INFO: +39 +39 02 25063503
EMAIL: INFO@ITALBALTICGROUP.COM

PRIVACY NOTICE TO CLIENTS/SUPPLIERS

This notice is provided to clients/suppliers who are natural persons and natural persons operating in the name and on behalf of clients/suppliers that are juridical persons from the company ITALBALTIC SRL  pursuant to Article 13 of Legislative Decree no. 196 of 30 June 2003 no. 196 – “Italian Data Protection Code” and Article 13 GDPR 679/2016 – “The General Data Protection Regulation.”

Identity of the Data Controller

The Data Controller of the data of clients/suppliers who are natural persons or natural persons operating in the name and on behalf of clients/suppliers that are juridical persons is the legal representative of the company. Head office address:  Via Archimede no. 35 – 20864 Agrate Brianza ( MB ) Italy

Source of data

The personal data processed are those provided by the data subject in the following circumstances:

  • During visits or phone calls
  • To acquire data and pre-contractual information
  • To manage and control risk, prevent potential fraud, insolvency or non-compliance;
  • To perform the operations needed to fulfil orders and other requests;
  • To prevent and manage possible disputes, start legal proceedings if necessary;
  • To manage accounting and tax-related obligations;
  • To open and manage transactions and claims for compensation in the event of damage suffered by clients/suppliers
  • To manage administrative, accounting, civil law and tax obligations
  • To prepare and submit returns and documents of a civil law and fiscal nature, as provided for by laws, regulations, and Community measures and directives.
  • To complete the “contract request” form”
  • To request information, even via email
  • During the course of previous transactions

Purpose of processing

The personal data of clients/suppliers who are natural persons and natural persons operating in the name and on behalf of clients/suppliers that are juridical persons, if provided, are processed by the Data Controller and the tax advisor to:

  • forward communications of various kinds via different means of communication (telephone, cell phone, text message, e-mail, fax, paper mail)
  • prepare requests or respond to incoming requests
  • exchange information required to perform contracts, including pre and post-contractual activities
  • perform the operations needed to fulfil orders and other requests
  • start and manage settlements and compensation requests in the case of personal damage

Finally, the personal data of clients/suppliers who are natural persons and natural persons operating in the name and on behalf of clients/suppliers that are juridical persons will be included in the archives of the Data Controller and used (see Article 130, paragraph 4 of Legislative Decree no.  196/2003 and the General Measure of the Italian Data Protection Authority of 1 July 2008 no. 188 / C, Formulation 6, points a, b, c) for sending communications concerning products, services , news and promotions.

Data recipients

The personal data processed by the Data Controller will not be disseminated, and will not be disclosed to undetermined subjects, in any possible form, including that of their availability or simple consultation. Instead, they may be communicated to workers who work for the Data Controller and to some external subjects who collaborate with them. They may also be communicated, to the extent strictly necessary, to persons who for purposes of processing orders or other requests or services related to the transaction or contractual relationship with the Data Controller, must provide goods and / or perform services on behalf of the Data Controller. Finally, the data may be communicated to the persons entitled to access them by virtue of the law, regulations, and Community rules. In particular, based on the roles and tasks performed, some workers have been entitled to process personal data, within the limits of their competences and in accordance with the instructions given to them by the Data Controller.

Data transfer

The Data Controller does not transfer personal data to third countries or to international organizations. However, it reserves the right to use cloud services; in which case, the service providers will be selected among those who provide adequate guarantees, as required by Article 46 of GDPR 679/16.

Data retention

The Data Controller retains and processes personal data for the time necessary to fulfill the purposes indicated. Subsequently, personal data will be stored, and not further processed, for the time established by the current provisions on civil and fiscal matters.

Rights of the data subject

With reference to Article 7 of Legislative Decree no. 196/2003 and Articles 15 (right of access), 16 (right of rectification), 17 (right to cancellation), 18 (right to limitation of processing), 20 (right to portability), 21 (right of opposition) and 22 (right to oppose the automated decision-making process) of GDPR 679/16, the data subject exercises his/her rights by writing to the Data Controller at the address indicated above, or via email, specifying the subject of his/her request, the right he/she intends to exercise and attaching a photocopy of an identification document that attests to the legitimacy of the request.

Withdrawal of consent

With reference to Article 23 of Legislative Decree no. 196/2003 and Article 6 of GDPR 679/16, the data subject can withdraw consent given at any time. However, the processing referred to in this notice is lawful and permissible, even without consent, as it is necessary for the performance of a contract of which the data subject is part (the service supply relationship) or for the fulfillment of the data subject’s requests.

Complaints

The data subject has the right to lodge a complaint with the supervisory authority of the state of his/her residence.

Refusal to provide data

Clients/suppliers who are natural persons cannot refuse to give the Data Controller the personal data necessary to comply with the laws that regulate commercial transactions and taxation. The provision of further personal data may be necessary to improve the quality and efficiency of the transaction. Therefore, the refusal to provide the data required by law will prevent the fulfillment of orders; while the provision of additional data may compromise all or part of the processing of other requests and the quality and efficiency of the transaction.

Persons working in the name and on behalf of clients/suppliers who are legal entities may refuse to give the Data Controller their personal data. The provision of personal data is however necessary for a correct and efficient management of the contractual relationship. Therefore, any refusal to provide the data may compromise the contractual relationship in whole or in part.

Automated decision-making process

The Data Controller does not engage in any processing that constitutes automated decision-making using the data of clients/suppliers who are natural persons or natural persons operating in the name and on behalf of clients/suppliers that are juridical persons.

Menu
Call Now Button