability, opposition), as well as revoke a previously granted consent or propose a complaint to the supervisory authority for the protection of personal data. OBJECT OF THE TREATMENT The Data Controller processes personal identification data of the customer / supplier (for example, name, surname, company name, personal / fiscal data, address, telephone, e-mail, bank and payment details) and of its operational contacts (name, surname and data contact) acquired and used in the provision of the services provided by the Data Controller. PURPOSE AND LEGAL BASIS OF THE PROCESSING The data is processed for: • conclude contractual / professional relationships; • fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships, as well as manage the necessary communications connected to them; • fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority • exercise a legitimate interest as well as a right of the Data Controller (for example: the right of defense in court, the protection of credit positions; the ordinary internal needs of an operational, managerial and accounting nature). Failure to provide the aforementioned data will make it impossible to establish a relationship with the Data Controller. The aforementioned purposes represent, pursuant to Article 6, paragraphs b, c, f, suitable legal bases for the lawfulness of the processing. If it is intended to carry out treatments for different purposes, a specific consent will be requested from the interested parties. METHOD OF TREATMENT The processing of personal data is carried out by means of the operations indicated in Art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data are subjected to both paper and electronic and / or automated processing. The Data Controller will process personal data for the time necessary to fulfill the purposes for which they were collected and related legal obligations. SCOPE OF TREATMENT The data is processed by internal subjects duly authorized and trained in accordance with Article 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise information on any external parties who operate as managers or independent data controllers (consultants, technicians, banks, transporters, etc.). We also inform you that personal data may be subject to intercompany communication between the companies of the Group. The data are not subject to disclosure or transfer to non-EU countries. If it is necessary, in the context of tenders / contracts or in the fulfillment of regulatory obligations (eg joint and several liability, anti-corruption, anti-mafia, anti-money laundering, etc.) to acquire personal data of their employees from customers / suppliers, it is agreed between the parties that the undersigned company will be entitled to the processing as an external manager (Article 28 of the GDPR) or as an authorized person (Article 29 of the GDPR). As part of this relationship, the undersigned company undertakes to process such data in compliance with the compliance requirements of the GDPR, guaranteeing any communication to other subjects exclusively within the context of specific legal obligations. SOCIAL MEDIA POLICY ON FACEBOOK AND INSTAGRAM Facebook fanpage and Instagram SH + account management policy. With this document MARO GROUP SRL wants to define the essential rules for the correct use of its fanpage, both by the company and by the people who interact with the page itself. We have created the Faceboook page and the Instagram account with the aim of communicating with people interested in the activities of MARO GROUP SRL. and, for that, we are open to hearing ideas, comments and suggestions from fans. The page is managed during office hours from 8.30 to 17.30, from Monday to Friday. The staff that manages the page will take care of users’ requests trying to respond as quickly as possible, ensuring that requests are taken care of (first feedback) within 24 hours of work. If the answers require a longer waiting time, it means that the topic needs more in-depth analysis to provide users with all the information they need. MARO GROUP SRL warns all users that the use of the page and its contents is strictly dependent on compliance with current legal provisions, the rules of good manners and behavior towards both the page administrators and other users. MARO GROUP SRL defines below the rules of conduct, the cases of violation and the consequent actions envisaged by the administrators of the page. RULES OF CONDUCT We invite users to follow the following rules of good behavior on the page: > respect the ideas and actions of others since all users have the right to express their opinions in compliance with the rules defined in this document; > maintain behavior and polite language with respect to the activities of the administrators of the page and other users; > comply with all current legal provisions. CANCELLATION OF MESSAGES AND POSSIBLE BLOCK / REPORTING OF FANS TO FACEBOOK AND INSTAGRAM. The following cases violate the rules of use of the MARO GROUP SRL page. and therefore will be managed by deleting messages and / or blocking user activity on the page: > inappropriate content concerning MARO GROUP SRL .; > personal insults, offensive comments, derogatory, defamatory, polemical, vulgar or otherwise incite any kind of violence; > racist comments, political or religious activism; > SPAM content or comments generated automatically and repeated in the same message or in several messages; > advertising messages or messages that in general offer services or goods for commercial purposes; > messages that violate the rights of third parties (copyrights). MARO GROUP SRL reserves the right to report any abuse or violation of the law to the competent Authority, providing information (messages, comments etc.) and useful data and / or data expressly requested by the Authority in order to prevent and suppress alleged crimes. We remind you that users who publish and / or share their own content on the official page authorize MARO GROUP SRL. to use, publish, disseminate the same and also grant the right to use such content exclusively in the context of managing the Facebook page and the Instagram account in order to develop and improve their business and respond to the needs expressed by users. Finally, users renounce the possibility of requesting from MARO GROUP SRL any compensation of an economic nature in exchange for rights of use relating to photographs, images, names, videos and any other content published and / or shared by users on the official Facebook page and on the Instagram account of MARO GROUP SRL.