SUPPLIER PRIVACY

Privacy Notice for Suppliers

This notice explains how Zmirf processes personal data of supplier and partner representatives during procurement, onboarding, contract management, and compliance checks.

Last updated: March 18, 2026

SCOPE

Who Is Covered

Direct suppliers, subcontractors, consultants, and their employees or representatives interacting with Zmirf procurement or operations.

DATA TYPES

Information We Process

Business contact details, role and identity information, contract and payment records, and due-diligence compliance data.

LEGAL BASIS

Why Processing Is Needed

Contract performance, legal obligations, fraud prevention, supplier risk management, and legitimate business interests.

1. Data Sources And Categories

  • Provided directly by suppliers during onboarding, contracting, invoicing, and support interactions.
  • Generated during performance reviews, service quality controls, and incident workflows.
  • Obtained from lawful third-party verification sources where compliance checks are required.

2. Purposes Of Processing

  • Supplier onboarding, contract negotiation, service delivery oversight, and invoice processing.
  • Legal and regulatory compliance, including anti-fraud and sanctions screening where applicable.
  • Security incident handling, audit records, and dispute prevention or resolution.

3. Sharing And Transfers

  • Data may be shared with legal, accounting, compliance, and payment service providers as needed.
  • Where cross-border transfers occur, contractual and technical safeguards are applied where required.
  • Data is disclosed to regulators or authorities only where legally required or lawfully requested.

4. Retention And Rights

  • Data is retained according to contractual, tax, accounting, and legal retention requirements.
  • Representatives may request access, correction, deletion, restriction, or objection rights where legally available.
  • Requests may require identity verification and sufficient context for safe handling.

CONTACT

Supplier privacy requests

For supplier privacy matters, use official procurement or support channels with "Supplier Privacy Request" in the subject line and include your organization details.

RELATED

Need connected policies?

Privacy Policy Terms and Conditions

Supplier data handling in procurement workflows

Supplier privacy is managed through controlled procurement and finance workflows. Personal data from supplier representatives is used for onboarding, contractual communication, payment operations, and compliance checks that support service continuity and legal obligations.

Where suppliers contribute to infrastructure, software, or operational services, data handling is restricted to authorized personnel and business purposes. Requests for access, correction, or deletion are processed with identity verification to protect both supplier and platform security requirements.

  • Supplier records are used for legitimate contractual operations.
  • Access controls apply to procurement and finance data handling.
  • Retention follows tax, audit, and legal documentation rules.
  • Verified requests are handled through formal response channels.

FAQ

Supplier privacy FAQ

Who can submit supplier privacy requests?

Authorized supplier representatives can submit requests through official procurement or support channels.

What details are needed for faster request handling?

Include company name, representative identity, and the exact privacy request type.

Providing procurement references, relevant date ranges, and the systems involved helps teams validate identity and locate records faster while keeping response handling secure and compliant with retention obligations.