Privacy Policy for Customers and Suppliers

pursuant to and in accordance with art. 13 of the EU Regulation 2016/679
Dear Customer / Supplier,
we wish to inform you that the EU Regulation n. 679 of the 27th April, 2016 on the processing of personal data provides for the protection of physical and juridical persons with regard to the processing of personal data.

Pursuant to and for the purposes of art. 13 of the EU Regulation 2016/679, we kindly ask you to take note of the information.

  1. Identity of the Data Controller
This website is managed by RAME SERVICE S.r.l. established in Via Del Mare 19/B22, 10040 Piobesi Torinese (TO), Italia, P.I. 06440180013.

  1. Purpose of the processing
The processing of personal data provided is aimed at carrying out pre-contractual and contractual obligations; at allowing the fulfillment of the obligations provided for by provisions regarding health and safety in the workplace, civil, fiscal, accounting and more generally by the regulatory obligations connected with the execution of the contract; at managing any disputes and complaints; at managing any audits at our or your site; at granting a credit and also at taking out a credit insurance policy.
The legal basis of the processing is the contract or the pre-contractual negotiations, initiated upon request of the interested party.

  1. Methods of processing
Personal data will be processed in paper, computerized and telematic form and entered into the relevant databases that can be accessed by those in charge of data processing.
The processing may also be carried out by third parties who provide specific processing, administrative or instrumental services aimed to achieve the over mentioned purposes.
All data processing operations are implemented in order to ensure the integrity, confidentiality and availability of personal data.

  1. Data retention period
The data provided will be kept for the duration of the contractual relationship in accordance with the terms of law.

  1. Scope of communication and disclosure of data
For the purposes indicated by point 2, the personal data processed by the Data Controller will not be disclosed, or will not be disclosed to undetermined subjects, in any possible form, including the availability or simple consultation.
It can be instead communicated to those who are employed by the Data Controller and to some external parties who collaborate with them.
It may also be communicated, only if strictly necessary, to parties who for the purpose of processing purchases or other requests or services relating to the transaction or the contractual relationship with the Data Controller, must supply goods and / or perform services.
Finally, it can be communicated to those parties entitled to access it in accordance with provisions of the law, regulation or legislation. In particular, based on the roles and duties performed, some employers have been authorized to process personal data, within the limits of their competences and in accordance with the instructions by the Data Controller.

  1. Data transfer
The Data Controller does not transfer personal data to third countries or international organizations. However, the Data Controller reserves the right to use in cloud services, in which case, the service providers will be selected from those who provide appropriate guarantees, as required by art. 46 GDPR 679/16.

  1. Refusal by the interested party to provide data
Customers / Suppliers natural or legal persons acting in the name and on behalf of Customers / Suppliers legal persons cannot refuse to provide the Data Controller with the personal data needed to comply with the laws governing commercial transactions and taxation. The provision of further personal data may be necessary to improve the quality and efficiency of the transaction. Refusal to provide the Data required by law will prevent the order fulfilment; while failure to provide additional data may compromise all or part of the processing status of other requests and the quality and efficiency of the transaction itself.
Persons acting in the name and on behalf of Customers / Suppliers legal persons may refuse to provide the Data Controller with its personal data. However, the provision of personal data is necessary for the correct and efficient management of the contractual relationship. Therefore, any refusal to grant data may compromise the contractual relationship in whole or in part.

  1. Rights of the interested party
With reference to the articles of GDPR 679/16:
  • art.15 right of access
  • art.16 right of correction
  • art.17 right to cancellation
  • art.18 right to limit the treatment
  • art.20 right to portability
  • art.21 right to object
  • art.22 right to object to automated decision-making process

The interested party exercises his/her rights by contacting the Data Controller as indicated in point 1, or by e-mail to info@rameservice.com , specifying the subject of his/her request, the right he/she intends to exercise and attaching a copy of a valid identity document that certifies the legitimacy of the request. With reference to articles 15 - right of access, 16 - right of rectification, 17 - right to cancellation, 18 - right to limitation of treatment, 20 - right to portability, 21 - right of opposition, 22 right to object to automated decision-making process of GDPR 679 / 16, the interested party exercises his/her rights by writing to the Data Controller at the address above, or by email at info@rameservice.com, specifying the subject of his/her request, the right he/she intends to exercise and attaching a copy of a valid identity document that certifies the legitimacy of the request.

Withdrawal of consent
With reference to the art. 23 of Legislative Decree 196/2003 and art. 6 of the GDPR 679/16, the interested party can revoke the consent at any time.

Proposition of a complaint
The interested party has the right to lodge a complaint with the supervisory authority of the State of residence.

Refusal by the interested party to provide data
The interested party may refuse to provide the Data Controller with his/her browsing data. This requires disabling cookies by following the instructions provided by the browser used. Disabling cookies may compromise the correct browsing and the use of the site's features.

Automated decision-making processes
The Data Controller does not carry out processing consisting of automated decision-making processes.