• Information extract on the processing of personal data
• Information for suppliers
• Information for customers
• Rules on the use of the website

Information on the processing of personal data pursuant to Article 13 of European Regulation 679/2016

As the Data Controller of the personal data in its possession, EUROFRUT S.P.A, with registered office in Via Paolo Canali n. 16 int. 9, 40127, Bologna (BO), VAT number and tax code: 00796000370, dedicated e-mail address: contabilita@eurofrut.it, informs you that:

•  All data communicated, transmitted or obtained from third parties will be processed in compliance with European Regulation 2016/679, for the sole purpose of establishing and executing the contractual relationship with you and for the consequent fulfilment of the legal and contractual obligations arising therefrom, as well as the achievement of effective management of the commercial relationship;
• The provision of data may be necessary in order to maintain relations with you or your organisation: in this case, any refusal to provide such data could make it impossible to proceed with the relationship;
• The data is subject to paper-based processing;
• The Data Controller will process the data for the time necessary to execute the relationship and also subsequently for the fulfilment of legal obligations or for administrative purposes. Subsequently, for archiving purposes only, the data may be processed for a period of 10 years from the date of termination of the relationship, for any reason whatsoever. 
• • The data may be made accessible to employees and collaborators of the Data Controller, in their capacity as authorised data processors, as well as to third-party companies or other entities that perform outsourced activities on behalf of the Data Controller, in their capacity as external data processors, Supervisory Bodies (such as IVASS), Judicial Authorities, and all entities to whom communication is mandatory by law for the fulfilment of the purposes referred to in point 2.
• The data will not be disclosed.
• The data will not be transferred to countries outside the EU.
• With regard to data processing, you may exercise your rights under Articles 15 et seq. of EU Regulation 2016/679, to which reference is made, by sending a registered letter with return receipt to EUROFRUT S.P.A., with registered office at Via Paolo Canali n. 16 int. 9, 40127, Bologna (BO), or alternatively, an email to: contabilita@eurofrut.it
• The exercise of these rights is not subject to any formal constraints and is free of charge.

By accessing the site, I declare that I have carefully read the content of the information provided by you pursuant to Article 13 of Legislative Decree 196/2003 and Articles 12 et seq.

Information for suppliers

Subject: Information concerning the processing of personal data pursuant to the Personal Data Protection Code (Legislative Decree No. 196/2003, hereinafter the ‘Code’) and Article 13 of the European Regulation (GDPR 679/2016, hereinafter the ‘Regulation’) and subsequent national adaptation regulations. 

EUROFRUT S.P.A, as the Data Controller of your personal data and/or that of data subjects belonging to your organisation (hereinafter also referred to as ‘Personal Data’ or ‘Data’), in the context of the execution of a contract or pre-contractual measures, in compliance with the provisions of Article 13 of EU Regulation 2016/679, provides the following information on the methods and purposes of the processing of the personal data collected. 

Therefore, in full compliance with the principles of fairness, lawfulness and transparency, the Data Controller provides the following information.

The Supplier, where it is a legal entity, undertakes, where the processing described below is carried out in relation to data subjects such as its legal representative, employees and/or collaborators, to communicate or, in any case, make this information available to the aforementioned persons.

1. Data Controller.

The Data Controller is EUROFRUT S.P.A, with registered office in Via Paolo Canali n. 16 int. 9, 40127, Bologna (BO), VAT number and tax code: 00796000370, dedicated e-mail address: contabilita@eurofrut.it

2. Type of data processed 

The personal data processed consists of the categories indicated below.

Within the scope of the relationship between the parties, EUROFRUT S.P.A acquires a series of data relating to the supplier/potential supplier. 

In particular, the Data Controller may request personal identification data (including name, surname, company name, VAT number, tax code, address, telephone number, e-mail address, bank details). 

Within the scope of specific economic agreements or contracts, EUROFRUT S.P.A. may process data relating to the Supplier's employees and collaborators (such as, for example, copies of identity documents, certifications and training certificates, including those relating to health and safety at work, etc.). 

Furthermore, EUROFRUT S.P.A does not hold any sensitive data (or data belonging to special categories of data pursuant to Article 9 of the Regulation) relating to suppliers, nor does it hold any biometric, genetic or judicial data. 

The data will, in any case, be processed in accordance with the principles of purpose limitation, data minimisation, accuracy, storage limitation, relevance, non-excessiveness and protection of confidentiality.

3.Purpose of processing and legal basis

The personal data provided to EUROFRUT S.P.A., in full compliance with the principles recognised by current legislation on the protection of personal data, will be processed for the following purposes:

1. in relation to pre-contractual and contractual requirements and the consequent fulfilment of legal, fiscal and accounting obligations (legal basis: the execution of the contract and legal obligations);
2. to enable the effective management of service, financial and commercial relationships or for administrative requirements relating to orders, shipments, arrivals and invoices (legal basis: fulfilment of legal obligations);
3. for any assessment, for the exercise or defence of a right in court or out of court (legal basis: legitimate interest of the Data Controller). 

4. Processing methods

Personal data is processed using the methods indicated in the Privacy Code and in Article 4, paragraph 2) of the Regulation, namely: collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, limitation, communication, erasure and destruction of data. 

Your data is also subject to automated processing. 

5. Retention period

Personal data processed for the performance of a contract or pre-contractual measures will be retained for the time strictly necessary to fulfil the same. The Data Controller may also retain such data subsequently if this is necessary for the fulfilment of legal obligations or for administrative, remuneration, accounting, tax and insurance purposes, as well as for the protection of a right in court or out of court in the event of disputes and/or litigation. 

For archiving purposes only, the data will be processed for a period of ten years from the termination of the relationship, for any reason whatsoever. By way of example, invoices issued by you to EUROFRUT S.P.A. will be retained for ten years.

With regard to video surveillance, please refer to the specific information notice and to point 10 below.

The data will be stored electronically (in the Cloud) and in a paper archive, and will then be digitised. 

6. Obligation to provide data

The provision of data is a necessary condition for the pursuit of the purposes described in point 3 of this Policy, as well as the legal basis for processing.

Therefore, failure to provide such data may make it impossible to fulfil the purposes referred to in point 3. 

The provision of data for marketing purposes, for sending advertising material and for receiving newsletters is, however, entirely optional and therefore subject to consent.

7. Withdrawal of consent to the processing of personal data. 

The personal data processed by the Data Controller is necessary for the purposes described in point 3. You have the right to withdraw your consent at any time without prejudice to the lawfulness of the processing based on the consent given up to that point. 

8. Recipients

Your data may be made accessible for the purposes referred to in Article 3 to the following categories of subjects:   

• employees and collaborators of EUROFRUT S.P.A. in their capacity as authorised processors, appointed by the Data Controller;
• Shareholders and Directors of EUROFRUT S.P.A. in their capacity as authorised processors, appointed by the Data Controller
• third-party companies or other subjects (for example, credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, companies that deal with accounting) that perform outsourced activities on behalf of the Data Controller, in their capacity as external data processors;

In addition, your data (and, where the Supplier is a legal entity, also that of data subjects such as the legal representative, employees and/or collaborators) may be disclosed to: 

• Supervisory bodies (such as IVASS), 
• Judicial authorities, 
• Public authorities (such as, for example, Cultural Heritage Protection Units),
• All subjects to whom communication is mandatory by law for the fulfilment of the purposes referred to in point 3. These subjects will process the data in their capacity as independent data controllers. 
• The data processed will not be disclosed and will not be transferred to countries outside the European Union.

9. Data retention

Personal data is stored at the registered office of EUROFRUT S.P.A. on a local cloud server, as well as in paper archives (the contents of which are then digitised) located at the registered office of the Data Controller. 

10. Video surveillance

EUROFRUT S.P.A, with registered office at Via Paolo Canali n. 16 int. 9, 40127, Bologna (BO), wishes to inform you that, pursuant to Articles 12 et seq. of Regulation (EU) 2016/679 and Legislative Decree 196/2003, as amended by Legislative Decree 101/2018, for the purposes of prevention, organisational security and protection of company assets, the premises and appurtenances of the local office at Via Paolo Canali n. 16, 40127, Bologna (BO), are protected by an alarm system equipped with photo verification upon activation, duly indicated by signage required by the Data Protection Authority.

Images, like names and personal details, are personal data subject to the protections provided for by Regulation (EU) 2016/679 of the European Parliament. Therefore, such specific personal data is acquired and stored by the Data Controller for the time strictly necessary to prevent illegal activities, ensure the security of the sites, and protect company assets, all in compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council and the requirements imposed by the Office of the Data Protection Authority. The system adopted does not link, cross-reference or compare the images collected with other personal data or with any identification codes.

The images derived from the aforementioned alarm system equipped with photo verification upon activation will be stored for the period required by law, and in any case for a period of time not exceeding that necessary to achieve the purposes for which the data are processed (maximum 48 hours or 72 hours in the case of closure at the weekend).  This is without prejudice to reasons related to requests from the judicial authorities or other authorised bodies. In any case, the systems are programmed to operate at the set time for the complete automatic deletion of information at the end of the period specified for each medium, including by means of overwriting, in such a way as to render the deleted data unusable.

The data processed will not be disclosed to third parties. However, the following may become aware of the data, in relation to the purposes of processing set out above: i) subjects who can access the data pursuant to provisions of European Union law or the law of the Member State to which the Data Controller is subject; ii) our Members and Directors, provided they have been previously designated as subjects acting under the authority of the Data Controller, in accordance with Article 29 of the European Regulation; iii) our employees, provided that they have been previously designated as persons acting under the authority of the Data Controller, in accordance with Article 29 of the European Regulation; iv) persons (security and surveillance companies) who, within the borders of the European Union, perform, as Data Processors, tasks ancillary to the above-mentioned activities and services.

With regard to the processing of personal data, pursuant to the European Regulation, as a data subject, you may exercise the rights described in point 10 below by contacting the Data Controller directly at the addresses indicated. In practice, you cannot exercise your right to update, rectify and supplement your data due to the intrinsic nature of the data collected, as these are images collected in real time concerning an objective fact. The processing of personal data will be carried out in compliance with the fundamental rights and freedoms of citizens and the dignity of individuals, with particular reference to confidentiality, identity and the protection of personal data. All areas where it is necessary to ensure maximum protection of the dignity and privacy of the individuals concerned, such as changing rooms, bathrooms and similar areas, are excluded from recording.

11. Exercise of rights by the Data Subject

The Data Subject may exercise their rights vis-à-vis the Data Controllers at any time. Pursuant to Legislative Decree 196/2003 and Articles 15 et seq. of EU Regulation 2016/679, the Data Subject has the right to: a) obtain confirmation of the existence or otherwise of personal data concerning him/her, even if not yet recorded, and its communication in intelligible form; b) obtain information on the origin of the personal data, the purposes and methods of processing, the logic applied in the case of processing carried out with the aid of electronic instruments, the identification details of the data controller and data processors, and the subjects or categories of subjects to whom the personal data may be communicated as data processors; c) obtain the updating, rectification or, where interested, integration of the data; d) obtain the erasure of data in the cases provided for in Article 17 of EU Regulation 2016/679, the transformation into anonymous form or the blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed; e) obtain the restriction of processing in the cases provided for in Article 18 of EU Regulation 2016/679 f) receive personal data concerning him/her in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller; g) object, in whole or in part, on grounds relating to his/her particular situation, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection; h) object to the processing of personal data concerning him/her for direct marketing purposes, for sending advertising or direct sales material or for carrying out market research or commercial communication; i) lodge a complaint with the Data Protection Authority.

For convenience, the Code and Articles 15 to 23 of the Regulation can be consulted in full at this link: www.garanteprivacy.it

12. How to exercise your rights 

To exercise your rights, you may contact the Data Controller directly by sending:

• a registered letter with return receipt to EUROFRUT S.P.A at Via Paolo Canali n. 16, int 9, 40127, Bologna (BO) or, alternatively, 
• an e-mail to the dedicated address: contabilita@eurofrut.it

By accessing the site, I declare that I have carefully read the content of the information provided by you pursuant to Article 13 of Legislative Decree 196/2003 and Articles 12 et seq.

Information for customers

Subject: Information concerning the processing of personal data pursuant to the Personal Data Protection Code (Legislative Decree No. 196/2003, hereinafter the ‘Code’) and Article 13 of the European Regulation (GDPR 679/2016, hereinafter the ‘Regulation’) and subsequent national adaptation regulations.

1. Data controller and introduction.

EUROFRUT S.P.A, with registered office at Via Paolo Canali n. 16 int. 9, 40127, Bologna (BO), VAT number and tax code: 00796000370, dedicated email address: contabilita@eurofrut.it, informs you that it is the Data Controller of personal data relating to the Company's customers. Therefore, in full compliance with the principles of fairness, lawfulness and transparency, the following information is provided regarding the processing of your personal data. 

Type of data processed.

EUROFRUT S.P.A. acquires certain data relating to customers/potential customers, including legal entities. 

The Data Controller will ask customers/potential customers to provide EUROFRUT S.P.A., as Data Controller, with personal data, and will ask the customer/potential customer's organisation to provide the personal data necessary for the execution of the contract or the issue of a quotation.

The personal data processed are as follows: personal details such as name and surname, address, date and place of birth, gender, telephone number, and email address. 

The Data Controller will not come into possession of any special categories of data relating to the customer/potential customer (or belonging to special categories of data pursuant to Article 9 of EU Regulation 679/2016) or any biometric, genetic or judicial data.

The data will be processed in accordance with the principles of purpose limitation, data minimisation, accuracy, storage limitation, relevance, non-excessiveness and confidentiality protection.

1. Purpose of processing and legal basis

Personal data provided to EUROFRUT S.P.A. in full compliance with the principles recognised by current legislation on the protection of personal data will be processed for the following purposes: 

1. to carry out activities related to the pre-contractual phase (such as initiating negotiations, exchanging offers, etc.) and to enable the proper performance of contractual obligations and activities (legal basis: performance of a contract or pre-contractual measures);
2. to enable the fulfilment of legal, fiscal and accounting obligations (legal basis: Fulfilment of legal obligations);
3. to enable the effective management of service, financial and commercial relationships or for administrative requirements relating to orders and invoices (legal basis: Fulfilment of legal obligations);
4. for any assessment, for the exercise or defence of a right of the Data Controller in court or out of court (legal basis: Legitimate interest of the Data Controller). 

2. Processing methods

Personal data is processed using the methods indicated in the Privacy Code and in Article 4(2) of the Regulation, namely: collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, limitation, communication, erasure and destruction of data. 

The data is subject to paper and electronic processing

3. Retention period

Personal data processed for the purposes referred to in point 3 of this policy will be retained for the time strictly necessary to achieve those purposes. The Data Controller may retain such data even after this period if necessary for the fulfilment of legal obligations or for administrative, remuneration, accounting, tax and insurance purposes, as well as for the protection of a right in court or out of court in the event of disputes and/or litigation. For archiving purposes only, the data will be processed for a period of ten years from the termination of the relationship, for any reason whatsoever. 

With regard to video surveillance, please refer to the provisions of the specific policy and point 9 below.

The data will be stored electronically (on a cloud server) and in paper form (paper archive). 

4. Obligation to provide data

The provision of data is mandatory for the purposes described in point 2: failure to provide such data will make it impossible to establish or continue any pre-contractual or contractual relationship.

5. Withdrawal of consent to the processing of personal data. 

The personal data processed by the Data Controller is necessary for the purposes described in point 2. You have the right to withdraw your consent at any time without prejudice to the lawfulness of the processing based on the consent given. 

6. Recipients

Your data may be made accessible for the purposes referred to in Article 2 to the following categories of subjects:

• employees and collaborators of EUROFRUT S.P.A. in their capacity as persons authorised to process data appointed by the Data Controller;
• the Revenue Agency, in accordance with the provisions on electronic invoicing; 
• third-party companies or other subjects (for example, credit institutions, professional firms, consultants) that perform outsourced activities on behalf of the Data Controller, in their capacity as external data processors;
• Furthermore, your data may be disclosed to all parties to whom disclosure is required by law for the purposes referred to in point 2. These parties will process the data in their capacity as independent data controllers. 

Your data will not be disclosed.

7. Video surveillance activities pursuant to Article 13 of GDPR Regulation (EU) 2016/679.

EUROFRUT S.P.A. wishes to inform you that, pursuant to Articles 12 et seq. of Regulation (EU) 2016/679 and Legislative Decree 196/2003, as amended by Legislative Decree 101/2018, for the purposes of prevention, organisational security and protection of company assets, the premises and appurtenances of the local office at Via Paolo Canali no. 16, 40127, Bologna (BO), are monitored by an alarm system equipped with video surveillance, duly indicated by signage required by the Data Protection Authority. Images, like names and personal data, are personal data subject to the protections provided for by Regulation (EU) 2016/679 of the European Parliament. Therefore, such personal data is acquired and stored by the Data Controller for the time strictly necessary to prevent illegal activities, ensure the security of the sites, and protect company assets, all in compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council and the requirements imposed by the Office of the Data Protection Authority. The system adopted does not link, cross-reference or compare the images collected with other personal data or with any identification codes.  The images obtained from video surveillance linked to the alarm system will be stored for the period required by law, and in any case for no longer than is necessary to achieve the purposes for which the data is processed (maximum 48 hours or 72 hours in the case of closure at the weekend). This is without prejudice to reasons related to requests from the judicial authorities or other authorised bodies. In any case, the systems are programmed to automatically delete all information at the end of the period specified for each medium, including by overwriting, in such a way that the deleted data cannot be reused. The data processed will not be disclosed to third parties. However, the following may become aware of the data in relation to the purposes of processing set out above: i) persons who may access the data pursuant to provisions of European Union law or the law of the Member State to which the Data Controller is subject; ii) our employees, provided that they are previously designated as persons acting under the authority of the Data Controller, in accordance with Article 29 of the European Regulation;  iii) entities (security and surveillance companies) that perform, within the borders of the European Union, as Data Processors, auxiliary purposes to the aforementioned activities and services. In relation to the processing of personal data, pursuant to the European Regulation, as a data subject, you may exercise the rights described in point 10 below by contacting the Data Controller directly at the addresses indicated. In practice, you will not be able to exercise your right to update, rectify and supplement the data due to the intrinsic nature of the data collected, as these are images collected in real time concerning an objective fact. The processing of personal data will be carried out in compliance with the fundamental rights and freedoms of citizens and the dignity of individuals, with particular reference to confidentiality, identity and the protection of personal data. All areas where it is necessary to ensure maximum protection of the dignity and privacy of the persons concerned, such as changing rooms, bathrooms and similar areas, are excluded from recording.

8. Data retention 

Personal data is stored at the registered office of EUROFRUT S.P.A. and, therefore, within the European Union. 

9. Exercise of rights by the data subject

The data subject may exercise their rights vis-à-vis the Data Controllers at any time. Pursuant to Legislative Decree 196/2003 and Articles 15 et seq. of EU Regulation 2016/679, the data subject has the right to: a) obtain confirmation of the existence or otherwise of personal data concerning them, even if not yet recorded, and its communication in intelligible form; b) obtain information on the origin of the personal data, the purposes and methods of processing, the logic applied in the case of processing carried out with the aid of electronic instruments, the identification details of the data controller and data processors, and the subjects or categories of subjects to whom the personal data may be communicated as data processors; c) obtain the updating, rectification or, where interested, integration of the data; d) obtain the erasure of data in the cases provided for in Article 17 of EU Regulation 2016/679, the transformation into anonymous form or the blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed; e) obtain the restriction of processing in the cases provided for in Article 18 of EU Regulation 2016/679; f) receive personal data concerning him/her in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller; g) object, in whole or in part, on grounds relating to his/her particular situation, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection; h) object to the processing of personal data concerning him/her for direct marketing purposes, for sending advertising or direct sales material or for carrying out market research or commercial communication; i) lodge a complaint with the Data Protection Authority.

For convenience, the Code and Articles 15 to 23 of the Regulation can be consulted in full at this link: www.garanteprivacy.it

10. How to exercise your rights 

To exercise your rights, you may contact the Data Controller directly by sending:

• a registered letter with return receipt to EUROFRUT S.P.A. at Via Paolo Canali n. 16, int 9, 40127, Bologna (BO), or, alternatively, 
• an email to the dedicated address: contabilita@eurofrut.it 

By accessing the site, I declare that I have carefully read the content of the information provided by you pursuant to Article 13 of Legislative Decree 196/2003 and Articles 12 et seq.

Rules on the use of the website

1. The web pages of this website are updated periodically: however, the authors accept no responsibility for the completeness and updating of the information contained therein. Furthermore, no responsibility can be attributed for any manipulation of the website or the data contained therein by third parties.
2. Any risk associated with the use and exploration of the site is borne by the user. The Authors cannot be held liable for any damage that may occur to the user's computer equipment as a result of accessing, using, downloading or viewing the materials on these web pages.
3. Like many other online companies, Eurofrut S.p.a. Registered office: CAAB - Centro Agroalimentare Bologna - Via P. Canali, 16 - 40127 Bologna (Italy) - Tax code and VAT number 00796000370 - e-mail address: contabilita@eurofrut.it - Web: www.eurofrut.it collects technical information from the user's computer each time they visit a web page on the site. This information includes the user's IP (Internet Protocol) address, the type of browser used, the address of any linked websites and other technical information for statistical purposes only.

Cookies

This site does not use any type of user profiling cookies.

Most browsers (Internet Explorer, Firefox, etc.) are configured to accept cookies. However, most browsers allow you to control and even disable cookies through your browser settings. If you wish to delete any cookie files already on your computer, read your browser's instructions by clicking on the ‘Help’ item in the relevant menu. However, we recommend that you refer to the official documentation on the websites of the various browser manufacturers. You can also find more information about cookies and how to manage them by visiting it.wikipedia.org/wiki/Cookie or by clicking on ‘Help’ in your browser menu.