+39 0372 421811

Privacy Policy MyWhistleblowing

Pivacy policy on the processing of personal data of persons submitting reports via My Whistleblowing

---

1. DATA CONTROLLER

The data controller is Wonder Spa, with registered office in via N. Sauro 12, 26100 Cremona, VAT/Tax Code 00106500192.

2. DATA PROCESSED, PURPOSE AND LEGAL BASIS OF PROCESSING

Processing concerns only the following personal data:
- name;
- surname;
- email address.

The personal data collected are used for the sole purpose of handling the Whistleblowing report.

The legal basis for the processing of personal data is the legal obligation arising from art. 6 of Legislative Decree no. 231 of 2001, as amended by Law no. 179 of 2017, containing "Provisions for the protection of whistleblowers reporting offences or irregularities of which they become aware in a public or private employment relationship".

3. NATURE OF DATA PROVISION

This policy is provided pursuant to art. 13 of Legislative Decree 196/2003 of the Code regarding the protection of personal data (hereinafter, also, the "Privacy Code") and pursuant to art. 13 of Regulation (EU) no. 679/2016 (hereinafter, also, the "GDPR").

4. PLACES AND METHODS OF PROCESSING – PERIOD OF DATA STORAGE

Data are processed in Italy and are not transferred or disseminated abroad or in non-EU countries. No data are communicated or disclosed other than for statistical purposes and in any case anonymously and/or in aggregate form.

Personal data will be deleted within 5 years from their collection.
Personal data are processed using both automated and manual tools and for the purposes indicated above. Specific security measures are implemented to prevent data loss, illegal or incorrect use and unauthorised access.

5. AUTHORISED PERSONS, DATA PROCESSORS AND COMMUNICATION OF DATA

Employees tasked with investigating Whistleblowing reports and members of the Supervisory Body can access personal data pursuant to Legislative Decree no. 231/2001. Moreover, since Whistleblowing reports are submitted via the My Whistleblowing software, personal data may also be accessed by the provider of the aforementioned application, appointed for this purpose as data controller pursuant to art. 28 of the GDPR. In line with the principle of protecting the whistleblower’s confidentiality under Law 179/2017, personal data will be shared solely where strictly necessary, thereby ensuring the whistleblower’s confidentiality.

6. DATA TRANSFER TO NON-EU COUNTRIES

The data collected will not be transferred outside the European Union.

7. RIGHTS OF DATA SUBJECTS

In relation to their personal data, data subjects may:

a. (art. 7.3, Regulation (EU) 679/2016 – GDPR) withdraw their consent;
b. (art. 15, Regulation (EU) 679/2016 – GDPR) access and request a copy of their data;
c. (art. 16, Regulation (EU) 679/2016 – GDPR) request data rectification;
d. (art. 17, Regulation (EU) 679/2016 – GDPR) request data erasure ("right to be forgotten");
e. (art. 18, Regulation (EU) 679/2016 – GDPR) obtain restriction of processing;
f. (art. 20, Regulation (EU) 679/2016 – GDPR) receive data in a structured, commonly used and machine-readable format for the purpose of exercising their right to portability;
g. (art. 21, Regulation (EU) 679/2016 – GDPR) object to data processing.

Data subjects may exercise their rights and request further information regarding their personal data by sending an email to This email address is being protected from spambots. You need JavaScript enabled to view it., specifying the content of their request in the subject line and attaching the relevant request form which may be downloaded from the links available in the list above. Any breaches of the regulation must be reported on the appropriate platform that can be accessed from the page https://www.wonder.auto/en/contacts.

Requests regarding the exercise of data subjects’ rights will be processed without undue delay and, in any case, within one month from their receipt; such deadline may be extended by a further 2 (two) months only in particularly complex cases or due to the high number of requests.

Lastly, data subjects have the right (art. 77, Regulation (EU) 679/2016 – GDPR) to lodge a complaint with the Italian Data Protection Authority, based in Rome, Piazza Venezia 11, 00187, email This email address is being protected from spambots. You need JavaScript enabled to view it..

***

Last updated: December 20, 2023

Wonder S.p.a.

Wonder S.p.a. is a certified company

UNI EN ISO 9001:2015
IATF 16949:2016
UNI EN ISO 14001:2015
UNI EN ISO 45001:2023


      

Contacts

Wonder S.p.a.
Head Office and Plant
Via Boschetto, 10
26100 Cremona
Italy

Tel. +39 0372 421811

Save
Cookies user preferences
We use cookies to ensure you to get the best experience on our website. If you decline the use of cookies, this website may not function as expected.
Accept all
Decline all
Technical Cookies
Technical cookies (for functionality).
Accept
Decline
Analytics
Tools used to analyze the data to measure the effectiveness of a website and to understand how it works.
Google Analytics
Accept
Decline