Professional Documents
Culture Documents
SUPPLHI GDPR Policy
SUPPLHI GDPR Policy
Purposes related to the Execution of the contract for the Data of Contractual duration and, after
establishment and execution of the legal representative of the Supplier termination, for the period of 10 years.
the contractual relationship
between the supplier and the Legitimate interest in the Data of the
Company, including: employees/consultants of the supplier
- master data management that involved in the activities referred to in the
includes a supplier database; contract
-management of supplier
qualification;
- management of purchase order;
- management of contract;
- management of inspections and
performance evaluation.
Fulfilment of administrative- Need to fulfil a legal obligation to which Contractual duration and, after
accounting obligations - such as the Company is subject termination, for the period of 10 years.
the management of accounting
and treasury, as well as invoicing
(for example, the verification and
registration of invoices), in
compliance with the requirements
of current legislation.
If necessary, to ascertain, exercise Legitimate interest (defence in front of In the case of judicial litigation, for the
and/or defend the rights of the the court) entire duration of the same, until the
Company in front of the court. exhaustion of the terms of practicability
of appeals
Purposes related: Legitimate interest (Protection of the Until the end of the employment
- to the management of internal company and corporate assets. Security) relationship and, after termination, for
and external controls. the period of 10 years.
Check, through specialized Legitimate interest (better management For common data: contract duration
companies, if the supplier is of work activity)
included in an international For data relating to criminal convictions
restricted list, using information and offenses: 6 months from the moment
in public databases. the informative file is received
Purposes related to ascertaining Legitimate interest (Protection of the For common data: contract duration
the moral suitability of the top company and better management of work
managers of suppliers activity) For data relating to criminal convictions
and offenses: 6 months from the moment
the informative file is received
Purposes related to the control Legitimate interest (Protection of the 2 years from the moment in which logical
of logical access to corporate company and corporate assets. Security) access was detected
information systems, in order
to guarantee the security of 6 months for system administrator access
people and goods (for example: logs
log management, management of
system administrator logs);
Once the retention terms indicated above have elapsed, the Data will be destroyed or made anonymous, consistent with
the technical procedures for deletion and backup.
DATA SUPPLY
Mandatory for the stipulation of the contract and/or its execution.
The refusal to provide the Data shall therefore not allow the establishment of the contractual
relationship and/or the fulfilment of the consequent obligations.
for specific business requirements. Transfers are occasional for the stipulation or execution of
a contract of with the Company or other natural or legal person in favour of the data subject
and therefore admitted pursuant to article 49.1 c) of the GDPR.