Privacy Policy Clients and Providers

Privacy Policy for the Processing of Personal Data pursuant to Articles 13-14 of EU Regulation 2016/679

Data Subjects: Clients, suppliers.

Infordata Sistemi Srl

Strada per Vienna 55/1
34151 Trieste (TS)
Tel: 040367189
VAT number 00933570327
Code: Doc. 10761.51.346812.2697736

Infordata Sistemi Srl, as Data Controller of your personal data, in accordance with EU Regulation 2016/679 (GDPR), hereby informs you that this regulation provides protection for individuals regarding the processing of personal data, which will be carried out in compliance with the principles of fairness, lawfulness, transparency, and protection of your privacy and rights.

Your personal data will be processed in accordance with the legal provisions of the aforementioned regulation and the confidentiality obligations provided therein.

Purpose and legal basis for the processing: In particular, your data will be processed for the following purposes related to the fulfillment of legal obligations:

  • mandatory compliance with tax and accounting laws;
  • compliance with legal obligations.

Your data will also be used for the following purposes related to the execution of contractual or pre-contractual measures:

  • supplier management;
  • quality management;
  • activity planning;
  • order history for supplies.

Processing methods: Your personal data may be processed in the following ways:

  • outsourcing of processing operations to third parties;
  • processing by means of computers;
  • manual processing on paper archives.

All processing is carried out in compliance with the methods specified in Articles 6 and 32 of the GDPR and by adopting the necessary security measures.

Your data will be processed only by personnel expressly authorized by the Data Controller, particularly by the following categories of employees:

  • Agents;
  • Commercial and Marketing Department;
  • Purchasing Office;
  • Administration Office.

Communication: Your data may be communicated to external entities for proper relationship management, particularly to the following categories of recipients, including all duly appointed Data Processors:

  • banks and credit institutions;
  • consultants and professionals, even in association form;
  • public and/or private entities for which data communication is mandatory or necessary for compliance with legal obligations or for the administration of the relationship;
  • freight forwarders, carriers, postal services, logistics companies.

Dissemination: Your personal data will not be distributed in any way.

Retention period: In compliance with the principles of lawfulness, purpose limitation, and data minimization, as specified in Article 5 of the GDPR, the retention period for your personal data is:

  • established for a period not exceeding the achievement of the purposes for which they were collected and processed for the execution and completion of contractual purposes;
  • established for a period not exceeding the provision of the services.

Data Controller: The Data Controller, in accordance with the law, is Infordata Sistemi Srl (Strada per Vienna 55/1, 34151 Trieste (TS); e-mail:; phone: 040/367189; VAT number: 00933570327), represented by its legal representative pro tempore.

You have the right to obtain from the Data Controller the erasure (right to be forgotten), restriction, updating, rectification, portability, and objection to the processing of your personal data, and in general, you can exercise all the rights provided for in Articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR.

EU Regulation 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22 – Data Subject’s Rights

The data subject has the right to obtain confirmation whether personal data concerning them exists, even if not yet recorded, and their communication in an intelligible form, as well as the right to lodge a complaint with the supervisory authority.

The data subject has the right to obtain:

  • information about the source of personal data;
  • information about the purposes and methods of processing;
  • information about the logic applied in case of processing carried out with the help of electronic tools;
  • identification details of the Data Controller, Data Processors, and the designated representative pursuant to Article 5, paragraph 2;
  • information about the recipients or categories of recipients to whom the personal data may be disclosed or who may become aware of it as designated representative(s) in the territory of the State, Data Processors, or persons in charge.

The data subject has the right to obtain:

  • updating, rectification, or, when interested, integration of data;
  • erasure, anonymization, or blocking of data processed unlawfully, including data that does not need to be retained in relation to the purposes for which it was collected or subsequently processed;
  • notification that the operations referred to in points a) and b) have been brought to the attention, also regarding their content, of those to whom the data has been communicated or disclosed, except when this proves impossible or involves a disproportioned effort compared to the protected right;
  • data portability.

The data subject has the right to object, in whole or in part:

  • on legitimate grounds, to the processing of personal data concerning them, even when pertinent to the purpose of the collection;
  • to the processing of personal data concerning them for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication.