+39 0744 405055 info@besitalia.it


Notice of Personal Data Processing Relating to Business Partners
According to art. 13 of the EU regulation 2016/679 of 27/04/2016

Pursuant to article 13 of EU regulation 2016/679 of 27/04/2016, hereinafter referred to as GDPR (General Data Protection Regulation), BES S.R.L., with registered office in Via Pacinotti, 19 – 05100 Terni, as the personal data holder, informs you about the following:
Personal data holder
The personal data holder is BES S.R.L., with registered office in Via Pacinotti, 19 – 05100 Terni,
Purpose of the processing of personal data
The personal data you provide shall be processed for the following purposes only:
a) draft and execute the contract and all related activities, such as, for example, invoicing, credit protection, administrative, managerial, organizational and services functional for the execution of the contract;
b) fulfil the obligations under the law, regulations, applicable legislation and other provisions of law-enforcement authorities and supervisory and control bodies.
The processing of personal data for the above-mentioned purposes does not require your express consent (art. 6, letter B) and e) of the GDPR).
c) perform the marketing and promotional activities of the holder of the products and the services, commercial communications, both via automated means (e.g. SMS, fax, Mms, email etc.) and traditional ones (by phone, mail) without the intervention of an operator.
d) conduct studies and market research.
The processing of personal data for the purposes referred to above requires your express consent (article 7 of the GDPR). The consent concerns both the automated and the traditional means described above. You shall always have the right to easily and freely oppose all or part of the processing of your personal data for the above-mentioned purposes, excluding, for example, electronic communication and expressing your willingness to receive commercial and promotional messages via traditional means only.
Mandatory or optional data provision and consequences for potential refusal to providing personal data
The data required for the purposes referred to in (a) and (b) must be provided for the fulfilment of the statutory obligations and/or for the conclusion and execution of the contractual relationship and for the provision of the requested services. Therefore, full or partial refusal to provide such data would entail the impossibility for the Supplier to establish and manage the relationship itself and to provide the requested service.
The provision of the personal data necessary for the purposes referred to in paragraphs (c)) and (d) is optional, therefore the refusal to provide such data would entail the impossibility to put the activities into practice.
How to process data
The processing of personal data is carried out by means of the operations indicated in art. 4 N. 2) GDPR for the purposes referred to above, both on paper and computer, via electronic or automated tools, in compliance with the laws in force regarding confidentiality and security and in accordance with the principles of fairness, lawfulness and transparency and protection of the rights of the client.
The processing is carried out directly by the organization of the controller, by its managers and/or appointees.
Communication and dissemination
Your personal data may be communicated to the subjects listed below within the limits strictly relevant to the obligations, tasks and purposes specified above and in compliance with the current legislation on the matter:
1. persons to whom such communication must be delivered in order to fulfil or to require the fulfillment of the obligations provided by laws, regulations and/or the community regulations;
2. companies belonging to the group of the data controller i.e. controlling, controlled or connected companies in accordance with art. 2359 of the Italian Civil Code, acting as the representatives for the data processing or acting for accounting and administrative purposes (purposes connected with carrying out internal, administrative, financial and accounting operations, which are functional to the fulfilment of contractual and pre-contractual obligations);
3. external individuals and/or legal persons providing services that are instrumental in the activities of the data owner for the purposes referred to in point 1 above. (e.g. call centers, suppliers, consultants, companies, agencies, professional firms). These subjects shall be responsible for processing the data.
Personal data shall not be disseminated in any way.
Retention period of personal data
The personal data referred to in points a) and b) shall be kept for the entire duration specified in the contract signed with the owner, at the end of which, the data shall be kept in order to fulfil the terms laid down by law for the preservation of administrative documents. They shall be then deleted. The personal data referred to in points c) and d) shall be retained for a maximum period of 10 years, at the expiration of which they shall be deleted.
Transfer of data
Personal data are kept on servers located within the European Union. It is, however, understood that the owner, if necessary, shall have the right to
move the servers outside the European Union. In this case, the holder must ensure that the transfer of the data takes place in accordance with the applicable legal provisions, following the stipulation of the standard contractual clauses laid down by the European Commission.
Rights of the interested party
The interested party has the following rights, which are referred to in art. 15 GDPR:
1. to obtain confirmation on whether your personal data exist or not, even if they have not yet been registered, and their communication in
intelligible form;
2. to be provided with the following information:
a) the origin of personal data;
b) the purposes and modes of data processing;
c) the logic applied in case data processing is carried out with the aid of electronic tools;
d) the identification details of the owner, the managers and the designated representatives pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, of the GDPR;
e) the subjects or categories of persons to whom the personal data may be communicated or that may become acquainted with them as the representatives appointed in the territory of the State, of the representatives or of the appointed persons;
3. to be provided with:
a) the update, rectification or, when interested, the integration of data;
b) the deletion, anonymous processing or blocking of the data processed in violation of the law, including those which are not required to be retained in relation to the purposes for which the data were collected or subsequently processed;
c) the attestation that the transactions referred to in a) and b) have been brought to the knowledge of those to whom the data have been communicated, also with regards to their content, except for when such fulfilment is impossible or entails using means in a manifestly disproportionate way with respect to the protected law;
4. fully or partly oppose the following:
a) legitimate reasons for processing your personal data, despite being relevant to the purpose of data collection;
b) the processing of your personal data for sending advertising or direct sale material or for conducting market research or commercial communication by using call-based automated systems via email and/or traditional marketing means such as telephone calls and/or mail, without the need for an operator to intervene.
Be reminded that the interested party retains the right to object. The right, which is specified in b), concerns the purposes of direct marketing via automated means and extends to the traditional ones. Nevertheless, the interested party retains the right to oppose in part. Therefore, the interested party can decide whether to receive communications via traditional means only, electronic communications or none of them. If applicable, the interested party also retains both the right referred to in articles 16-21 of the GDPR (right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object), and the right to complain to the Authority.
For any questions concerning the exercise of the rights referred to in art. 15 of the GDPR or for any questions or information concerning the processing of your data and the security measures taken you can forward the request to our company using the following address:
Via Pacinotti, 19
05100 Terni (Tr)
Phone +39 0744 405055

On this website we use first or third-party tools that store small files (cookie) on your device. Cookies are normally used to allow the site to run properly (technical cookies), to generate navigation usage reports (statistics cookies) and to suitable advertise our services/products (profiling cookies). We can directly use technical cookies, but you have the right to choose whether or not to enable statistical and profiling cookies. Enabling these cookies, you help us to offer you a better experience.