PRIVACY POLICY FOR RELATIONSHIPS ESTABLISHED WITH CUSTOMERS AND SUPPLIERS

Information provided in accordance with Art.13 of EU Reg.2016/679 (hereafter GDPR)

Data subjects are informed of the following general profiles, which apply to all areas of processing:

  • all data of the individuals we interface with are processed lawfully, fairly and transparently, in accordance with the general principles set forth in Art.5 of the GDPR;
  • specific security measures are observed to prevent data loss, illicit, or incorrect use and unauthorized access, in accordance with Art.32 of the GDPR.

Privacy references, contacts, and data subject rights

  • the Data Controller is the undersigned Company (Alias Srl – Via Berlinguer, 22 29020 Settima di Gossolengo PC – Tel: 0523.364040 – info@www.aliasblindate.com
  • the Data Controller has appointed a Data Protection Officer/Data Protection Officer (Dr. Gregorio Galli – Galli Data Service Srl – Strada della Viggioletta, 8 29121 Piacenza – Tel 0523.1865049 – Email  dpo@gallidataservice.com) whom you can contact to exercise all the rights provided by art.15-21 of the GDPR
  • right to request the presence of and access to personal data concerning him/her (Art.15 “Right of access”)
  • right to obtain rectification/integration of inaccurate or incomplete data (Art.16 “Right to rectification”)
  • right to obtain, if there are justified reasons, the cancellation of the data (Art.17 “Right to cancellation”)
  • right to obtain limitation of processing (Art.18 “Right to limitation”)
  • right to receive in a structured format the data concerning him/her (Art.20 “Right to portability)
  • right to object to processing and automated decision-making processes, including profiling (Art.21, 22)
  • right to revoke a consent previously given;
  • right to lodge a complaint with the Data Protection Authority in case of failure to respond.

Subject of treatment

The organization processes personal identifying data of customers/suppliers (e.g., first name, last name, company name, master/tax data, address, telephone, e-mail, bank and payment references) and their operational contacts (first name last name and contact data) acquired and used in the context of the delivery of the products/services provided.

Purpose and legal basis for processing

Data are processed for:

  • conclude contractual/professional relationships;
  • Fulfill pre-contractual, contractual and tax obligations arising from existing relationships, as well as manage the necessary communications related to them;
  • to fulfill the obligations required by law, regulation, EU legislation or an order of the Authority
  • to exercise a legitimate interest as well as a right of the Data Controller (for example: the right of defense in court, the protection of credit positions; ordinary internal operational, managerial and accounting needs).

Failure to provide the above data will make it impossible to establish the relationship with the Owner. The aforementioned purposes represent, in accordance with Art.6, paragraphs b,c,f, suitable legal bases for the lawfulness of the processing. Should it be intended to carry out processing for different purposes, an appropriate consent will be requested from the interested parties.

Method of treatment

The processing of personal data is carried out by means of the operations indicated in Art. 4 No. 2) GDPR and namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Personal data are subject to both paper and electronic and/or automated processing. The Data Controller will process personal data for as long as necessary to fulfill the purposes for which it was collected and related legal obligations.

Scope of treatment

Data are processed by duly authorized and instructed internal subjects in accordance with Art.29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise indications on any external subjects operating as autonomous Data Processors or Data Controllers (consultants, technicians, banking institutions, transporters, etc.).