Suppliers GDPR privacy policy

Policy for the processing of Suppliers personal

Pursuant to and by the effect of Article 13 of the European Regulation 2016/679 (hereinafter GDPR).
According to such Regulation, this policy is based on the principles of lawfulness, fairness and transparency in order to guarantee the safeguard of the privacy and the rights of data subjects. Pursuant to such articles, it is stated that:

1.The Data Controller of personal data is Texao s.p.a. (hereafter referred to as Data Controller), with registered offices in Prato (PO), Via per le Case Nuove, 113 – VAT N. 02369940974 – tel. +39 0574662400 – email: The joint controller of personal data is Mathilda s.p.a. (hereinafter referred to as Joint Controller), with registered office in Via per le Case Nuove, 111/113, Prato – tel. 0574662400. It is possible to view the arrangement between the Joint Controllers by contacting the Controller on the contacts given above.

2. Your data will be processed for the following purposes:
To fulfill the obligations expressed in the contract established between You and the Controller (such as completing orders) and to fulfill the resulting fiscal and accounting obligations; for what concerns the first purpose, the legal basis of the processing lies with the fulfilment of contractual obligations; for what concerns the second purpose, the legal basis lies with the necessity to fulfill a legal obligation to which the Controller is subject.

3. The authorization of the data treatment is obligatory for the execution of the contract and of the related fiscal obligations, otherwise the contract will not be enforced and the relationship between the parties will no longer continue.

4. The recipients of data processing are the Controllers of data processing (including third-parties related to the Controller) and the internal staff of the Controller’s company who have been previously authorised by the Controller. Personal data will not be released, but they may be communicated to third-parties, also appointed as Data Processors (the list of Data Processors can be viewed by contacting the Data Controller to the above email address) only for technical and operational purposes strictly linked to the above mentioned purposes. In particular, to: companies or professionals for the fulfilment of accounting and/or fiscal obligations; to IT firms for the management of IT systems; to software companies; to the staff working for the Joint Controller.

5. The data are processed and stored at the Controller’s registered office and on servers located within the Controller’s registered office and in any case within the European Union.

6. The personal data will be retained for the necessary period of time in order to fulfill the above purposes and always in accordance with the legislation in force.

7. As the interested party, you may at any time: access to your personal data; obtain the correction of inaccurate personal data or their deletion or the restriction of their processing; object to the processing of your personal data; obtain from the Data Controller the portability of data; revoke the consent; lodge a complaint with a Control Authority (Data Protection Authority – Privacy Protection Authority).
To exercise these rights, you can send a request via email to

The data processing Controller