EN IT linkedin
Customer information notice

Customer information notice


Notice on the Processing of Personal Data pursuant to Articles 13-14 of EU Regulation 2016/679

 

Data Subjects: Customers

 

Saidtools S.r.l., in its capacity as the Data Controller of your personal data, in accordance with the provisions of EU Regulation 2016/679, hereinafter referred to as “the GDPR,” hereby informs you that the aforementioned regulation ensures the protection of individuals in relation to the processing of personal data and that such processing will be based on the principles of fairness, lawfulness, transparency and the protection of your privacy and rights.

 

Your personal data, as well as the data of individuals acting on behalf of your company as authorised staff, will be processed in accordance with the legislative provisions of the aforementioned regulation and the confidentiality obligations established therein.

 

Purpose and legal basis of processing: specifically, your data will be processed for the following purposes related to the fulfilment of obligations arising from legislative or contractual requirements:

 

Management of the contractual relationship, including pre- and post-contractual activities related to the design, development and production of solutions in the abrasive tools sector (legal basis: contract execution pursuant to Article 6, paragraph 1, point b)

Improvement of management systems in business processes through testing protocols in accordance with ISO 9011 certification (legal basis: contract execution pursuant to Article 6, paragraph 1, point b)

Fulfilment of mandatory legal obligations in the tax and accounting sectors (legal basis: legal obligation pursuant to Article 6, paragraph 1, point c)

Compliance with legal obligations, regulations and national and/or EU legislation (legal basis: legal obligation pursuant to Article 6, paragraph 1, point c)

Investigative actions aimed at verifying, asserting or protecting a right in legal proceedings (legal basis: legitimate interest of the Data Controller pursuant to Article 6, paragraph 2, point f).

 

The processing of data necessary to fulfil these obligations is essential for the correct management of the client relationship, and providing such data is mandatory to achieve the purposes outlined above. The Data Controller also informs you that failure to provide, or incorrect provision of, any of the mandatory information may prevent the Data Controller from ensuring the correct execution of the processing.

 

Methods of processing: your personal data may be processed in the following ways:

 

Processing by means of electronic computers

Manual processing using paper archives

 

All processing is performed in compliance with the provisions of Articles 6 and 32 of the GDPR and through the adoption of appropriate security measures.

 

Communication: your data may only be disclosed to public bodies and offices to which tax data must be reported (e.g. Inland Revenue Agencies), as well as banks and credit institutions. If necessary for providing the requested services, data may also be shared with competent and duly appointed parties involved in the proper management of the client relationship, such as consultants and service providers, with safeguards in place to protect the rights of the data subject.

 

Your data will be processed exclusively by staff expressly authorised by the Data Controller.

 

Disclosure: your personal data will not be disclosed in any way.

Retention Period: We wish to inform you that in compliance with the principles of lawfulness, purpose limitation and data minimisation pursuant to Article 5 of the GDPR, the retention period of your personal data is:

 

Accounting and tax data: 10 years in compliance with obligations related to the retention of accounting and tax records (Article 2,220 of the Italian Civil Code, which requires holding accounting records for 10 years; Article 22 of Presidential Decree No. 600 of 29 September 1973).

 

- other data: 10 years from the termination of the contract’s validity or, in the event of disputes, for the duration of the statute of limitations established by law to protect the related rights.

 

Rights of the data subject

 

1. The data subject has the right to obtain confirmation as to whether personal data concerning him or her exists, even if it has not yet been recorded, and to receive such data in an intelligible form.

 

2. The data subject has the right to obtain information on:

a. the origin of personal data.

b. the purposes and methods of processing.

c. the methods used in cases in which data is processed using electronic equipment.

d. information identifying the data subjects, processors and designated representative, in accordance with Article 5, paragraph 2.

e. the individuals or categories of individuals to whom personal data may be communicated, or who may be made aware of the data by the representative designated in Italy, or managers and nominees.

 

3. The data subject has the right to:

a. request the updating, correction or, if necessary, the integration of their data.

b. cancel, anonymise or restrict data transferred in breach of the law, including any data stored when not necessary for the purposes for which it was collected or subsequently processed.

c. confirmation that the operations referred to in points a) and b) have been communicated, including their content, to those to whom the data has been disclosed or disseminated, except in cases in which data compliance is impossible or involves the use of means that are manifestly disproportionate to the rights being protected.

d. data portability.

 

4. The data subject has the right to fully or partially object:

a. for legitimate reasons to the processing of personal data concerning him or her, even if not strictly relevant to the purpose of the collection.

 

5. The data subject has the right to request the restriction of processing.

 

The data subject may exercise his or her rights by sending an e-mail to saidtools@saidtools.com or by submitting a written request to the contact details specified above.

 

Additionally, if the data subject believes that the processing of his or her personal data breaches the applicable legislation, he or she may file a complaint with the Data Protection Authority in accordance with Article 77 of Regulation 2016/679, or file a report pursuant to Article 144 of Italian Legislative Decree No. No. 101/2018