INFORMATION FOR CUSTOMERS, SUPPLIERS AND CONTACTS
Information for customers and suppliers, including potential ones and other contacts for business communications
Articles. 13-14 of the EU Regulation 2016/679
The information is a general obligation that must be fulfilled before or at the latest when starting the direct collection of personal data. In the case of personal data not collected directly from the interested party, the information must be provided within a reasonable time, or at the time of communication (not of registration) of the data (to third parties or to the interested party).
Sources and categories of personal data
Pursuant to the General Regulation for the Protection of Personal Data of Individuals (GDPR - Reg. (EU) 2016/679), the undersigned organization, data controller, informs of the following: The personal data held by the undersigned organization are collected directly from the interested parties and directly and freely provided by them and from third parties (eg on the internet, from public registers, etc.). This information concerns personal data, contact details, addresses, telephone numbers, postal and email addresses. The interested parties are to be understood as identified and identifiable third parties having cause with the writer or with a contractual counterpart, even potential, such as eg. customers, suppliers, partners, public administrations, associations, etc. with which there are relationships of interest and / or working with the writer.
Purpose and legal basis of the processing
Personal data are processed for communication between the undersigned organization, including its staff, and the interested party within the normal activity carried out for the following purposes (for each of which the legal basis is indicated in brackets by reference to the articles of the GDPR): a) purposes strictly connected to the performance and implementation of the requested services (GDPR articles 6 (b) and 9 (a)), in particular for the management of customers and suppliers, including potential ones, carried out by entering in company databases for the purpose of evasion of regulatory and contractual obligations, internal work organization, statistics and others connected to the performance of the economic activity of the undersigned organization, for example. the obligations connected with civil, fiscal, fiscal, accounting, remuneration, social security, insurance, etc., including the sending of circulars and notices related to the activity of the contract for the provision of the requested services; b) purposes related to obligations established by law, as well as by provisions issued by authorities legitimated by the law (GDPR articles 6 (c) and 9 (b, g, h)).
Consequences of refusal to provide data
The provision of the data collected from the interested party is optional but essential for the purpose of processing them for the purposes in letters a) and b). In the event that the interested parties do not communicate their essential data, it will not be possible to exchange communications between the staff of the writer and the interested party. For all non-essential data, the provision is optional. In the absence of consent or incomplete or incorrect provision of certain data, including sensitive data, the required formalities could be so incomplete as to cause prejudice either in terms of sanctions or loss of benefits, or due to the impossibility of guaranteeing the adequacy of the treatment the same to the obligations for which it is performed, and to the possible mismatch of the results of the treatment itself with the obligations imposed by the law to which it is addressed, intending to exempt the undersigned organization from any and all responsibility for any penalties or afflictive measures.
Methods of data processing
Data processing means their collection, registration, organization, storage, processing, modification, cancellation and destruction or the combination of two or more of these operations. In relation to the aforementioned purposes, the processing of personal data takes place on paper and by means of manual, IT and telematic tools, including automated ones, designed to store and manage the data, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality; personal data will therefore be processed in compliance with the methods indicated in art. 5 EU Regulation 2016/679, which provides, among other things, that the data be processed lawfully and fairly, collected and recorded for specific, explicit and legitimate, exact, and if necessary updated, relevant purposes. complete and not excessive in relation to the purposes of the processing, in compliance with fundamental rights and freedoms, as well as the dignity of the interested party with particular reference to confidentiality and personal identity, through protection and security measures. The undersigned organization has prepared and will further improve the data access and storage security system. An automated decision-making process (e.g. profiling) is not carried out.
Transfer outside the EU
The processing will mainly take place in Italy and the EU, but it could also take place in non-EU and non-EEA countries if deemed functional to the efficient fulfillment of the purposes pursued in compliance with the guarantees in favor of the interested parties.
Retention period
Personal data will be kept, in general, as long as the purposes of the processing persist: they will be kept for the entire duration of the contractual relationship and, after its conclusion, until the end of the legal limitation as long as the relationship is not renewed again.
Category of recipients
The data (only the indispensable ones) are communicated • to persons in charge of the processing, both internal to the organization of the writer, and external, who carry out specific tasks and operations (internal commercial network or agents, companies in charge of market surveys, any commercial partners, third parties appointed by the company to fulfill all or part of the obligations assumed with the contract or related to them, banking institutions and credit companies in general, risk centers and / or companies that manage commercial information services, business associations and similar • in the cases and to the subjects provided for by law
Rights of the interested party
The data will not be disseminated unless otherwise provided by law. Furthermore, without the prior general consent of the interested party to communications to third parties, it will be possible to carry out only the services that do not provide for such communications. In case of need, specific and timely consents will be requested and the subjects who will receive the data will use them as independent owners. At any time you can: exercise your rights (access, rectification, cancellation, limitation, portability, opposition, absence of automated decision-making processes) when provided for in relation to the data controller, pursuant to art. from 15 to 22 of the GDPR (listed below); propose a complaint to the Guarantor (www.garanteprivacy.it); if the treatment is based on consent, revoke this consent given, taking into account that the revocation of the consent does not affect the lawfulness of the treatment based on the consent before the revocation. The data controller is FIAMMA IMPIANTI, in the person of its pro tempore legal representative.
Contact
The headquarters are in Via Vajont, 64 - 10098 Cascine Vica - Rivoli (TO). The contact details are: telephone 011-4111697; fax 011-4115838; e-mail info@fiammaimpianti.com
The complete list of data processors is available on request.
Attached you can consult the Extract from EU Reg. N. 679_2016 concerning the information for customers and suppliers, including potential ones and other contacts for business communications.