Notice to Clients and Suppliers

Notice to Clients and Suppliers

Pursuant to EU Regulation 2016/679 on protecting individuals concerning processing personal data.
Data processing relating to legal entities does not fall within the scope of the personal data protection regulations established by the Regulations. However, for the sake of clarity and transparency towards its Customers and Suppliers, Emmeti S.p.A. Single Member Company makes this information available to legal entities as well, describing the methods and purposes of all the processing that the Company carries out or has the right to carry out on personal data.

Premise

According to art. 13 of EU 2016/679 Regulation, Emmeti S.p.A. Single Member Company (hereinafter "the Company"), with registered office in Via Brigata Osoppo, 166 - 33074 Vigonovo di Fontanafredda, which can be contacted to exercise your rights permitted by current legislation at the office address or by email - [email protected], the Controller of the personal data processing that has already been communicated or that will be communicated in the future and where the personal data is or will be collected, wishes to inform you that the data concerning you may be processed, in compliance with the aforementioned legislation, by the Company concerning the contractual relationships with you presently or in the future.

1) Source of personal data

Personal data provided, or that will be obtained with contractual relationships, is collected directly from the interested party. All personal data collected is processed in compliance with current legislation and, in any case, with the utmost confidentiality.

2) Nature of the collection

To stipulate and execute the contractual relationship, collecting personal data is also mandatory when having to comply with legal and tax obligations; the refusal to provide such personal data will make it impossible to establish a relationship with the Company. The relative processing does not require the consent of the interested party.

3) Purpose and legal basis for the processing

The collection or processing of personal data has the exclusive purpose of providing adequate compliance with the obligations related to carrying out the Company's economic activity and, in particular, for:

a) executing pre-contractual activities and obtaining preliminary information to sign the contract;

b) managing the contractual relationship and all the administrative, operational, management, and accounting activities related to the contract (order management, invoicing, checks on the reliability of suppliers, assistance, and after-sales support);

c) managing litigations, breaches of contract, warnings, transactions, arbitrations, and judicial disputes;

d) fulfilling the obligations established by laws, regulations, community regulations, and provisions issued by authorities.

The processing is carried out by fulfilling the contractual/pre-contractual and legal obligations relating to the relationship established with the Company.

4) Nature of the conferment and consequences of any refusal

Providing personal data to the Company is mandatory, yet only for personal data for which there is a legal or contractual obligation or for the personal data necessary to obtain pre-contractual information as requested by the interested party. If any refusal to provide such "mandatory" personal data, the contract may not be fully exercised. Any refusal to provide personal data for which there is no obligation to provide but strictly functional to the execution of contractual relationships will not, in principle, have any consequences in relation to an ongoing relationship, except for the possible inability to follow up on transactions related to such personal data or the impossibility of establishing new relationships. Any refusal to provide personal data related to other activities, not strictly functional to the execution of the contractual relationships can only prevent the conduct of such additional activities without further consequences.

5) Processing methods

The processing of personal data will be carried out lawfully and correctly and, in any case, in compliance with the law above, utilizing instruments that guarantee security and confidentiality. It may also be carried out through IT tools to store, manage and transmit the data.

The processing will be carried out mainly, by the Company's internal organization under the direction and control of the corporate functions in charge and for the purposes indicated above, as well as by Group companies or third parties, as identified in point 7 below.

Retaining personal data will take place in a form that allows identifying the data subject for a period that doesn’t exceed the time required for its collected and processed purposes.

6) Duration of processing

The personal data, subject of the processing, will be retained for the time strictly necessary regarding the contractual relationship and, subsequently, for the fulfillment of all the legal obligations connected, or deriving from, the contract stipulated with the Company.

7) Recipients of personal data

Without prejudice to communications carried out in compliance with a legal obligation, regulations, intra-group or community legislation, communication, by simply consulting or making available personal data concerning you, may intervene with the following subjects:

a) institutions, supervisory bodies, authorities, or public institutions;

b) Companies belonging to the RETTIG Group, controlling, controlled, or associated with our Company, located in Italy or abroad;

c) natural or legal persons providing specific services: data processing, logistics, and postal services, customer satisfaction surveys, legal, administrative, tax and/or accounting consultancy, organization of exhibitions and communication events;

d) commercial intermediaries, banks and credit institutions, financial intermediation companies, natural or legal persons responsible for credit recovery, credit information companies, auditing and/or certification of financial statements and quality systems, independent collaborators of the Company, agents and reporters, insurers and brokers;

e) natural and/or legal persons who request references/data for participating in public tenders, or in the context of executing supply contracts to their customers by Emmeti S.p.A. Single Member Company.

The subjects referred to in points a), d), and e) operate as independent Data Controllers.

We wish to reassure you that, in any case, the subjects mentioned above only pass on personal data that is necessary and relevant to the purposes of the processing they are responsible, exclusively in an anonymous form.

The list of such third parties will be constantly updated and accessible to you upon request to the Company. Through links with them, via computerized, electronic, or correspondence means, personal data may be made available abroad, even with countries outside the EU, assuming there is relative authorization or based on standard contractual clauses.

Personal data will not be disclosed in any case.

8) Rights of the interested party

You have the right to access personal data under Art. 15 of the 2016/679 EU regulation and the rights provided for by articles 16, 17, 18, and 21 of EU Regulation 2016/679 regarding rectification, deletion, limitation of processing, and the right to object in the manner established by art. 12 of the 2016/679 EU Regulation.

9) Right to lodge a complaint, pursuant to Art. 77 of the EU Regulations, to the Guarantor Authority

Should our Company not provide you with a response within the time provided for by law or the reply to exercise your rights not be appropriate, you can lodge a complaint with the Guarantor for the protection of personal data at the following address:

Guarantor for the protection of personal data
Piazza Venezia 11 - 00187 Rome - Italy
www.gpdp.it- www.garanteprivacy.it
Telephone: (+39) 06.696771