Supplier policy

LeCont S.r.l., Via del Garda, 4/A, 38068, Rovereto (TN), Italy, at Polo Tecnologico "Industria della Gomma", VAT number: 01711670222, informs you, pursuant to Art. 13 of Reg. UE 2016/679 (Reg. relative the protection of personal data, henceforth only "GDPR"), with regard to essential elements of the treatments carried out and illustrated below.

The categories of personal data processed

We use personal, identifying and non-sensitive data provided by you (such as example: name, surname, fiscal code, fiscal data, contact details, address billing).

Purposes of processing and legal basis

The personal data you provide allows us to carry out all the activities covered by the contract, fulfilling your requests, as well as to carry out all related activities to the fulfillment of our obligations, such as, administrative, tax and accounting. Specifically, your personal data are processed for the following purposes and bases legal:

• Activities related to the performance of the contract of which you are part, including the pre-contractual phase (examples of activities are: the acquisition of information prior to the conclusion of the contract, communication of requests and/or replies to requests received, management reports for administrative activities, accounting, orders, shipments, invoicing, services, fulfillment of contractual obligations and statutory); the legal basis for this purpose is contract and pre-contractual measures (Art. 6.1, letter b, GDPR)
• Activities related to the establishment and/or the exercise and/or the defense of rights (examples of activities are: disputes related to the proper performance of the contractual relationship, warning, recovery credits); the legal basis for this purpose is legitimate interest (Art. 6.1, letter f, GDPR)
• Keeping of accounting records; the legal basis is identifies the legal obligation (Art. 6.1, letter c, GDPR)
• Other activities in execution of legal obligation/orders Authority (such as communication to third parties); the legal basis is identifies the legal obligation (Art. 6.1, letter c, GDPR)

None of our processing is based on consent. The legal bases on which we operate are: contract, legal obligation and legitimate interest. We do not carry out processing with automated decision-making processes or profiling.

Times of storage of data

Your personal data will be kept for the time strictly necessary to to carry out the purposes described above and to fulfil the obligations laid down by law. In particular, for activities related to the performance of the contract of which you is part (including the pre-contractual phase), your personal data will be kept for the duration of the contractual relationship and, once the report, will be kept for purposes of assessment/exercise/defense of a the right of storage, for activities related to the investigation and/or the exercise and/or defence of rights, your personal data will be stored for 10 years, as provided for by the ordinary limitation period (Art. 2946 c.c.), save further storage in the event of interruption of the limitation period; for activities related to the retention by law, your personal data will be kept for 10 years for the purposes of compulsory archiving ex lege (Art. 2220 c.c.; 22, paragraphs 2 and 3 D.P.R. 29/09/1973, n. 600), subject to further preservation in the case of interruption of the limitation period; for other activities in compliance with the obligation to Law/Authority orders, referring to personal data we have for other purposes indicated in this information, the storage times coincide with those identified from time to time for the aforementioned purposes.

Consent and Optional/Mandatory Provision

The processing of your personal data, for the purposes explained above, may be made without your consent. The provision of your data is mandatory according to the contractual obligation, to fulfillments of law and/or regulations and is also a necessary requirement for the conclusion of the contract. Failure to provide your personal data for the purposes will, therefore, the impossibility, on our part, to give way to contracts and other related obligations, as well as to properly manage each other's trade relations.

Categories of recipients of data

Your personal data may be disclosed to third parties, for technical reasons closely linked to the purposes set out above and in particular to the following categories of subjects:

1. Entities, professionals, companies or other structures entrusted by us with the processing related to the fulfilment of administrative, accounting, insurance and management related to the ordinary performance of our economic activity, also for the purpose of credit recovery
2. To public authorities and administrations for related purposes the fulfilment of legal obligations or persons entitled to access them in accordance with of legal provisions, regulations, community regulations
3. Banks, financial institutions or other entities to which the transfer of the above data necessary to carry out the activities of our company in relating to our fulfilment of contractual obligations taken against him
4. Suppliers of installation, service and maintenance services computer and telematic systems and all functionally connected services; and necessary for the performance of the services covered by the contract
5. Persons authorised by us to process data who have committed to the confidentiality or have an adequate legal obligation of confidentiality (e.g. employees and collaborators)

Transfers abroad

The Data Controller does not transfer personal data outside the Space European Economic. The Data Controller, however, reserves the right to use cloud; in which case, service providers will be selected from those who provide adequate guarantees in compliance with the applicable legislation in force.

Method of treatment

The processing of your personal data will take place both in electronic and paper format. The processing will, however, be carried out mainly with computer tools and in any case with the observance of the minimum safety precautions and confidentiality of data. In particular, technical safety measures have been implemented, computer, organizational, logistical and procedural in order to prevent loss, use unlawful or irrelevant data and access to them without permission.

Rights of the data subject and complaint before the Guarantor

We inform you that regarding the processing of your personal data you can exercise the following rights:

1. Right to obtain access to your personal data (Art. 15 GDPR): may contact us to know if your personal data are being processed and legal information on processing
2. Right of rectification (Art. 16 GDPR): obtain the correction of your data inaccurate personal or incomplete integration of those
3. Right to erasure/oblivion (Art. 17 GDPR): obtain cancellation of your personal data, in the cases provided for by law
4. Right to restriction of processing (Art. 18 GDPR): obtain the submission of your personal data to storage only, with the exclusion of other activities, in the cases provided for by law
5. Right to portability (Art. 20 GDPR): obtain your personal data in a structured format, commonly used and readable by automatic device and obtain, also, the direct transmission to another data controller, in the hypotheses provided for by law
6. Right to object (Art. 21 GDPR): right to stop further processing personal data for reasons related to your particular situation, save prevalence of our compelling legitimate reasons, in the cases provided for by law
7. Right to withdraw consent (Art. 7.3 GDPR): right to revoke consent any time consent for cases where the processing is based on the consent

To exercise these rights you can use the Data Controller's contacts provided in the this information. The exercise of rights is not subject to any formal constraint and is free of charge. We also inform you of your right to lodge a complaint before the Authority Competent Data Protection. We remind that the complaint, pursuant to Art. 77.1 GDPR, may be promoted by the data subject to the Authority the place where the person habitually resides, where he works or where he or she is verified the alleged infringement.

Data controller

The data controller is: LeCont S.r.l. Contact details of the data controller:

• Email: commerciale@lecont.com
• Phone: +39 0464 429602
• Registered office and shipping warehouse: Via del Garda, 4/A, 38068, Rovereto (TN), Italy, at Polo Tecnologico "Industria della Gomma", Italy

Amendments

This policy has been in force since 25 May 2018. We reserve the right to modify or simply update the content, in part or completely, also due to changes in the applicable legislation. We will inform you of such changes as soon as will be introduced. I, the undersigned/a, declare that I have read the above information.