pursuant to art. 13 of EU Regulation no. 679/2016 and Italian Legislative Decree no. 196/2003
This Policy refers only to the Website and not to other web pages and/or third-party websites which are accessible through links and/or buttons (e.g. LinkedIn/Facebook) that may be present on the Website. Therefore, we invite users to read the relevant privacy policies of those third-party websites to better understand how they process personal data.
1. For what purposes we process your personal data and what is the legal basis of the processing?
A. To reply to requests for information and/or advice, communications and any other message sent by users to the Company by filling in specific forms available on the Website or by sending an e-mail to the Company’s addresses indicated on the Website.
Legal basis: the processing is necessary to take charge of and correctly manage the users’ request.
B. For purposes related to legal defence, the management of complaints and litigation proceedings, the possible recovery of debts, the prevention of fraud to the Company’s IT systems and/or of other unlawful activities carried out against the Data Controller.
Legal basis: the processing is necessary for the achievement of a legitimate interest of the Data Controller and/or of third parties, which, by virtue of the assessments of the Data Controller, does not prevail over the fundamental rights and freedoms of the users.
C. For purposes related to the fulfilment of legal obligations, regulations, national and/or EU law provisions as well as of measures issued by the public Authorities by law authorized thereto.
Legal basis: the processing is necessary to comply with a legal obligation and/or with an order of an Authority.
D. With the express and specific consent of the user, to send via e-mail to the latter commercial and/or promotional communications and/or newsletters regarding the services offered by the Data Controller, as well as any possible invitations to conferences, events and/or meetings organized by the Data Controller.
Legal basis: the legal basis of the processing for these marketing purposes is represented by the consent that users may decide to freely provide to the Data Controller.
2. Are you required to provide your personal data?
In relation to the purposes (A), (B) and (C) above, the provision of your personal data is necessary and any refusal to provide such data will make it impossible to provide the user with the requested services (e.g., information/advice, etc.). In relation to the marketing purposes (see letter D above), the user may freely decide to provide/not to provide his/her consent and any refusal to the processing of his/her personal data will only result in the impossibility to stay updated as to the activities, services and initiatives of the Data Controller, but you will not be precluded in any way from using the Website.
3. To whom will we communicate your personal data?
The personal data provided by the user will not be disclosed and may be communicated by the Data Controller to the categories of subjects indicated below:
(i) companies, collaborators, consultants and/or professionals entrusted by the Data Controller with the performance of tasks of a technical or organizational nature related to the Website (such as, for example, IT companies, developers and administrators of the Website, providers of hosting services for the Website, etc.) or persons with whom the Data Controller collaborates for the normal provision and operation of its services;
(ii) persons, companies or professional firms providing assistance and advice to the Data Controller, with particular but not exclusive reference to accounting, administrative, legal, tax and financial matters and for marketing activities;
(iii) persons who have been recognized the right of access to personal data by legal provisions or orders issued by the Authorities.
The subjects belonging to the above-mentioned categories will process the data as autonomous data controllers or data processors, in the latter case duly appointed by the Data Controller. The data may also be brought to the attention of the Data Controller’s personnel, who will process them on the basis of a prior written authorization.
Your personal data will not be transferred outside of the European Union.
4. For how long do we store your personal data?
Your data will be stored, in accordance with the law, for a period not exceeding what is necessary to achieve the purposes for which they have been collected and processed and in any case in compliance with the limitation period provided by the Italian Civil Code and applicable laws. Subsequently, the data will be deleted.
With specific reference to the marketing purposes (see letter D of the purposes above), the Data Controller will store the user’s data until the requests sent by the user to no longer receive such communications.
5. What rights can you exercise in relation to your personal data?
We remind you that you can exercise the privacy rights provided for by the GDPR and, particularly, you can ask for confirmation that your data is being processed, ask the Data Controller for access to information relating to the processing, ask for the correction of inaccurate or incomplete personal data, ask for the deletion of personal data or the restriction of the processing; moreover, you can ask to receive your data in a structured, commonly used and machine-readable format and can then send it to another data controller or you may ask for personal data to be directly transmitted to another data controller, provided this is technically feasible (so-called “data portability”); you also have the right to withdraw, at any time, the consent you previously provided, without affecting the lawfulness of the processing based on the consent before the withdrawal.
Furthermore, the user has the right to object in whole or in part to the processing of his/her personal data for legitimate reasons.
These rights may be exercised by sending an e-mail to the following address: firstname.lastname@example.org.
Finally, the user has the right to file a complaint at the Italian Data Protection Authority (www.garanteprivacy.it) if he/she believes that the processing of his/her personal data is carried out in violation of the applicable privacy laws.
This Policy was updated in May 2021.