PCE PC Components Europe

FIND YOUR COMPONENTS

PRIVACY NOTICE RELATING TO THE VIDEO SURVEILLANCE SYSTEM
INSTALLED AT THE REGISTERED AND OPERATIONAL HEADQUARTERS OF PC COMPONENTS EUROPE SRL

Pursuant to Article 13 of EU Regulation 679/2016 (the "General Data Protection Regulation" or "GDPR") and in accordance with the General Provision on Video Surveillance of 8 April 2010 adopted by the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali), as well as Guidelines 3/2019 on the Processing of Personal Data Through Video Devices – Version 2.0 adopted on 29 January 2020 by the European Data Protection Board (EDPB), we hereby communicate the following.

Categories of data processed and purposes of processing.
Personal data relating to video images captured by the video surveillance system will be processed, relating to the Company's employees, external consultants, collaborators, visitors to the company headquarters at Via Orazio Raimondo no. 47, and anyone who accesses the aforementioned premises where the cameras are installed. PC Components Europe srl, hereinafter the "Company," has installed a video surveillance system at its registered and operational headquarters located in Rome, Via Orazio Raimondo no. 47, in compliance with the provisions adopted by the supervisory authorities, as well as the provisions of Article 4 of Law 300/1970 (the so-called Workers' Statute). Specifically, the Company has implemented an intrusion alarm and video surveillance system, installing several detection devices—their presence is indicated by special signs in the video-monitored areas—to protect company assets and prevent vandalism, damage, theft, and assault, and to facilitate public safety investigations. Please note that the video surveillance system in question was installed with authorization issued by the Rome Metropolitan Area Inspectorate, INL.IAM-RM. OFFICIAL REGISTER U. 0029096.14.03-2024, in compliance with the provisions of Article 4 of Law 300/1970, which prohibits the use of equipment for remote monitoring of work activities.

Legal Basis
The legal basis for data processing through the video surveillance system is the legitimate interest pursued by the Company (Data Controller) pursuant to Article 6, letter f) of the GDPR in ensuring the safety of assets and individuals.

Processing Methods
The personal data—video images captured by the cameras—collected through the video surveillance system will be processed solely and exclusively for the aforementioned purposes and in accordance with the principles of necessity, lawfulness, transparency, fairness, as well as the principles of limitation of processing and retention in compliance with personal data protection legislation. Personal data will be processed using a system composed of professional-quality hardware and software, active 24 hours a day, with logic strictly related to the aforementioned security purposes and in any case in a manner that guarantees the confidentiality of the data.

Data Retention Period.
Recorded personal data will be retained for a maximum period of 48 hours, after which it will be automatically deleted from the system, except for any further periods related to holidays or closures (e.g., from Friday evening to Monday evening, recorded data will be retained for a maximum period of 72 hours) or due to specific investigative requests from the Judicial Authority. Furthermore, it is specified that:
– the recorded data will not be associated and/or interconnected with other IT systems;
– the system consists of 23 video cameras – 13 located on the external perimeter and 9 located inside the company premises, duly marked with appropriate signage (simplified information);
– the system records images in real time, which can only be viewed by specifically designated internal personnel; furthermore, the images can be viewed by external security personnel;
– remote access to the recordings is prohibited to anyone, except in cases provided for by law regarding criminal offenses; Only upon request from public safety authorities are authorised personnel permitted to hand over the computer media containing the recordings;
– The media on which personal data (video images captured by cameras) are recorded and stored are located in protected areas and are inaccessible except by duly authorised personnel and those responsible for processing the data (the Company's sole director, the person responsible for video surveillance workers, and, for purposes related to the assigned activities, the system technician and the company responsible for the security service);
– The authorised personnel – both external and internal – are authorised to view the images captured by the cameras in real time only and exclusively for the performance of their work duties related to the aforementioned security purposes and/or the purposes of managing/technical maintenance of the systems.
– The authorised personnel are required to maintain the confidentiality of the personal data processed.

Communication.
The data collected and recorded will not be communicated or disseminated, unless specifically requested by the Public Security Authority and/or the Judicial Police. Rights of Data Subjects: Data subjects—employees, external consultants, collaborators, visitors to company premises, and anyone who accesses the aforementioned company premises where cameras are installed—may exercise the rights set forth in Articles 15 et seq. of EU Regulation 679/2016, consistent with the nature and type of data processed.
Specifically, data subjects may:

– exercise the right to access personal data, or obtain confirmation of the existence or otherwise of personal data concerning them, even if not yet recorded, and communication of such data in an intelligible form;
– obtain information on:

a) the source of the personal data;
b) the purposes and methods of processing;
c) the logic applied in the event of processing carried out with the aid of electronic means;
d) the identification details of the Data Controller;
e) the persons or categories of persons to whom the personal data may be communicated or who may become aware of it in their capacity as designated representatives in the territory of the State, data processors, or persons in charge.
– obtain the erasure, anonymization, and/or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which it was collected or subsequently processed;
– object, in whole or in part, for legitimate reasons, to the processing of personal data concerning them, even if pertinent to the purpose of collection.

For further information regarding the rights exercisable in relation to video surveillance, please refer to the provisions and/or guidelines adopted by national and European supervisory authorities. To exercise the rights listed above, data subjects must submit a specific request by contacting the Data Controller at the following email address: privacy@pc-europe.it. Finally, data subjects who believe that the processing of their personal data violates the Privacy Regulation have the right to lodge a complaint with the Italian Data Protection Authority (pursuant to Article 77 of the Regulation) at the addresses published on the Authority's institutional website (www.garanteprivacy.it), located in Rome, Piazza Venezia, 11, postcode 00187, or to appeal to the Judicial Authority (Article 79 of the Regulation).

Data Controller
The Data Controller is PC Components Europe srl, represented by its legal representative pro tempore – with registered office in Rome, Via Orazio Raimondo n. 47.

Place of processing
Data processing operations take place at the aforementioned headquarters of the Data Controller and are carried out only by personnel authorised/appointed to carry out the processing.