Information for Suppliers about personal data processing ex art. 13 Regulation EU 2016/679
We inform you that, according to art. 13 of Regulation EU 2016/679 (hereinafter “Regulation” or “GDPR”), Your Personal Data are processed by Mollificio Fede S.r.l., Via dell’Artigianato nr. 6, Taceno (LC) (Tel +39 0341 880347 Fax +39 0341 880240, e-mail firstname.lastname@example.org) as Data Controller (“Controller”).
Data object of the processing
The Controller will process your personal data, collected as part of the contractual relationships with you, including, but not limited to, your name, last name, mobile phone-number, e-mail address and in general the Your contact details as a contact person in the commercial relations maintained.
Lawfulness, basis and optionality of processing
Your personal data will be processed for the following purposes:
a) execution of the contract and/or pre-contractual measures;
b) fulfill any legal obligations;
c) management of suppliers;
d) pre-contractual information and preliminary investigation regarding the stipulation of the contract.
The legal basis of processing for purposes a) and b) are respectively articles 6 (1) (b) and 6 (1) (c) of the GDPR. The legal basis of the processing for the purposes c) and d) is the art. 6 (1) (f) of the GDPR. The provision of your personal data for the purposes a), b), c) and d) above is optional, but in default it will not be possible to execute the contract.
Recipients and data transfer
Your personal data may be shared with:
- natural persons authorized by the Controller to process personal data for the performance of their job duties (eg employees and system administrators, etc.);
- subjects, bodies or authorities that are obliged to communicate their personal data in accordance with law or orders of the authorities.
Extra EU data transfer
Regarding the possible transfer of Data to Third Countries, the Controller discloses that the processing will take place according to one of the methods permitted by the law in force, such as the consent of the subject, the adoption of Standard Clauses approved by the European Commission, the selection of subjects adhering to international programs for free circulation of data (eg EU-USA Privacy Shield) or operating in safe Countries by the European Commission. It’s possible to have more information to the above contacts, upon request, from the Controller.
Personal data storage
Your Personal Data will be kept only for the time necessary for the purposes for which they are collected, respecting the minimization principle as art. 5, paragraph 1, letter c) of the GDPR. The Controller may keep some data even after the termination of the contractual relationship, for the time necessary to fulfill contractual and legal obligations. Further information are available at the Controller addresses.
Data processing methods
In relation to the mentioned purposes, the personal data processing takes place using manual, computerized and telematic tools with logic strictly related to the purposes themselves and, in any case, in such a way as to guarantee the security and confidentiality of the data and even the compliance with specific obligations sanctioned by the law.
In any case, with the stipulation of the Contract it is required to give consent to the mentioned processing and it is required that the same information is eventually provided to all the parties to whom we will provide the data for the purposes mentioned above.
Your privacy rights
You have the right to ask the Controller, at any time, access to their personal data, correct or cancel them or oppose their processing, he is entitled to request the limitation of processing in cases provided for by art. 15-18 of the GDPR, to revoke the consent given pursuant to art. 7 of the GDPR at any time; to obtain, in a structured format, in common use and readable by automatic device, the data concerning it, in the cases provided for by art. 20 of the GDPR; and to propose a complaint to the competent control authority pursuant to article 77 of the GDPR (Personal Data Protection Authority) pursuant to art. 77 of the GDPR, if it considers that the processing of your data is contrary to the law in force.
You can make a request to object to the processing of data under Article 21 of GDPR which give evidence of the reasons justifying the opposition: The Controller reserves the right to assess your application, which would not be accepted in case of existence of legitimate reasons cogent to proceed with the processing that prevail over your interests, rights and liberties.
Requests must be sent in writing to the Controller at the addresses above indicated.