Menu

The Group

Explore

Home > GENERAL DATA PROTECTION REGULATION TO SUPPLIERS

GENERAL DATA PROTECTION REGULATION TO SUPPLIERS

PURSUANT TO ART. 13–14 OF REGULATION (EU) 2016/679

Data Controller

Eurofork S.p.A.

Via Roma 93, 10060 Roletto (TO) – Italy

VAT / Tax Code 07953860017

Email: privacy@eurofork.com – PEC: euroforkspa@pec.it

Purpose of the processing

The personal data of suppliers and their contact persons are processed for the following purposes:

  1. Operational and administrative management of the contractual relationship (orders, deliveries, invoicing)
  2. Tax, accounting and regulatory obligations (e.g. VAT obligations, withholdings, traceability)
  3. Technical and organizational communications related to the provision of services or the supply of goods
  4. Verification of security, quality, contribution and contractual regularity requirements
  5. Physical and digital access management (badges, logs, CCTV surveillance if applicable)

Types of data processed

  • Identification and contact data (name, surname, e-mail, telephone, role)
  • Tax and contractual data (VAT number, bank details, contracts, certifications)
  • Access and security data (access logs, badges, video surveillance images – if any)

Legal basis of the processing

  • Performance of a contract or pre-contractual measures (Art. 6.1.b GDPR)
  • Compliance with legal obligations (Art. 6.1.c GDPR)
  • Legitimate interest of the Data Controller (art. 6.1.f GDPR), in particular for security, organization and quality purposes

Recipients of the data

The data can be communicated to:

  • Tax, legal and employment consultants
  • Public bodies and competent authorities (e.g. Revenue Agency, INPS, INAIL)
  • Data processors appointed by Eurofork S.p.A. (e.g. FT Invest S.r.l., IT suppliers)
  • Customers or certifying bodies, if required by contractual or regulatory obligations

Transfers outside the EU

The data is not transferred outside the European Economic Area. In the case of use of cloud services or digital tools based outside the EU, Standard Contractual Clauses (SCCs) or other guarantee tools provided for by the GDPR will be adopted.

Retention period

The data will be kept for 10 years from the termination of the contractual relationship, except for legal obligations or defense requirements in court.

Rights of the data subject

The data subject has the right to:

  • access his/her personal data
  • request its rectification or cancellation
  • restrict or object to its processing
  • request portability
  • make a complaint with the Data Protection Authority
  •  

Requests can be sent to: privacy@eurofork.com

Contact details of the Data Controller

Email: privacy@eurofork.com

Last updated: 30th September 2025