Informativa Privacy riferita al trattamento di dati personali di clienti/fornitori e loro referenti Reg.UE 2016/679 – G.D.P.R. General Data Protection Regulation Art.12, 13, 14.

General information

All interested parties in the processing (customers, suppliers, stakeholders in general) and their contact persons (hereinafter “interested parties”, ex. Art.4, c.1 of the GDPR)) are informed that the professional relationships established with the undersigned Data Controller may involve the processing of personal data, in compliance with the following general principles:

  • Tutti i dati sono trattati in modo lecito, corretto e trasparente nei confronti dell’interessato, nel rispetto dei principi generali previsti dall’Art.5 del GDPR;
  • Specifiche misure di sicurezza sono osservate per prevenire la perdita dei dati, usi illeciti, o non corretti ed accessi non autorizzati;
  • Il Titolare del Trattamento è la scrivente Società (Proind srl.us Via Fornace Cavallino, 13/15-20073 Opera MI )
  • Al Titolare è possibile rivolgersi per esercitare tutti i diritti previsti dagli art.15-21 del GDPR (diritto di accesso, di rettifica, di cancellazione, di limitazione, di portabilità, di opposizione), nonché revocare un consenso precedentemente accordato o proporre un reclamo all’Autorità di controllo per la protezione dei dati personali.

Object of the treatment

The Data Controller processes personal identification data of the customer/supplier (for example, name, surname, company name, personal/fiscal data, address, telephone, e-mail, bank and payment details) and of its operational contacts (name, surname and data contact details) acquired and used in the provision of services provided by the Owner.

Purpose and legal basis of the processing

The data is processed for: conclude contractual/professional relationships;

  • Adempiere agli obblighi precontrattuali, contrattuali e fiscali derivanti dai rapporti in essere, nonché gestire le necessarie comunicazioni ad essi connessi;
  • Adempiere agli obblighi previsti dalla legge, da un regolamento, dalla normativa comunitaria o da un ordine dell’Autorità
  • Esercitare un legittimo interesse nonché un diritto del Titolare (ad esempio: il diritto di difesa in sede giudiziaria, la tutela delle posizioni creditorie; le ordinarie esigenze interne di tipo operativo, gestionale e contabile).

Failure to provide the aforementioned data will make it impossible to establish the relationship with the Data Controller. The aforementioned purposes represent, pursuant to Article 6, paragraphs b,c,f, suitable legal bases for the lawfulness of the processing. If it is intended to carry out processing for different purposes, specific consent will be requested from the interested parties.

Treatment methods

The processing of personal data is carried out by means of the operations indicated in the Art. 4 no. 2) GDPR and precisely: collection, recording, organisation, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data is subjected to both paper and electronic and/or automated processing. The Data Controller will process personal data for the time necessary to fulfill the purposes for which they were collected and related legal obligations.

Scope of treatment

The data is processed by internal subjects duly authorized and trained pursuant to Article 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise information on any external parties who operate as independent data controllers or data controllers (consultants, technicians, banking institutions, transporters, etc.). We also inform you that personal data may be the subject of intercompany communication between Group companies. The data is not subject to dissemination or transfer to non-EU countries. If it becomes necessary, in the context of tenders/tenders or in the fulfillment of regulatory obligations (e.g. joint and several liability, anti-corruption, anti-mafia, anti-money laundering, etc.), to acquire personal data of their employees from customers/suppliers, it is agreed between the parties that the undersigned company will be entitled to the processing as an external manager (Art.28 GDPR) or as an authorized person (Art.29 GDPR). As part of this relationship, the undersigned company undertakes to process such data in compliance with the conformity requirements established by the GDPR, guaranteeing any communication to further subjects exclusively within the scope of specific legal obligations.