PCE PC Components Europe

FIND YOUR COMPONENTS

PRIVACY INFORMATION RELATING TO THE VIDEO SURVEILLANCE SYSTEM
INSTALLED AT THE REGISTERED AND OPERATIONAL OFFICE OF PC COMPONENTS EUROPE SRL

In application of the art. 13 of EU Regulation 679/2016 (“Regulation on the protection of personal data” GDPR) and in compliance with the provisions of the General Provision on video surveillance of 8 April 2010 adopted by the Guarantor for the Protection of Personal Data as well as Guidelines 3 /2019 on the processing of personal data through video devices - version 2.0 adopted on 29 January 2020 by the European Data Protection Board (EDPB) we communicate the following.

Categories of data processed and purposes of processing
Personal data relating to video images taken by the video surveillance system relating to the Company's employees, external consultants, collaborators, visitors to the company headquarters in Via Orazio Raimondo n. will be processed. 47 and to anyone who for any reason accesses the aforementioned rooms where the cameras have been installed. PC Components Europe srl, hereinafter 'Company', has installed a video surveillance system at the registered and operational headquarters located in Rome, Via Orazio Raimondo n. 47, in compliance with the provisions adopted by the supervisory authorities, as well as with the provisions of the art. 4 Law 300/1970 (so-called Workers' Statute). In particular, the Company has adopted an anti-intrusion and video surveillance system by installing various detection devices - the presence of which is indicated by specific signs installed in the video-surveillance areas - for the purpose of protecting the company's assets, in order to prevent the of acts of vandalism, damage, theft and aggression, also with the aim of facilitating investigative activities relating to public safety. Please note that the Video Surveillance System in question was installed following authorization issued by the Rome Metropolitan Area Inspectorate, INL.IAM-RM. OFFICIAL REGISTER U. 0029096.14.03-2024, in compliance with the provisions of the art. 4 Law 300/1970 regarding the prohibition of the use of equipment for the purposes of remote control of work activities.

Legal Basis
The legal basis of the data processing through the video surveillance system is the legitimate interest pursued by the Company (Data Controller) pursuant to art. 6, letter f) GDPR in guaranteeing the safety of property and people.

Processing methods
The personal data - video images taken by cameras - collected through the video surveillance system will be processed only and exclusively for the pursuit of the aforementioned purposes and in compliance with the principles of necessity, lawfulness, transparency, correctness as well as the principles of limitation of processing and storage in compliance with the legislation on the protection of personal data. The processing of personal data will take place through the use of a system composed of professional quality hardware and software elements, active 24 hours a day, with logic strictly related to the aforementioned security purposes and in any case in such a way as to guarantee the confidentiality of the data itself.

Data retention period
The personal data recorded will be kept for a maximum period of 48 hours, after which the data will be automatically deleted from the system, except for any further periods linked to holidays or closures (e.g. from Friday evening to Monday evening the recorded data will be kept for a maximum period of 72 hours) or due to specific investigative requests from the Judicial Authority.
Furthermore, it is specified that: – the recorded data will not be associated and/or interconnected with other IT systems;
– the system is composed of n.
23 video cameras – 13 located on the external perimeter and 9 located inside the company premises, duly indicated by specific signs (simplified information); – the system records images in real time which can only be viewed by specifically appointed internal staff;
furthermore, the images can be viewed by the external security officer; – anyone is prohibited from accessing the recordings remotely, except in the cases provided for by law regarding criminal offences;
only in the event of a request from the public security authorities are those in charge allowed to hand over the IT media containing the recordings; – the media with which personal data are recorded and stored (video images taken by cameras) are located in protected premises and not accessible except by personnel duly authorized for access and responsible for processing the data themselves (sole director of the Company, responsible of the workers in video surveillance and, for purposes related to the delegated activities, the system technician and company in charge of the surveillance service);
– the personnel in charge – both external and internal – are authorized only to view in real time the images taken by the cameras only and exclusively for the performance of their work duties related to the safety purposes mentioned above and/or management/maintenance purposes plant technology.
– the personnel in charge are required to maintain confidentiality regarding the personal data processed.

Communication
The data collected and recorded will not be communicated or disseminated, except in the case in which they are the subject of a specific request by the Public Security Authority and/or the Judicial Police bodies.
Rights of interested parties Those interested in the processing - employees, external consultants, collaborators, visitors to the company premises and anyone who in various capacities accesses the aforementioned company premises where the cameras have been installed - can exercise the rights provided for in articles 15 et seq. of EU Regulation 679/2016 compatibly with the nature and type of data processed. In particular, those interested in the processing can:

– exercise the right of access to personal data, or obtain confirmation of the existence or otherwise of personal data concerning them, even if not yet registered, and their communication in an intelligible form;
– obtain the indication:

a) the origin of the personal data;
b) the purposes and methods of processing;
c) of the logic applied in case of processing carried out with the aid of electronic instruments;
d) the identification details of the Data Controller;
e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representatives in the territory of the State, managers or agents.
– obtain the cancellation, transformation into anonymous form and/or blocking of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
– object, in whole or in part, for legitimate reasons to the processing of personal data concerning him, even if pertinent to the purpose of the collection.

For further information regarding the rights that can be exercised in the field of Video Surveillance, please refer to the provisions and/or guidelines adopted by the national and European supervisory authorities on the subject. To exercise the rights listed above, data subjects must submit a specific request by contacting the Data Controller at the following email address: privacy@pc-europe.it. Finally, interested parties who believe that the processing of personal data relating to them occurs in violation of the Regulation on privacy have the right to lodge a complaint with the Guarantor for the protection of personal data (pursuant to art. 77 of the Regulation itself) to the addresses specifically published on the institutional website of the Authority itself (www.garanteprivacy.it) with headquarters in Rome Piazza Venezia, 11 cap 00187) or to appeal to the Judicial Authority (art. 79 Regulation).

Data Controller
The Data Controller of personal data is PC Components Europe srl, in the person of the legal representative pro tempore – with headquarters in Rome, Via Orazio Raimondo n. 47.

Place of processing
Data processing operations take place at the aforementioned headquarters of the Data Controller and are carried out only by personnel authorized/in charge of the processing itself.