INFORMATION PURSUANT TO ARTICLES 13-14 OF THE GDPR (GENERAL DATA PROTECTION REGULATION) 2016/679
Francesco Boncompagni, Tax Code: BNCFNC77T15D612R, Data Controller, informs you that your data will be processed in the manner and for the purposes described below.
The Data Controller is committed to protecting the privacy and confidentiality of Personal Data in compliance with principles of fairness, legality, transparency, and protection of your rights.
1) TYPES OF DATA PROCESSED
We process personal data provided by you (name, email, company name, phone number, etc.) when you make spontaneous requests and data that are collected autonomously from the website.
- Data provided by you: personal, identifying, and non-sensitive data you provide to make requests via email, through the contact form, or by phone regarding our products/services.
- Data we collect automatically: anonymous data collected using cookies or similar technologies. For further information, please see our Cookie Policy below.
Note: Users under the age of 16 may not provide any personal data without consent from parents or guardians.
2) PURPOSES AND LEGAL BASES OF THE PROCESSING
We will process your personal data:
A) to fulfill our contractual obligations; to respond to your information requests; to prepare a quote you requested; to execute contracts for the sale of products or provision of services; to provide necessary assistance related to purchased products and services.
B) to perform aggregate statistical analyses on an anonymous basis to improve our services;
C) for administrative purposes and to comply with legal obligations such as accounting, tax requirements, or to respond to requests from judicial authorities.
D) in the case of sending a resume, solely for recruitment purposes.
3) IS THE PROVISION OF DATA MANDATORY?
Providing your data is always optional, but failure to do so could make it impossible to carry out some processing, such as those strictly related to fulfilling a contract or providing the services you have requested.
4) LOCATION, PROCESSING METHODS, AND RETENTION PERIODS
The processing of your personal data is carried out through operations specified in Article 4 of the Privacy Code and Article 4(2) of the GDPR, including: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion, and destruction of data.
Your personal data is stored at the Data Controller’s office and is processed both manually and electronically and/or automatically with methods strictly related to the purposes indicated and in a manner that ensures the security and confidentiality of the data. The data you provide is not saved on our website.
The Data Controller will process personal data for the time necessary to fulfill the purposes described above and, in any case, no longer than 10 years from the end of the relationship for the purposes outlined in point C, and no longer than 38 months from data collection for the purposes outlined in point B.
5) ACCESS TO DATA
Your data may be made accessible for the purposes indicated in point 2:
- to employees and collaborators of the Data Controller, in their capacity as internal data processors and/or system administrators;
- to third-party companies or other entities (web service providers, cloud providers, payment service providers, suppliers, hardware and software support technicians, shippers and carriers, credit institutions, professional firms, etc.) performing outsourcing activities on behalf of the Data Controller, in their capacity as data processors.
6) DATA TRANSFER
Your data will not be disclosed, sold, or exchanged with parties other than the Data Controller, data processors, and appointed individuals without your express and explicit consent.
7) YOUR RIGHTS
You have the right to know what personal data is being processed. In particular, you have the right to access, rectify, delete, and port your data, as well as the right to limit processing and object to processing, if applicable.
Below is a brief description of the rights you have regarding the processing of your personal data:
- Right of access: allows you to obtain confirmation of whether or not your personal data is being processed by the Data Controller, and if so, to access such data and related information;
- Right of rectification: allows you to obtain the correction of inaccurate personal data concerning you without undue delay and, considering the purposes of the processing, to obtain the integration of incomplete personal data;
- Right of deletion: allows you to obtain the deletion of your data without undue delay (e.g., when your personal data is no longer necessary in relation to the purposes for which it was collected), subject to exceptions provided by applicable law (e.g., when the retention of your data is necessary to comply with legal obligations). Deletion will be carried out within technical timescales;
- Right to data portability: allows you, in certain circumstances provided by applicable law, to receive your personal data in a structured, commonly used, and machine-readable format. You may transmit this data to another data controller, provided that this right is recognized by applicable law, and without infringing on the rights and freedoms of others;
- Right to limit processing: allows you, in certain circumstances provided by applicable law, to obtain the restriction of the processing of your personal data. In such cases, the Data Controller may continue processing your data only in specific circumstances, such as for the exercise of legal claims or to protect the rights of another person;
- Right to object: allows you, in certain circumstances provided by applicable law, to object to the processing of your personal data unless there are overriding legitimate reasons, rights, or freedoms that allow the Data Controller to continue processing.
For more information on the processing of your personal data or to exercise your rights, please contact us.
8) CHANGES TO THE NOTICE
This Notice may be updated. Therefore, we recommend that you regularly check this Notice and refer to the most current version.
Last updated: September 2024