PRIVACY POLICY SUPPLIERS

Privacy Policy Suppliers

PRIVACY POLICY PURSUANT TO ARTICLE 13 of the GENERAL DATA PROTECTION REGULATION (EU) 2016/679 (GDPR) European regulation on personal data protection)

Dear Supplier, this information is provided to individual customers (natural persons) and to natural persons operating in the name of and on behalf of corporate customers (legal persons), pursuant to art.13 General Data Protection Regulation (EU) 2016/679 (GDPR) (European regulation on personal data protection).

 

1) THE DATA CONTROLLER’S IDENTITY AND CONTACT DETAILS

The data controller is Sipol S.p.A. – Via Leonardo Da Vinci, 5 – 27036 Mortara (PV) – VAT NO. 01842120188| C.F. 01669490037 – Tel. +39 0384 295237 - privacy@sipol.com.

 

2) THE PURPOSES OF AND LEGAL BASIS FOR THE DATA PROCESSING

The processing of your data is necessary

  • to meet obligations arising from a contract to which you are party, or to comply, before and after the execution of the contract, with your specific requests;
  • to comply with legal obligations of an administrative, accounting, civil or fiscal nature, regulations, EU and non-EU legislation;
  • for supplier management purposes (administration, management of suppliers, contracts, orders, arrivals, invoices, selections based on company need, quality management);
  • for litigation management (breaches of contract; formal notices, transactions, debt collection, arbitration, legal disputes);
  • for sending communications.

The legal basis for the data processing is art. 6, para. 1, points b), c) and f) of Regulation (EU) 2016/679 (GDPR).

 

3) METHODS OF PROCESSING

Your data will be processed using paper and electronic methods. Please be assured that we have implemented all measures deemed necessary and/or appropriate in order to maintain the integrity of the data, and to prevent their loss, even accidental, as well as unauthorised access to and use of the same.

 

4) RECIPIENTS OF PERSONAL DATA

Your personal data will not be disseminated, only communicated to specific subjects. On the basis of their roles and qualifications, internal and external staff members are entitled to process the data within the limits of their competences and in accordance with the instructions given them by the data controller. The same data may also be communicated to parties entitled to access them pursuant to legal provisions, rules and regulations, to mail delivery companies, banks and credit institutions, law firms, insurance companies, IT support companies, professional studios/companies providing accounting, fiscal and tax services, freelance/casual collaborators, agents, bodies/companies appointed by and/or in a collaboration relationship with the undersigned, judicial authorities.

 

5) DATA TRANSFER

Your personal data will be managed and stored on servers located within the European Union and will not be transferred outside the European Union. It is nevertheless understood that the data controller retains the right, if necessary, to choose to use servers located in other locations in Italy and/or the European Union and/or non-EU countries, and/or to use cloud services. In such cases, the data controller guarantees, as of now, that any data transfer outside the EU will take place in compliance with the applicable legal provisions, if necessary through the stipulation of agreements designed to  guarantee an adequate level of protection and/or through adoption of the standard contractual clauses envisaged by the European Commission.

 

6) DATA STORAGE

The data controller keeps and processes personal data for the time strictly necessary to fulfil the purposes indicated, or for the period imposed by applicable civil and tax laws.

 

7) THE RIGHTS OF THE DATA SUBJECT

Pursuant to articles 15 et seq. of Regulation (EU) 2016/679 (GDPR), data subjects may exercise their rights by writing to the data controller at the address given above or by sending an e-mail to privacy@sipol.com. Data subjects also have the right to lodge complaints with the supervisory authority in the member state of their habitual residence.

 

8) PROVISION OF DATA

Where provision of the data requested is necessary in order to comply with legal requirements, rules and regulations, and thus determines our ability to meet, correctly and effectively, our contractual obligations, your possible refusal to provide the said data will make it impossible for us to establish and maintain a business relationship with you.

 

9) AUTOMATED DECISION-MAKING PROCESSES

The data controller does not process data using methods involving automated decision-making processes.