PRIVACY NOTICE FOR CUSTOMERS AND SUPPLIERS
pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 (GDPR)
Tessile Fiorentina Company S.r.l., with registered office in Via Fonda di Mezzana 35/3 –
59100 Prato (PO), Italy, VAT / Tax Code 02070730979, e-mail: info@tessilefiorentinaco.it,
certified e-mail (PEC): tessilefiorentinaco@pec.uipservizi.it, in its capacity as Data
Controller (hereinafter, the “Controller”), informs you that personal data relating to
customers, suppliers, contact persons, collaborators and representatives of customer and
supplier organizations will be processed in compliance with the principles of lawfulness,
fairness, transparency, data minimization, integrity and confidentiality laid down in Regulation
(EU) 2016/679 (“GDPR”).

1. Categories of personal data processed

The Controller may process common personal data such as, by way of example:
• identification and personal details;
• company name, business name, job title or role;
• telephone numbers, e-mail addresses, certified e-mail addresses (PEC), registered
office or business addresses;
• banking and tax data;
• data contained in business correspondence, orders, contracts, quotations,
administrative and accounting documents.
Personal data may be collected directly from the data subject, from the company or
organization to which the data subject belongs, as well as from public sources or third parties
in connection with the business relationship.

2. Purposes of processing and legal bases

Personal data are processed for the following purposes:
a) management of pre-contractual and contractual relationships
including requests for information, quotations, offers, orders, supply management,
performance of contracts, logistics, assistance and operational communications.
Legal basis: performance of pre-contractual measures taken at the request of the data
subject or performance of a contract to which the data subject is party, pursuant to Article
6(1)(b) GDPR.
b) compliance with legal, regulatory, tax, administrative and accounting obligations
connected with the management of relationships with customers and suppliers.
Legal basis: compliance with a legal obligation to which the Controller is subject, pursuant to
Article 6(1)(c) GDPR.
c) protection of the Controller’s rights
including handling disputes, complaints, debt collection, fraud prevention, and the
establishment, exercise or defense of legal claims, whether out of court or in court
proceedings.
Legal basis: legitimate interest of the Controller, pursuant to Article 6(1)(f) GDPR.
d) sending informational or promotional communications relating to the Controller’s
products, services, events, trade fairs and initiatives to existing customers
within the limits permitted by applicable law and with the possibility to object at any time.
Legal basis: legitimate interest of the Controller, where applicable, or consent where required
by law.

3. Nature of data provision

Providing personal data for the purposes referred to under points 2(a) and 2(b) is necessary for
the management of the pre-contractual and contractual relationship and for compliance with
legal obligations. Failure to provide such data may make it impossible to establish or continue
the relationship.
Providing personal data for promotional purposes, where based on consent, is optional.

4. Processing methods

Personal data are processed by paper and electronic means, according to principles and
methods strictly related to the purposes stated above, and by adopting appropriate technical
and organizational measures to ensure a level of security appropriate to the risk. Data are
processed by authorized personnel who are subject to confidentiality obligations.

5. Recipients of personal data

Personal data may be disclosed, within the limits of the purposes set out above, to:
• authorized internal staff;
• consultants and professional advisors;
• banks and insurance companies;
• providers of administrative, IT, logistics and organizational services;
• outsourced service providers acting on behalf of the Controller;
• public administrations, authorities, public bodies and supervisory entities, where
required by law.
Such parties may act, depending on the circumstances, either as independent data
controllers or as data processors duly appointed by the Controller.

6. Transfer of personal data outside the EU

As part of its commercial activity, including international business operations, the Controller
may transfer personal data to countries located outside the European Economic Area. In such
cases, the transfer will take place in compliance with Chapter V of the GDPR, on the basis of
an adequacy decision of the European Commission or by adopting appropriate safeguards,
including the Standard Contractual Clauses (SCCs) approved by the European
Commission.

7. Data retention period

Personal data will be retained for the time necessary to achieve the purposes for which they
were collected and, in particular:
• for the entire duration of the pre-contractual and contractual relationship;
• thereafter, for the period required by applicable civil, tax, accounting and
administrative laws;
• for the time necessary to handle any disputes or to protect the Controller’s rights;
• for promotional purposes, until the data subject objects, or for such other period as
may be permitted by applicable law.

8. Rights of the data subject

Where applicable, the data subject may exercise the rights provided for in Articles 15 to 22
GDPR, including:
• the right to access personal data;
• the right to rectification;
• the right to erasure;
• the right to restriction of processing;
• the right to object to processing;
• the right to data portability, where applicable.
The data subject also has the right to lodge a complaint with the competent supervisory
authority for data protection.

9. How to exercise data subject rights

To exercise the above rights and for any request relating to the processing of personal data,
the data subject may contact the Controller at the following addresses:
Tessile Fiorentina Company S.r.l.
Via Fonda di Mezzana 35/3 – 59100 Prato (PO) – Italy
E-mail: info@tessilefiorentinaco.it
PEC: tessilefiorentinaco@pec.uipservizi.it

Cookie	Duration	Description
_ga		The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_228685135_1		Set by Google to distinguish users.
_ga_CN4Z4E9EYX		This cookie is installed by Google Analytics.
_gid		Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. Some of the data that is collected includes the number of visitors, their origin and the pages they visit anonymously.

Privacy notice for customers and supplier

We Care About Your Privacy