Privacy policy

NOTICE ON PERSONAL DATA PROCESSING

Introduction

FEDRIGONI S.p.A., as the Data Controller, attributes great value to respecting the privacy of its interlocutors and is committed to safeguarding it by applying the provisions that European and Italian law establish in this regard. The relevant European legislation on the protection of personal data is the European Parliament's Regulation no. 2016/679/ EU of 27/04/2016 (GDPR). The content of the information to be distributed to interested parties is shown in articles 13 and 14 of the GDPR.

Personal data is any information concerning an identified or identifiable natural person (the "interested party"). A person can be identified, directly or indirectly, by their: name; identification number; location data; online identifier; one or more characteristic elements of physical, physiological, genetic, psychological, economic, cultural or social identity.

Principles applicable to personal data processing

The Data Controller processes personal data in compliance with the principles established by the GDPR: lawfulness, correctness and transparency; purpose limitation; data minimization; accuracy; storage limitation; integrity and confidentiality.

Characteristics of personal data processing

The Data Controller can process personal data according to the characteristics indicated below:

 

interested party

purpose of processing

data processed 

legal basis of processing

obligation or right to communicate data

consequences of failure to communicate data

data storage period

potential customers; customers; potential suppliers; suppliers

pre-contractual activity

personal data; tax data; tel; e-mail; 

the activity

right

failure to receive information on products; failure to sign a contract

5 years

customers; suppliers

contractual activity

personal data; tax data; tel; e-mail; bank references; accounting data

the activity

obligation

failure to execute the contract

the time needed to manage the contract and any disputes

potential customers; customers

marketing activities (e.g. newsletters, informative e-mails)

personal data; tel; e-mail

consent

right

failure to receive marketing communication

5 years

 

If the processing is based on consent, the interested party can revoke it at any time, without prejudice to the legality of the processing based on the consent given prior to the revocation.

To carry out pre-contractual or contractual activities, the interested party must have the ability to act as required by law. The Data Controller does not accept data-processing consent from anyone under the age of 18.

 

Authors of personal data processing

 

authors of processing

purpose of processing

Employees of the Data Controller or any third parties appointed by the Data Controller 

pre-contractual and contractual relationships; possible marketing activities

Employees of the Data Controller or any third parties appointed by the Data Controller

updating and maintenance of the management systems, software, websites

 

Transfer of personal data to other countries

The Data Controller can transfer personal data to recipients in countries outside the EU, as long as they ensure an adequate level of protection in accordance with the GDPR.

An interested party who decides to access external sites through the Data Controller's website (i.e. social networks) is subject to the guarantees and data processing methods of the operators of such sites.

 

Rights of the interested party

The interested party has the right to ask the Data Controller:

  1. for access to their personal data;
  2. to modify or delete personal data;
  3. to limit or terminate the processing;
  4. with the limitations indicated in art. 20 of the GDPR, the "portability of data" (i.e. to receive personal data in a structured format that is commonly used and readable by an automatic device; the right to transmit such data to another holder without hindrance by the Data Controller that provided them).

 

To exercise these rights, the interested party can send an e-mail to privacy@fedrigoni.com or a registered letter to: Fedrigoni S.p.A. Viale Piave, 3 - 371356 Verona - Italy.

The data controller will give the interested party information on the action taken with regard to a request without undue delay and, in any case, no later than one month after receipt of the request. This deadline can be extended by two months if necessary, taking into account the complexity and the number of requests. The Data Controller informs the interested party of this extension, and of the reasons for the delay, within one month of receiving the request.

The interested party can also lodge a complaint with a European Supervisory Authority (see the references of the European supervisory authorities in https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm).

 

References of the Italian Data Protection Authority:

Piazza di Monte Citorio, 121, 00186 Roma.

Tel. +39 06 69677 1; fax +39 06 69677 785.

e-mail: garante@garanteprivacy.it;

website: http://www.garanteprivacy.it