Skip links
Arredamenti Ivan Tuani

GDPR Privacy Notice for Business Clients

EU REGULATION 2016/679 (GDPR), Legislative Decree 101/2018, amended Legislative Decree 196/2003 CLIENT PRIVACY NOTICE

Please note:

  • The Data Controller determines the purposes and means of personal data processing;
  • The Data Controller promotes, offers, and provides goods and services to its clients;
  • In the course of providing such goods and services, the Data Controller processes the Client’s personal data.

The following information is provided:

  1. DATA CONTROLLER – The Data Controller (hereinafter “Controller”) is ARREDAMENTI IVAN TUANI S.R.L., VAT No. 10103000963, headquartered at Via Maestri del Lavoro 8/10 – 20813 BOVISIO MASCIAGO (MB), Italy. Tel: +39 0362 594497, Email: info@ivantuani.it, Certified Email (PEC): ivantuanisrl@pec-certif.it
  1. PURPOSES OF PROCESSING – All personal data processing activities are carried out for the following purposes:
  • To establish and execute contractual relationships, including acquiring preliminary and preparatory information, as well as providing pre-sales and post-sales support;
  • To fulfill legal obligations, including tax and regulatory requirements, commercial practices, and anti-money laundering regulations;
  • To manage administrative, accounting, ordering, shipping, invoicing, and service activities, including any disputes;
  • To send commercial communications promoting products and services offered by the Controller;
  • To protect legal rights and credit positions resulting from contractual relationships;
  • To compile internal-use statistics.
  1. LEGAL BASIS FOR PROCESSING – The legal basis for processing personal data includes:
  • Processing necessary for the performance of a contract to which the data subject is a party, or to take pre-contractual steps at the request of the data subject;
  • Processing necessary to comply with legal obligations to which the Controller is subject;
  • Processing necessary for the legitimate interests pursued by the Controller.
  1. PERSONAL DATA PROCESSED – The personal data processed, including data of employees, includes:
  • Identity data;
  • Contact details;
  • Tax data;
  • Bank details.
  1. PROVISION OF PERSONAL DATA – Providing personal data is necessary for the purposes listed in Section 2. Refusal to provide such data may prevent the Controller from initiating or executing the business relationship.
  1. METHODS AND PROCESSING ACTIVITIES – Data processing is carried out both by automated means (digital and computer-based) and non-automated means (paper documents), in compliance with legal requirements and confidentiality and security standards set by the Controller. Processing activities include: collection, recording, access, consultation, storage, and communication. No automated decision-making, including profiling, will be carried out.
  2. DATA PROCESSING LOCATION – Personal data is processed at the offices of ARREDAMENTI IVAN TUANI S.R.L., Via Maestri del Lavoro 8/10 – 20813 BOVISIO MASCIAGO (MB), Italy, and may also be processed on behalf of the Controller by external companies and/or professionals within the scope of assigned services.
  3. DISCLOSURE OF PERSONAL DATA – Personal data may be disclosed to internal staff authorized by the Controller and to external parties, only as necessary for providing contracted services, in compliance with the confidentiality and security policies defined by the Controller and current regulations. External recipients may include:
  • Tax, labor, and workplace safety consultants/companies;
  • Credit institutions and credit insurance companies;
  • Public and private authorities, including Tax Police and Judicial Authorities, as part of inspections or audits.
  1. TRANSFER OF PERSONAL DATA ABROAD – Personal data is not currently transferred outside of Italy. Should such a need arise, the Controller will request specific consent, specifying the destination country and safeguards adopted to ensure the transfer is safe and compliant with applicable laws.
  2. DATA RETENTION PERIOD – Data may be retained throughout the duration of the commercial relationship and, based on the following criteria, even beyond:
  • After contract termination: 10 years;
  • For administration, accounting, order management, quotation and production workflows, support and maintenance, shipping, invoicing, and service management: 10 years, as set by Art. 2220 of the Italian Civil Code, unless delayed payments justify extended retention;
  • For direct commercial communications (without intermediaries) promoting the company’s products/services: 24 months, with the right for the data subject to object at any time (opt-out) to direct marketing.
  1. DATA SUBJECT RIGHTS – The data subject may exercise their rights to access and portability of their personal data; they may request updates, corrections, or additions, as well as deletion, restriction, or objection to processing, in accordance with applicable regulations. In cases of unlawful processing, the data subject has the right to lodge a complaint with a supervisory authority. Consent may be withdrawn at any time, without affecting legal obligations existing at the time of withdrawal, by contacting the Controller.

Data Controller

Explore
Explore