Privacy policy for customers and suppliers

INFORMATION PURSUANT TO ART.13 GDPR 679/2016 (European Regulation on the protection of personal data) This information is provided pursuant to art. 13 GDPR 679/2016 (European regulation on the protection of personal data): - to customers / suppliers, natural persons and to natural persons working in the name and on behalf of clients / suppliers, legal entities; - to individuals and natural persons working in the name and on behalf of companies, legal entities that come into contact with Biepi S.r.l. for information request or for marketing purposes.

  1. IDENTITY AND CONTENT OF THE HOLDER:

The Data Controller is the company BIEPI S.R.L., with registered office at Via Monte Arera 14 - 24040 Castel Rozzone (BG) in the person of its legal representative pro-tempore.

  1. DATA OBJECT OF THE TREATMENT

The Data Controller will process your personal data (Article 4.1 of the Rules), collected within the scope of the contract and / or for the purpose of the conclusion thereof, including, by way of example but not limited to, name, surname, telephone number and mobile, address, e-mail address of your contact persons and in general your contact details and in any case the minimum data necessary for the management of the contractual service requested. The eventual treatment of data belonging to particular categories (article 9.1 of the Regulations), can be done only with the explicit consent of the same pursuant to art. 9.2 (a) of the Rules. The data are collected within the contractual relationship and / or through the contact form available on the company website and / or made available in paper format.

  1. PURPOSE, LEGAL BASIS AND OPTIONALITY OF TREATMENT

Your personal data will be processed for the following purposes:

  1. management preliminary requirements to the conclusion of a contract;
  2. fulfillment of the contractual obligations towards the interested party by executing every act, plurality of deeds or set of operations necessary for the fulfillment of the aforementioned obligations;
  1. execution of obligations arising from a contract of which you are a part or to fulfill, before and after the execution of the contract, to your specific requests. The legal basis of these treatments is the execution of a contract of which the interested party is a party or the execution of pre-contractual measures adopted at the request of the same (article 6.1 (b) of the Regulations);
  2. fulfillment of legal obligations of administrative, accounting, civil, tax, regulation, community and non-EU legislation. The legal basis of the processing is the fulfillment of a legal obligation to which the Data Controller is subject (article 6.1 (c) of the Rules);
  3. customer management (acquisition of pre-contractual data and information, customer administration, reliability and solvency control to prevent possible fraud, insolvency and / or defaults, contract administration, orders, shipments and invoices). The legal basis of the processing refers to the pursuit of the legitimate interest of the Controller in charge of administrative and economic management control (Article 6.1 (f) of the Rules);
  4. management of litigation (contractual failures, warnings, transactions, debt collection, arbitration, judicial disputes). The legal basis of the processing is referred to the pursuit of the legitimate interest of the owner in the defense of a right in administrative and judicial (article 6.1 (f) of the Regulations);
  5. management of specific requests, information; the legal basis for processing is the manifestation of explicit consent (art, 6.1 (a) of the Rules);
  6. carrying out market research, sending advertising / informative material, promotional activities; the legal basis for processing is the manifestation of explicit consent (art. 6.1 (a) of the Rules).

These data will be included in the Data Controller's archives and used to send technical, commercial and similar services to those of the previous purchases or object of your specific requests. In particular, they will be used to send, via e-mail, information and communications concerning technical and commercial services, value-added services, interactive pre and post sales services, news and promotions.

  1. COMMUNICATION TO WELL-DEFINED PERSONS

On the basis of the roles and tasks performed, internal and external personnel are entitled to treatment within the limits of their competences and in accordance with the instructions given to them by the Owner. The same data may be disclosed to the parties entitled to access it under the provisions of the law, regulations, correspondence companies, banks and credit institutions, debt collection companies, law firms, insurance companies, computer equipment maintenance companies, professional firms / companies providing accounting, tax, tax, self-employed / casual services, agents.

  1. DATA TRANSFER

The Data Controller does not transfer personal data to third countries; however it reserves the possibility to use services in cloud and in this case the service providers will be selected among those who provide adequate guarantees, as foreseen by the art.46 GDPR 679/16.

  1. DATA CONSERVATION

The Data Controller retains and processes personal data for the time strictly necessary to fulfill the purposes indicated or for the period imposed by the provisions in civil and fiscal matters.

  1. RIGHTS OF THE INTERESTED PARTY

In accordance with art. 15 right of access, 16 right of rectification, 17 right to cancellation, 18 right to limitation of treatment, 20 right to portability, 21 right to the opposition and 22 right to oppose the automated decision-making process of GDPR 679 / 16 The interested party can exercise his rights by writing to the Data Controller at the address indicated above or by sending an email to privacy@biepi.net.

  1. REVOCATION OF CONSENT

With reference to article 6 of GDPR 679/16, the interested party can revoke the consent given at any time.

  1. RIGHT TO PROPOSE CLAIM

The interested party is always entitled to lodge a complaint with the competent supervisory authority (Guarantor for the Protection of Personal Data), pursuant to art. 77 of the GDPR, if you believe that the processing of your data is contrary to the law in force. At any time he may revoke the consent already given (Article 7.3 of the Regulations), without prejudice to the lawfulness of the processing carried out prior to the withdrawal of consent.

  1. DATA CONFERENCE

The provision of data (as per the purposes from 1 to 6) is mandatory on the basis of compliance with the law, regulations, regulations and conditioning the possibility of correctly and effectively fulfilling the contractual obligations assumed; therefore a refusal to provide the data will make it impossible to fulfill the contractual obligations assumed.

  1. AUTOMATED DECISION MAKING PROCESSES

The Data Controller does not process treatments that consist of automated decision-making processes on the data processed.