This is to inform customers/suppliers (data subjects) and their representatives (hereinafter, the “data subjects” pursuant to Art.4.1 of the GDPR) that the professional relationships established with the undersigned Controller may involve the processing of personal data, in accordance with the following general principles:
The Controller processes personal data identifying the customer/supplier (e.g. name, last name, company name, personal/tax data, address, telephone number, email address and bank and payment information) and its representatives (name, last name and contact details) acquired and used in the context of the provision of services by the Controller.
The data is processed to:
Failure to provide such data will make it impossible to establish a relationship with the Controller. The above-mentioned purposes are, in accordance with Art. 6.b/c/f, suitable legal bases for lawful processing. The data subjects shall be asked to give specific consent should the Controller intend to carry out processing for other purposes.
The personal data is processed by way of the operations indicated in Art. 4.2) of the GDPR, i.e.: collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of the data. Personal data is processed using hard copy and electronic and/or automated operations. The Controller will process personal data for the amount of time necessary to fulfil the purposes for which it was collected and to meet the related legal obligations.
The data is processed by internal subjects regularly authorized and trained in accordance with Art. 29 of the GDPR. Data subjects may also ask about the scope of communication of their personal data and receive specific information on any third parties operating as Data Processors or independent Controllers (consultants, technicians, banks, forwarding agents, etc.). In addition, the personal data may be disclosed between the group companies. The data is not disseminated or transferred to non-EU countries. If it becomes necessary, in the context of tenders/contracts or to fulfil regulatory obligations (e.g. joint and several liability and anti-corruption, anti-mafia, anti-money laundering reporting obligations, etc.), to acquire the personal data of customers’/suppliers’ employees from such customers/suppliers, the parties agree that the undersigned company shall be entitled to process such data in its capacity as Processor (Art. 28 GDPR) or processor acting under the authority of the Controller or Processor (Art. 29 GDPR). As part of this relationship, the undersigned company undertakes to process such data in accordance with the requirements of the GDPR, ensuring that any disclosure to other third parties shall occur exclusively within the scope of specific legal obligations.
Policy for the Sitip S.p.A. Facebook fanpage and Instagram account.
Sitip S.p.A. hereby establishes the essential rules for the correct use of its fanpage by the company and the people who interact with the page.
We ask users to follow these rules of good conduct on the page:
The following constitute violations of the rules of use for the Sitip S.p.A. page and will therefore be handled by deleting the messages and/or by blocking the users from the page:
Sitip S.p.A. reserves the right to report to the competent Authority any abuse or violation of the law, providing the information (messages, comments etc.) and any data that is useful and/or expressly requested by the Authority to prevent and repress any alleged offences.
