Gentle supplier,
pursuant to article 13 of EU Regulation 2016/679 of 27/04/2016, “European regulation on the protection of personal data”, hereinafter referred to as GDPR, Software Design srl with registered office in Naples Capodichino airport-viale F. Ruffo di Calabria snc, as owner of the processing of personal data, informs you of the following:

Types of data subject to processing
The Data Controller will process your personal data (i.e. the personal data of its employees), collected as part of the contract / supply order signed between the parties and / or for the purpose of concluding the same, including, by way of example and not exhaustive, name, surname, mobile phone number, e-mail address and in general your contact details as a contact person in the commercial relationships maintained in execution of the supply relationships.

Purpose of the processing
The personal data that will be exchanged between the Parties during the performance of the supply contract will be processed exclusively for the fulfillment of operations imposed by regulatory obligations, for the management of relations for administration, accounting, orders, shipments, invoicing, services , management of any litigation.
The processing of personal data, in relation to the purposes indicated above, does not require your express consent based on the fulfillment of a contractual obligation and on legal provisions.
The personal data of natural persons will also be processed for:
• forward communications of various kinds and with different means of communication (telephone, mobile phone, sms, email, fax, paper mail);
• formulate requests or process requests and proposals received;
• exchange information aimed at the execution of the contractual relationship, including pre and post contractual activities.
The provision of your personal data for the purposes indicated above is optional, but failing that it will not be possible to execute the contract.

Source of data
The personal data processed are those provided by the interested party on the occasion of:
• visits or phone calls;
• direct contacts for participation in shows, exhibitions, etc .;
• proposition of offers;
• commercial contracts;
• transmissions and transactions following the order.
Recipients and transfer of personal data
On the basis of the roles and work duties performed, some workers have been entitled to process personal data, within the limits of their competences and in accordance with the instructions given to them by the Data Controller.
Your personal data may be shared with external natural and / or legal persons (such as consultants, credit institutions, auditing companies, etc.) who provide services that are instrumental to the Controller’s activities. These subjects will typically operate as data processors.
Your personal data may also be communicated, within the limits strictly relevant to the obligations, to subjects to whom such communication must be made in order to fulfill specific obligations established by laws, regulations and / or community legislation.
The personal data processed by the Data Controller will not be disclosed, that is, it will not be disclosed to indeterminate subjects, in any possible form, including that of making them available or simple consultation.

Transfer of data outside the EU
The Data Controller does not transfer personal data to third countries or to international organizations. However, it reserves the right to use cloud services; in which case, the service providers will be selected from those who provide adequate guarantees, as required by art. 46 GDPR 679/16.
Retention of personal data
Your personal data will be stored only for the time necessary for the purposes for which they are collected, respecting the principle of minimization referred to in Article 5, paragraph 1, letter c) of the GDPR. After the termination of the contractual relationship, personal data will be stored, and not further processed, for the time established by the current provisions on civil and fiscal matters.

Methods of data processing
In relation to the aforementioned purposes, the processing of personal data takes place using manual, IT and telematic tools with logic strictly related to the purposes themselves and, in any case, with methods that guarantee the security and confidentiality of the data, in addition to compliance with specific obligations. sanctioned by law.
The processing is carried out directly by the owner’s organization, by its managers and / or agents.

Your rights
You have the right to ask the Data Controller, at any time, to access your personal data, to correct or cancel them or to oppose their processing, you have the right to request the limitation of processing in the cases provided for by art. 18 of the GDPR, to revoke the consent given pursuant to art. 7 of the GDPR at any time; to obtain the data concerning you in a structured format, commonly used and readable by an automatic device, in the cases provided for by art. 20 of the Regulation; as well as to lodge a complaint with the competent supervisory authority (Guarantor for the Protection of Personal Data) pursuant to art. 77 of the GDPR, if you believe that the processing of your data is contrary to the legislation in force.
You can exercise your rights by writing to the Data Controller at privacy@swdes.it.

Automated decision-making processes
The Data Controller does not carry out treatments consisting of automated decision-making processes on the data of natural persons who operate in the name and on behalf of suppliers.