FERLATTA SPA as Data Controller of personal data, based in Bernate Ticino (MI), Via dei Mille, 12 intends to provide adequate information to natural persons who work in the name and on behalf of suppliers, customers, partners. and other subjects pursuant to art. 13 EU Reg. 2016/679. The Processing is carried out to execute the contract of which each supplier, customer, partner or other person is a party or to carry out pre-contractual or post-contractual measures adopted at the request of the same; therefore, personal data of natural persons who operate in the name and on behalf of the subjects indicated may be processed for the following purposes: to forward communications, formulate requests or process requests received, exchange information aimed at the execution of the contractual relationship, including activities pre and post contractual. With reference to articles 12 to 22 of the EU Reg, the interested party may exercise the following rights: access, rectification, cancellation, limitation of processing, opposition to the automated decision-making process of the GDPR 679/16. The interested party exercises his rights by writing to the Data Controller at the following email address email@example.com, specifying the subject of his request, the right he intends to exercise and attaching a photocopy of an identity document certifying the legitimacy of the request.
Information for customers, partner suppliers and any other subjects involved art. 13 of the European Regulation n. 16/679 and the national legislation on the protection of personal data.
FERLATTA SPA, as Data Controller of personal data, based in Bernate Ticino (MI), Via dei Mille, 12, hereby wishes to provide adequate information to natural persons who work in the name and on behalf of suppliers, of customers, partners and all subjects involved in contractual or pre-contractual and post-contractual activities of FERLATTA SPA, pursuant to art. 13 GDPR 679/16 – “European regulation on the protection of personal data” and the national legislation on the protection of personal data.
- Data object of the treatment
The personal data processed are personal and contact data provided or received by the interested party on the occasion of:
– visits or phone calls or emails;
– direct contacts obtained following participation in events, etc .;
– requests for commercial information, proposition of offers;
– requests through our website or through the website of suppliers, customers, partners, other subjects transmissions and transactions subsequent to the order for the supply of the service or good (supplied / purchased) job requests.
- Purpose of the processing
The personal data of natural persons who operate in the name and on behalf of suppliers, customers, partners and other subjects are processed for:
forward communications with different means of communication (telephone, mobile phone, text message, email, fax, paper mail, etc.);
formulate requests or process requests received;
exchange information aimed at the execution of the contractual relationship, including pre and post contractual activities, including assistance
invoicing and all activities related to the sale or provision of services;
The interested party may refuse to give the Data Controller his personal data.
The provision of personal data is however necessary for a correct and efficient management of the contractual relationship with suppliers, customers, partners and other subjects involved in the activities of the Data Controller. Therefore, any refusal to provide the data may compromise in whole or in part the contractual relationship itself or the pre and post contractual activities.
- Legal basis
The processing is necessary for the execution of a contract of which each subject is a party or for the execution of pre-contractual or post-contractual measures adopted at the request of the supplier, customer, partner, other subjects or FERLATTA SPA. It is also necessary for the processing of requests received or for the formulation of requests.
The data of the interested parties will be processed using manual or automated tools also by inserting them into databases, lists and lists suitable for the storage, management and transmission of data, in the ways and within the limits necessary for the pursuit of the aforementioned purposes.
FERLATTA SPA has established adequate security measures in order to protect the data of natural persons who operate in the name and on behalf of suppliers, customers, partners and other subjects, such as: UTM firewall with advanced services including anti-ramsonware, back up encrypted, smart card access or biometric recognition.
The data will be processed exclusively by persons authorized for processing within FERLATTA SPA, in relation to the purpose of the processing.
- Data recipients
The personal data processed by the Data Controller will not be disclosed, that is, it will not be disclosed to indeterminate subjects, in any possible form, including that of making them available or simple consultation. Instead, they may be communicated to the Owner’s workers and to some external subjects who collaborate with the Owner, always in compliance with specific purposes (eg filling out pay slips). In particular, these are employees / collaborators who, on the basis of the roles and work tasks performed, have been entitled to process personal data, within the limits of their competences and in accordance with the instructions given to them by the Data Controller. They may also be communicated, within the strictly necessary limits, to subjects who, for specific purposes (eg: issuing our orders; requests for information and quotes; formulating offers) must use them.
The data could be accessed (for assistance purposes on SW applications, on IT networks and for connectivity) our appointed technicians or external consultants or agents of companies that provide these services. Finally, they may be communicated to the subjects entitled to access it by virtue of the provisions of the law, regulations, community regulations.
- Data transfer
The Data Controller does not transfer personal data to third countries or to international organizations.
- Data retention
The Data Controller keeps and processes personal data for the time necessary to fulfill the purposes indicated. Subsequently, the personal data will be stored, and not further processed, for 10 years in accordance with the law.
- Rights of interested part
With reference to articles 15 – right of access, 16 – right of rectification, 17 – right to cancellation, 18 – right to limitation of processing, 20 – right to portability, 21 – right to object, 22 – right to object to the automated decision-making process of the GDPR 679 / 16, the interested party exercises his rights by writing to the Data Controller at the following email address firstname.lastname@example.org specifying the subject of the request, the right that the interested party intends to exercise and attaching a photocopy of an identity document that certify the legitimacy of the request.
Proposition of complaint
The interested party has the right to lodge a complaint with the supervisory authority of the State of residence. For more information on the right to lodge a complaint, you can visit the following web page: https://goo.gl/GLbTN9