PRIVACY NOTICE FOR LEGAL ENTITY

Dear Sir/Madame,

we process, for business purposes, as better specified below, information that concerns you, your personal data, in your capacity as representative, delegate or agent, of a legal person, or entity that maintains relationships with us. To this end, as required by the European legislation for the protection of personal data (European Regulation 679/2016), we provide you with the following information.

1. Data Controller and Data Protection Officer.

The Data Controller, or the entity responsible for decisions regarding the purposes, methods and security of personal data, is the company F.lli Pisa Srl with headquarters in Milan, via Montenapoleone n.9, 20121 Milan, tel 0276021998, email compliance@pisa1940.com, PEC f.llipisa@legalmail.it.

The Data Protection Officer (DPO) can be reached both at the contact points of the owner and at the email address dpo@pisa1940.com.

1. Purposes and legal bases of the processing .

The personal data that you provide us and that may be collected during the relationship will be processed for the purposes according to the legal bases indicated below:

Purpose (Why we process your data)	Legal basis (On the basis of which legal provision we process them.)	Consequences in case of refusal to treatment (What happens if you refuse to provide personal data and/or to authorize the processing)
Fulfilment of contracts to which the legal person you represent is a party, or execution of pre-contractual measures adopted at the request of the same.	Art. 6, Par. 1, Lett. b) GDPR - the processing is necessary for the performance of a contract to which the interested party is party or in order to take steps at the request of the interested party prior to entering into a contract.	Consent is not required, however, if you refuse to provide personal data, the relationship or request cannot be processed.
Fulfillment of legal obligations in accounting and tax matters related to the existing relationship.	Art. 6, Par. 1, Lett. c) GDPR - processing is necessary for compliance with a legal obligation to which the data controller is subject.	Consent is not required, however, if you refuse to provide personal data, the contract cannot be processed.
Selection, training and maintenance of a list of the Company's suppliers	Art. 6, Par. 1, Lett. f) GDPR – legitimate interest of the Company in forming and maintaining a list of its suppliers, including selection activities.	No consent required. An objection may be made at any time. The treatments prior to the opposition remain valid.

 

 

 

1. Recipients and categories of data processed.

The personal data provided by you or acquired during the relationship will be processed exclusively by personnel authorized for this purpose or by data controllers designated for this purpose.

In addition to the subjects to whom the law requires mandatory communication, your data may be communicated exclusively to:

Purpose	data category	recipients
Accounting, administrative and tax obligations. Compliance with legal and statutory obligations.	Identifiers of representatives or contract referents.	Professionals and/or companies that carry out accounting/fiscal data processing activities, auditing firms, supervisory bodies.

1. Moving abroad

Your personal data is not transferred outside the European Union.

1. Period of retention of personal data and criteria used

The personal data subject to processing are collected in documents whose conservation is established consistently with the processing purposes as summarised below.

Document	Duration of storage
Contract documentation	Ten years from the termination of the contractual relationship except for legitimate reasons for suspension.
Administrative, accounting and tax documentation.	Ten years from the termination of the contractual relationship except for legitimate reasons for suspension.

6. Rights of the interested party.

You, as an interested party, have the right to obtain from us, as Data Controllers, in the cases provided for, access to your personal data and the correction or cancellation of the same or the limitation of the processing that concerns them or to oppose the processing (articles 15 and following of the Regulation). The specific request, formulated in writing, is presented to our contact details indicated above.

7. Right to complain

If you believe that the processing of your personal data in relation to the existing relationship is in violation of the provisions of the Regulation, we inform you that you have the right to lodge a complaint with the Guarantor, as provided for by art. 77 of the Regulation itself, or to take appropriate legal action (art. 79 of the Regulation).

8. Collaboration

The protection of your data and compliance with the principles set forth by the legislation, with particular reference to the principle of transparency, are values ​​of primary importance to us. We would be grateful if you would help us by reporting any misunderstandings of this document or by suggesting improvements to the owner's references as indicated above.