Essential treatments for the execution of the contract with the SUPPLIER

Information on the processing of personal data

Information pursuant to art. 13 of the European Regulation 679/2016 on the protection of personal data [GDPR])

In accordance with the requirements set by the General Regulation on the protection of personal data, the Data Controller provides the interested party with the following information in relation to the processing of personal data made.

DATA CONTROLLER
Owner BRUNO ZAMPA SRL
Address Via Crosaron – 37053 CEREA (VR)
PIVA / CF 03980610236 / 
contacts Email: info@brunozampa.it
Legal representative Andrea Zampa
Privacy contact Laura Cavallaro (info@brunozampa.it)officer
Data protection Not this
Joint data
controllers No joint controllers present
If you intend to request further information on the processing of your personal data or for the eventual exercise of your rights, you can contact the aforementioned Privacy Contact in writing directly.
CATEGORIES OF INTERESTED PARTIES
List of categories of interested parties Potential customers, Consultants and freelancers, Suppliers: employees, Security Consultant
TREATMENT CARRIED OUT
Treatment essential for the execution of the contract with the SUPPLIER
Description Activities functional to the fulfillment of contractual and pre-contractual obligations, to management and execution of activities essential for the management of the Supplier.
ORIGIN, PURPOSE, LEGAL BASIS AND NATURE OF THE DATA PROCESSED
Origin Data collected from the interested party.
Purpose 1. Management of suppliers 2. Management of litigation 3. Monitoring of contractual obligations 4. Planning of activities 5. Internal control services 6. Occupational health and safety – If necessary7. Protection of customer or employee property 8. Accounting or treasury management 9. Services for the protection of company assets
Legal basis For purposes 1, 2, 3, 4, 6: The processing is necessary for the execution of a contract referred to the interested party is a party to or to the execution of pre-contractual measures adopted at the request of the same For the purposes 5, 7, 8, 9: The processing is necessary to fulfill a legal obligation to which the controller is subject
dataPersonal data processed Economic activities, commercial, financial and insurance, Product quality certificates [If necessary], Professional quality certificates [If necessary], Recipient Code for Electronic Invoicing, Tax Code and other personal identification numbers, Bank details, Residential address, E-mail address , Nature of the assets, Name, address or other elements of personal identification
The “particular” data (sensitive data) are those defined by art. 9 and 10 of Regulation 2016/679 / EU (“GDPR”). These data are processed in compliance with the provisions of the GDPR and in light of the General Authorizations issued by the Authority for the protection of personal data.
Particular data processed
Legal basis art. 9
RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL DATA
Categories of recipients The communication of your personal data, carried out on the legal bases provided for by Article 6 of Regulation 2016/679 / EU, to the following third parties is envisaged:
Judicial Offices, Local Authorities , Consultants and freelancers also in associated form, Banks and credit institutions, Social security and welfare bodies, Other public administrations, Professional associations and boards, Employers, Associations of entrepreneurs and companies, Trade unions and patronages, Joint bodies in the field of labor, subsidiaries and associates, INPS, Ministries (economy and finance), INAIL, ASL, hospitals and regions, judicial authorities, chambers of commerce, industry, crafts and agriculture
These bodies, organizations, companies and professionals act as data processors appointed by BRUNO ZAMPA SRL or they are themselves the Data Controllers ro transmitted.
Your personal data, or the personal data of third parties in its ownership, may also be communicated to external companies, identified from time to time, to which BRUNO ZAMPA SRL entrusts the execution of obligations deriving from the assignment received to which only the data necessary for the activities requested of them. All employees, consultants, temporary workers and / or any other “natural person” who, authorized to process, carry out their activities on the basis of the instructions received from BRUNO ZAMPA SRL, pursuant to art. art. 29 of the GDPR, are designated “in charge of processing” (hereinafter also “in charge”).to the persons in charge or managers, possibly designated, BRUNO ZAMPA SRL gives adequate operating instructions with particular reference to the adoption and compliance with security measures, in order to guarantee the confidentiality and security of data. Precisely with reference to the protection aspects of personal data, you are invited, pursuant to art. 33 of the GDPR to report to BRUNO ZAMPA SRL any circumstances or events from which a potential “breach of personal data (data breach)” may arise in order to allow an immediate assessment and the adoption of any actions aimed at countering this event by sending a communication to BRUNO ZAMPA SRL at the addresses indicated above. The obligation of remains BRUNO ZAMPA SRL valid to communicate the data to Public Authorities on specific request.
TRANSFER ABROAD
Transfers to foreign countries (non-EU) or to international organizations
No transfer to foreign countries or international organizations
The transfer abroad of your personal data can take place if it is necessary for the management of the assignment received. For the processing of information and data that will eventually be communicated to these subjects, the equivalent levels of protection adopted for the processing of personal data of its employees will be required. In any case, only the data necessary for the pursuit of the intended purposes will be communicated and the regulatory instruments provided for by Chapter V of the GDPR will be applied.
METHOD, LOGIC OF TREATMENT AND STORAGE TIMES
Duration of processing The data will be kept for the period strictly necessary to ensure the correct provision of the services purchased – except for the need for storage for a longer period in compliance with the applicable legislation, including accounting .
Your data is collected and registered in a lawful and correct manner for the purposes indicated above in compliance with the principles and provisions of art. 5 c 1 of the GDPR.  The processing of personal data takes place using manual, IT and telematic tools with logic strictly related to the purposes themselves and, in any case, in order to guarantee their security and confidentiality.
NATURE OF THE PROVISION
The processing of personal data will be carried out for the following purposes:
Purposes that do not require consent – Management of suppliers – Management of disputes – Monitoring of contractual obligations – Planning of activities – Internal control services – Health and safety at work – If necessary – Protection of customer or worker property – Accounting or treasury management – Services for the protection of corporate assets
Purposes that require consent
Only with your explicit consent to be expressed at the bottom of this information, the data, whose purposes require of consent, will be processed. In any case, the provision of data is optional and will not cause prejudice in relation to the contractual relationship with the Data Controller
existingFor data collected and used for needs related to the execution of activities related to the contractual relationship and compliance with the legal obligations indicated your consent is not required. Failure to communicate the aforementioned personal data will make it impossible to follow up on the relationship in question. Your consent is not required for the data collected and used for the legitimate interest of the Data Controller (letter f, art.6, of the GDPR). The communication of the above personal data is optional but necessary for the execution of the services offered by the Data Controller. Any refusal to communicate such data will make it impossible to provide all or part of the requested services.
RIGHTS OF THE INTERESTED PARTIES (Articles 15 to 22 of the GDPR)
Right of access The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to request the owner access to their personal data. 
Right of rectification The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to request the owner to rectify their personal data. 
Right of cancellation The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to request the owner to delete their personal data. 
Right of limitation The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to request the owner to limit the data concerning him. 
Right of opposition The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to oppose their treatment. 
Portability right The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to exercise their right to data portability. 
Right of revocation The interested party has the right, according to the provisions of articles from 15 to 22 of the GDPR to exercise their right to withdraw consent. 
Right of complaint The interested party has the right, according to the provisions of art. 77 of the GDPR to exercise their right to lodge a complaint with the supervisory authority.
AUTOMATED PROCESS
Is there an automated process? NO
Automated processes or profiling methods
Legal basis

The Data Controller reserves the right to make any changes deemed appropriate or made mandatory by current regulations to this information on the processing of personal data, at its sole discretion and at any time. On such occasions, users will be duly informed of the changes that have occurred.

The owner of

Bruno Zampa Ltd.
08/02/2020

Bruno Zampa
Bruno Zampa