Notice on the processing of personal data pertaining to relations with customers and potential customers
The following information is intended for natural persons, including professionals, sole proprietors and representatives/contact persons of companies, bodies, associations and foundations, hereinafter referred to as ‘Data Subjects’.
Identity and contact details of the Data Controller
Anodica Trevigiana S.p.A. Società Benefit (Benefit Corporation), hereinafter also referred to as ‘Anodica Trevigiana’ or ‘Data Controller’ with registered office in Via del Lavoro, 1 - Z.I. Cimavilla - 31013 - Codognè (TV), may be contacted at the e-mail address info@anodica.it, at the PEC address anodicatrevigiana@registerpec.it or by calling +39 0438771771.
Purpose and legal bases
- Management of the pre-contractual phase:: personal data are processed for all needs relating to the processing of requests for information and/or estimates.
- Collection of commercial information: personal data are processed to collect information in order to verify the economic, financial and asset situation of Data Subjects, as well as their soundness, solvency and reliability.
- Management of the contractual phase: personal data are processed for all needs relating to the management of contractual relations throughout all phases (e.g. the management of appointments, organisation of logistics, management of customer support activities and fulfilment of regulatory obligations imposed on the Data Controller).
- Defence purposes: the Data Controller may need to process personal data in order to manage extra-judicial or judicial disputes and litigation.
|
Purpose |
Legal basis (common data) |
Legal basis (specific data) |
|
A. |
Implementation of pre-contractual measures. |
/ |
|
B. |
Legitimate interest of the Data Controller in relation to the analysis and definition of business strategies and policies, the identification of suitable parties for establishing or continuing business relations, payment terms and conditions, and fraud prevention. |
/ |
|
C. |
Execution of the contract; |
/ |
|
D. |
Legitimate interest of the Data Controller in ascertaining, exercising or defending a right. |
Ascertaining, exercising or defending a right. |
Retention timeframe
Purpose | Retention timeframe |
A. | The time required to process incoming requests and subsequent communications. |
B. | The time required to carry out checks. |
C. | 10 years after termination of the contract. |
D. | 10 years from the final resolution of the dispute. |
Nature of the provision and consequences of refusal
Purpose | Nature | Consequences | |
A. | Necessary | Impossibility to receive the requested information. | |
B. | Not applicable | / | |
C. | Necessary | Necessary Impossibility to start or continue business relations. | |
D. | Necessary | Necessary Impossibility to manage the dispute. | |
Scope of communication
Data are processed by in-house staff authorised to carry out specific tasks, and are communicated to external parties in accordance with the following regulations:
Purpose | External recipient categories |
A. | Agents, business consultants, business brokers. |
B. | Business information companies, agents. |
C. | Insurance or credit transfer companies, agents, credit institutions, external consultants, persons to whom disclosure is mandatory by law, business partners (customers/suppliers). |
D. | Law firms; debt collection or transfer companies; judicial authorities. |
As data are also processed using IT tools, they may also be visible to persons providing assistance/maintenance for those systems.
Data transfer to a third country or an international organisation
The Data Controller may transfer personal data to third countries where cloud technology systems are used, provided by third parties. Any transfer will only be made if adequate safeguards are in place, as required by Chapter V of Regulation (EU) 679/2016.
Rights of Data Subjects
Data Subjects have the following rights:
- Access: to find out whether their personal data is being processed and, if so, gain access to such data and request a copy.
- Rectification: to ask for their personal data to be updated and corrected (if inaccurate) and for incomplete data to be integrated.
- Erasure: to have their personal data erased under certain conditions (for further information, please contact the Data Controller).
- Restriction: to ask for their data to be flagged in order to restrict processing in the future under certain conditions (for further information, please contact the Data Controller).
- Objection: to object to the processing of their personal data on grounds relating to a particular situation, where processing is based on legitimate interest or is required for performing a task in the public interest or in connection with exercising official authority vested in the Data Controller. Data subjects may also object to the processing of their personal data for direct marketing purposes by writing to the address privacy@anodica.it.
- Portability: to receive, in a structured format, the personal data submitted to the Data Controller and ask for data to be transmitted to another data controller if the processing is based on consent or a contract, and is carried out by automated means.
- Withdrawal of consent: to withdraw consent for the purposes for which it was given, without affecting the lawfulness of processing carried out up to that point.
The effective rights that may be exercised in relation to the processing activities performed are:
Purpose | Exercisable right | ||||||
Access | Rectification | Erasure | Restriction | Objection | Portability | Withdrawal of consent | |
A. | X | X | X | X | |||
B. | X | X | X | X | X | ||
C. | X | X | X | X | X | ||
D. | X | X | X | X | X | ||
To exercise the above rights, you may use the form available at the link https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1089924 and send it to the following address: privacy@anodica.it. The data subject may contact the same address to request further details regarding the above information (e.g. legitimate interest balancing test or the list of data processors).
You may lodge a complaint with a supervisory authority: in Italy, with the Italian Data Protection Authority (www.garanteprivacy.it).