Home / Politique de confidentialité - Fournisseurs
Politique de confidentialité - Fournisseurs
Traitement des données personnelles

INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ART. 13 OF EU REGULATION 679/2016

The data Controller informs you about the processing of personal data necessary for the management of the contractual relationship. Personal data can also be referred to employees and collaborators necessary for the proper management of the relationship.

Data subjects

Suppliers and contact persons of customer companies.

Data controller

COPERNIT S.p.A. with registered office in Via Provinciale Est, 64- 46020 Pegognaga (MN) VAT number 02095570202, contact e-mail: info@copernit.it.

Purpose of processing

Your data will be processed for the following purposes according to the relevant legal bases:

  1. Purpose: Management of the activities provided for in the supply contract.
    Legal basis:
    The processing is necessary for the execution of a contract to which the data subject is a party. Art. 6 par. 1(b)
  2. Purpose: Obligations arising from the application of accounting and tax regulations.
    Legal basis: The processing is necessary to fulfil a legal obligation to which the data controller is subject. Art. 6 par. 1(c)
  3. Purpose: Obligations arising from the application of the Health and Safety at Work Regulations Legislative Decree. 81/08, in case the supplier carries out outsourced activities at our premises.
    Legal basis: The processing is necessary to fulfil a legal obligation to which the data controller is subject. Art. 6 par. 1(c)
  4. Purpose: Litigation management.
    Legal basis: The processing is necessary for the pursuit of the legitimate interest of the data controller or third parties. Art. 6 par. 1(f)

In no way will an automated decision-making process (profiling) be applied to your personal data.

Categories of personal data processed

For the above-mentioned purposes, it is necessary to process:

  • common identification and contact data;
  • data relating to the performance of the economic activities of the data subject.

Processing methods

The personal data collected will be processed mainly with:

  • company computer systems and paper archives, in compliance with the security measures provided for in Article 32 of the GDPR;
  • your personal data will be processed by subjects designated as data processors pursuant to Art. 29 of GDPR.

Personal data communication

Personal data may be disclosed to:

  • Banks and Credit Institutions;
  • companies providing standard digital preservation services;
  • public and/or private authorities whose disclosure is necessary in order to comply with legislative obligations;
  • consultants and freelancers, also in an associated form;
  • shippers, carriers, logistic companies, Post Offices, etc.....

The Subjects mentioned above were expressly designated as Data Processors pursuant to Art. 28 of the GDPR or process the data as independent data controllers.

Disclosure of personal data

Your data will not be disclosed.

Transfer of data to Non-EU Countries

Personal data are processed within the European Union and stored on servers located there. In any case, the Data Controller assures from now that any possible data transfer to non-EU countries will take place in accordance with Article 44 et seq. of the GDPR.

Data retention period

The retention of your personal data is established according to the following logic:

  • Purpose: Retention of tax records
    Retention Period: Your data will be kept for 10 years, the retention time of tax records. Article 2220 of the Civil Code.

Rights of the data subject

Pursuant to Articles 15-22 of the GDPR, the data subject may request the data Controller to exercise the right of access, rectification, erasure (oblivion), restriction of processing, portability, objection to processing and withdrawal of consent.

Further information on the rights of the data subject can be found at www.garanteprivacy.it.

Pursuant to Article 77 of the GDPR, the data subject can submit a report or complaint by contacting the Italian Data Protection Authority with its registered office in Piazza Venezia, 11 - 00186 Rome email address: urp@gpdp.it.