Privacy Policy - Dovaro Industries

INFORMATION PURSUANT TO ART. 13-14, GDPR EU/2016/679 and Legislative Decree 101/2018

European Regulation EU/2016/679 (hereinafter "Regulation") establishes rules regarding the protection of individuals with regard to the processing of personal data, as well as rules regarding the free movement of such data.

In compliance with the principle of transparency provided for in Article 5 of the Regulation, Dovaro Spa, as the Data Controller, provides you with the information required by Articles 13 and 14 of the Regulation.

Purpose of Treatment

The processing of your personal data will be based on the principles of fairness, lawfulness and transparency, protecting your confidentiality, your rights and in accordance with the privacy policy of the Entity/Company. The Entity/Company also undertakes to process your data in accordance with the principle of "minimization," i.e., acquiring and processing data limited to what is necessary with respect to the following purposes:

◊ For the treatment Customer-supplier management.
(a) Goods shipment activities
(b) Acceptance of goods
(c) Switchboard activities
d) Contract management
e) After-sales service activities
(f) Tax compliance management
g) Purchasing activities

Treatment	Customer management
Criteria	Purpose	Consent
the processing is necessary for the performance of a contract to which the data subject is party or the performance of pre-contractual measures taken at the request of the data subject	Freight forwarding activities Acceptance of goods Switchboard Activities Contract management After-sales service activities Purchasing activities	In relation to related purposes, processing may be carried out without your consent
the processing is necessary to comply with a legal obligation to which the data controller is subject	Tax compliance management	In relation to related purposes, processing may be carried out without your consent

◊ For treatment Quality system management:
(a) Quality system management activities.

Treatment	Quality System Management
Criteria	Purpose	Consent
the processing is necessary for the performance of a contract to which the data subject is party or the performance of pre-contractual measures taken at the request of the data subject	Quality system management activities	In relation to related purposes, processing may be carried out without your consent

The provision of your personal data and consent to processing is mandatory, for the purposes of:
◊ For processing Customer management:
(a) Goods shipping activities
(b) Goods acceptance
c) Switchboard activities
(d) Contract management
(e) After-sales service activities
(f) Tax compliance management
g) Purchasing activities

◊ For treatment Quality system management:
(a) Quality system management activities.

and your refusal to provide the data will result in the total impossibility of entering into the contract.

Mode of Treatment

The processing of your personal data will be carried out using paper and computer tools in compliance with the provisions on the protection of personal data and, in particular, with the appropriate technical and organizational measures referred to in Article 32.1 of the Regulations, and with the observance of all precautionary measures that guarantee their relative integrity, confidentiality and availability.

Source from which the data originated

Treatment	Customer management
Treatment	Quality System Management
Criteria	Purpose	Consent
DATA COLLECTED FROM THE DATA SUBJECT	TYPE OF DATA	SOURCE
Customers-suppliers

Categories of recipients

Your personal data may be disclosed, strictly in relation to the above purposes, to the following parties or categories of parties:

◊ For treatment Client-supplier management.
(a) Banks
b) Agents
c) Consultants and freelancers, including in associated form
d) Insurance companies

We also inform you that:

The communication of your data to the categories of subjects mentioned in (a), (b), (c), (d) is necessary to execute the contract to which you are a party.

◊ For treatment Quality system management:
(a) Consultants and freelancers, including in associated form.

We also inform you that:

The communication of your data to the categories of subjects mentioned in (a) is necessary to execute the contract to which you are a party.

In relation to these categories of recipients, the Data Controller undertakes to rely exclusively on individuals who provide adequate guarantees regarding data protection, and will appoint them as Data Processors pursuant to Article 28 of the Regulations. The list of Data Processors is available at the Entity/Company and may be viewed upon request to the Data Controller.

In addition, your data will be processed, exclusively for the above purposes, by employees and/or collaborators of the Entity/Company, specifically authorized and instructed by the Data Controller in accordance with Article 29 of the Regulations.

Your personal data will not be disseminated, except when required by a law or regulation or by EU legislation.

Transfer of personal data

◊ For processing Customer-supplier management-Quality system management:
Your personal data will not be transferred to non-European countries or international organizations.

Retention period

Treatment	Customer-supplier management
CATEGORIES OF DATA	RETENTION PERIOD	REGULATORY REFERENCES
Biographical data (first name, last name, gender, place and date of birth, residence, domicile)	10 years	Articles 2409 bis-2409 septies Civil Code. The regulations govern the auditing obligations to which companies are subject.
Contract data (contract value, subject matter, terms, conditions, etc.).	10 years	Articles 2409 bis-2409 septies Civil Code. The regulations govern the auditing obligations to which companies are subject.
Contact information (phone number, e-mail, etc.).	10 years	Articles 2409 bis-2409 septies Civil Code. The regulations govern the auditing obligations to which companies are subject.
Invoices	10 years	Articles 2409 bis-2409 septies Civil Code. The regulations govern the auditing obligations to which companies are subject.
Bank details	10 years	Articles 2409 bis-2409 septies Civil Code. The regulations govern the auditing obligations to which companies are subject.

Treatment	Quality System Management
CATEGORIES OF DATA	RETENTION PERIOD	REGULATORY REFERENCES
Biographical data (first name, last name, gender, place and date of birth, residence, domicile)	10 years	Articles 2409 bis-2409 septies Civil Code. The regulations govern the auditing obligations to which companies are subject.
Invoices	10 years	Articles 2409 bis-2409 septies Civil Code. The regulations govern the auditing obligations to which companies are subject.
Sales contract data (contract value, subject matter, terms, conditions, etc.).	10 years	Articles 2409 bis-2409 septies Civil Code. The regulations govern the auditing obligations to which companies are subject.

Rights granted to the data subject

You may at any time exercise your rights under Articles 15-22 of the Regulations against the Controller.

In particular, at any time, you will have the right to ask:

Access to your personal data;
Their correction in case of inaccuracy of the same;
cancellation;
The restriction of their processing.

It will also have:

the right to object to their processing if they are processed in pursuit of a legitimate interest of the Data Controller, if it considers its fundamental rights and freedoms have been violated;
The right to revoke your consent at any time in relation to the purposes for which it is needed;
The right to portability of your data, i.e., the right to request and receive in a structured, commonly used, machine-readable format, personal data relating to you.

Identity and contact details of the Data Controller

The Data Controller is: Dovaro Spa, operational headquarters: Strada Statale 11 -4/a Gambellara (VI), tel.: 0444648350, e-mail: info@dovaro.it

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the "Necessary" category.
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the "Performance" category.
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.