The new Regulation (EU) 2016/679 has introduced rules to increase the protection of personal data.
This Website collects some Personal Data from its Users.
Types of Data Collected
The Personal Data collected by this Website, autonomously or via third parties, include name, surname, address, and email address.
Personal data can be provided freely by Users or, in the case of Usage Data, automatically collected during the use of the Website.
Unless stated otherwise, all the Data requested by this Website are mandatory. If Users refuse to provide their data, this Website may not be able to provide the Service. However, Users are free not to provide any data marked as optional on this Website. This will have no impact on the availability and functionality of the Service. Users in doubt about which Data are mandatory are encouraged to contact the Data Controller.
Methods and Location of Data Processing
The Data Controller takes all necessary security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data. Data processing is carried out using electronic and/or telematic means and conducted following logic strictly relevant to the purposes described above. In addition to the Data Controller, in some cases Data may be accessed by other subjects involved in the organization of this Website (administration, sales, marketing, legal and system administration staff), or external subjects (such as suppliers of services, carriers, hosting providers, IT companies, communication agencies), appointed by the Data Controller and, if necessary, nominated Data Processors. Users may ask the Data Controller for an updated list of Data Processors at any time.
Lawfulness of Processing
The Data Controller processes Users’ Personal Data when any of the following conditions apply:
- the User has consented to one or more of the data processing purposes specified; Note: in some countries the Data Controller may be authorised to process Personal Data even without the User’s consent or any of the legal basis mentioned below until the User opts out of the processing. However, this is not applicable if the Data processing is regulated by European laws on Personal Data protection;
- the processing is necessary for the performance of a contract with the User and/or to take steps prior to entering into a contract;
- the processing is necessary to comply with a legal obligation to which the Data Controller is subject;
- the processing is necessary for the performance of a task carried out in the public interest or in exercise of official authority vested in the controller;
- the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.
In any case, it is always possible to ask the Data Controller to clarify the actual lawful base of each processing and, in particular, to specify if the processing is based on the law, a contract, or necessary to enter into a contract.
Data are processed at the Data Controller’s operational facilities and at any other location where the parties involved in the processing are based. For further information, please contact the Data Controller. Users’ Personal Data may be transferred outside the country in which the Users reside. To obtain further information on the location in which the data processing takes place, Users may refer to the section dedicated to the details on Data Processing. Users have the right to obtain information on the legal basis of the transfer of Personal Data outside the European Union or to an international organization governed by international law or comprising two or more countries, for example, the UN, and on the security measures adopted by the Data Controller to protect Data. Should one of the above-mentioned transfers occur, Users may refer to the relevant sections of this document or ask the Data Controller for information, using the contact details provided at the beginning of this document.
Data are treated for the time necessary to achieve the purposes for which they were collected.
- Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be stored for the duration of the contract.
- Personal Data collected for purposes related to the Data Controller’s legitimate interests will be stored until said interests have been satisfied. Users may obtain further information regarding the legitimate interests pursued by the Data Controller in the relevant sections of
this document, or by contacting the Data Controller.
When processing is based on the consent obtained from the Users, the Data Controller may store Personal Data for a longer period, until the consent is revoked. Additionally, the Data Controller may have to store Personal Data for a longer period to comply with legal obligations or orders from an authority.
At the end of the retention period, Personal Data will be deleted. Therefore, once the retention period is over, Users will no longer have the right to access, delete, rectify or transfer their Personal Data.
Purpose of Data Processing
Users Personal Data are collected to allow the Data Controller to provide its Services, and for the following purposes: to contact Users.
For detailed information on the processing purposes and the Personal Data relevant to each purpose, Users may refer to the specific sections of this document.
Details on Data Processing
Personal Data are collected for the following purposes and using the following services:
- To contact Users
Contact Form (this Website)
By filling in the contact form, Users consent to the use of the Data provided to reply to the requests for information, quotes, or any other request sent using the form.
Personal Data collected: name, surname, address and email address.
Mailing List or Newsletter (this Website)
By subscribing to the mailing list or newsletter, Users’ email addresses will be automatically included in the list of contacts who will be sent emails with information, including commercial and promotional messages, relating to this Website. Users’ email addresses may also be added to this list after registering on this Website or after making a purchase.
Personal Data collected: email address.
Users may exercise certain rights in relation to the Personal Data processed by the Data Controller.
In particular, Users have the right to:
- revoke their consent at any time. Users may revoke the consent they had previously provided for the processing of their Personal Data.
- object to the processing of their Personal Data. Users may object to the processing of their Personal Data when it is not based on consent. Further details on the right to object can be found in the section below.
- access their Personal Data. Users have the right to obtain information on the Personal Data processed by the Data Controller on certain aspects of the processing and to receive a copy of the Data processed.
- check and request rectifications. Users may check their Personal Data and request updates or corrections.
- limit the processing. When certain conditions apply, Users may request to limit the processing of their Personal Data. In these cases, the Data Controller will process the Data only for conservation purposes.
- obtain the deletion or removal of their Personal Data. When certain conditions apply, Users may ask the Data Controller to delete their Personal Data.
- receive their Data or transfer them to another Controller. Users have the right to receive their Data in a structured and commonly used electronic format and, if technically feasible, obtain the transfer to another Data Controller without unjustified delay. This provision applies when Data are processed with automated means and processing is based on the User’s consent, on a contract of which the User is a part, or on contractual provisions connected to it.
- make a complaint. Users may complaint with the competent data protection supervisory authority or bring violations to the attention of judicial authorities.
Details on the Right to Object
When Personal Data are processed in the public interest, in the exercise of official authority vested in the Data Controller, or to pursue a legitimate interest of the Data Controller, Users have the right to object to the processing for reasons related to their personal situation.
Users are informed that when Data are processed for marketing purposes, they may object to the processing without providing a reason. To find out if the Data Controller processes data for marketing purposes, Users may refer to the relevant sections of this document.
How to Exercise Data Subject Rights
To exercise their rights, Users may address their requests to the Data Controller using the contact details provided in this document. Requests are processed for free by the Data Controller as soon as possible, and in any case within a month.
Additional Information About Data Processing
Defence Before the Courts
The Data Controller may use Users Personal Data for its defence in court, or in any preparatory stages, in cases concerning abuse of data usage, or any connected services, by the User. Users declare to be aware that the Data Controller may have to reveal their Personal Data to comply with orders from an authority.
System and Maintenance Logs
For operational and maintenance purposes, this Website and any third-party services it uses may collect system logs, i.e. files that record interactions, which could contain Personal Data, such as Users’ IP address.
Information Not Included in This Policy
Further information regarding Personal Data may be requested at any time by contacting the Data Controller, using the contact information provided.
Response to “Do Not Track” requests
This Website does not support “Do Not Track” requests.
To find out it any third-party services support them, Users should refer to the relevant privacy policies.
Should the changes involve data processing that requires consent, the Data Controller will make sure to acquire Users’ consent again, if necessary.
Definitions and Legal References
Personal Data (or Data)
Any information relating to an identified or identifiable natural person, i.e. a person who can be identified, directly or indirectly, including by reference to any other information, such as a personal identification number.
The information collected automatically through the Website (or by third-party applications used by the Website), including: IP addresses or domain names of the computers used by the User to connect to the Website, Uniform Resource Identifiers (URI), the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numeric code that indicates the status of the server’s reply (successful, error, etc.), the Country of origin, the characteristics of the browser and operative system used by the visitor, the time-related details of the visit (for example, the time spent on each page) and the details of the navigation paths followed within the Application, with particular reference to the pages browsed, the operative system’s parameters and the Users’ IT environment.
Individual who uses the Website; unless otherwise provided, also referred to as Data Subject.
The natural person to whom the Personal Data refers.
Data Processor (or Processor)
Data Controller (or Controller)
The natural or legal person, public authority, service, or other body that, individually or together with others, determines the purposes, methods and tools to be used to process personal data, including the security measures for the functioning and use of this Website. Unless stated otherwise, the Data Controller is the owner of this Website.
This Website (or this Application)
The hardware or software tool through which Users Personal Data are collected.
The service provided by this Website as defined by the terms (where applicable) of this site/application.
European Union (or EU)
Unless stated otherwise, any reference herein to the European Union refers to all the current members of the European Union and the European Economic Area.