GENERAL INFORMATIONS



Customers / suppliers / partners (stakeholders) and their representatives (hereinafter "IT subjects", pursuant to article 4, paragraph 1 of the GDPR) are informed that the professional relationships established with the person in charge may involve the treatment of personal data, in accordance with the following general principles:
• all data are processed in a lawful, correct and transparent manner in relation to the data subject, in compliance with the general principles established by art. 5 of the GDPR;
• specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access;
• the data controller is the undersigned Company Carlo Gavazzi Impianti SpA,

• a data protection officer can be contacted (privacy@carlogavazzi.it) to exercise all the rights provided by art.15-21 of the GDPR (right of access, rectification, cancellation, limitation, portability, objection), as well as revoke a previously provided consent or file a complaint with the Personal Data Protection Authority.


OBJECT OF THE TREATMENT

The data controller processes the personal identification data of the client / supplier / partner (eg name, surname, company name, personal / fiscal data, address, telephone number, e-mail, bank and payment details) and its operational representatives (name, surname and contact information) acquired and used for the purpose of the activity carried out.

PURPOSE

The data are processed to:
• conclude the contractual / professional relationships;
• fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships, as well as manage the necessary related communications;
• fulfill the obligations established by law, a regulation, EU legislation or an order of the Authority
• exercise a legitimate interest and a right of the controller (for example: right of defense in court, protection of credit positions, ordinary internal needs of an operational, managerial and accounting nature).
Failure to provide the above data will make it impossible to establish the relationship with the Owner. The purposes set out above represent, pursuant to art. 6, paragraphs b, c, f, legal bases suitable for lawful processing. If you intend to perform the processing for different purposes, a specific consent will be required from the interested parties.


MODE

The processing of personal data is carried out through the operations indicated in art. 4 (2) of the GDPR and more specifically: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data are subjected to both paper and electronic and / or automated processing. The Data Controller will process personal data for the time necessary to achieve the purposes for which it was collected and the related legal obligations.

SCOPE

The data are processed by internal parties duly authorized and appointed pursuant to art. 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining specific indications on any external subjects operating as data processors or independent data controllers (consultants, technicians, banks, transporters, etc.). We also inform you that personal data may be subject to intercompany disclosure among Group companies. Data are not subject to dissemination or transfer to non-EU countries. If it becomes necessary, in the context of tenders / contracts or in the execution of regulatory obligations (eg joint liability, anti-corruption, anti-mafia, anti-money laundering, etc.), acquire the personal data of its employees from customers / suppliers / partners, is agreed between the parties that the signatory company will have the legal right to process such data as an outsourced processing manager (Art.28 GDPR) or an authorized party (Art.29 GDPR). As part of this relationship, the undersigned company undertakes to process such data in compliance with the requirements established by the GDPR, guaranteeing any communication to other subjects exclusively within the scope of specific legal obligations