The purpose of this document is to inform the natural person (hereafter “DataSubject“) about the processing of his/her personal data (hereafter “Personal Data“) collected by the data controller, FERRONI SRL , with registered office in Via Prato Bovino, 50, CF/Partita IVA 01758700346, REA 176440PR, e-mail address ferroni@ferroni-srl.com, (hereafter “Data Controller“), through the website www.ferroni.srl (hereafter “Application“).
Changes and updates will be binding as soon as they are posted on the Application. In case of non-acceptance of the changes made to the Privacy Policy, the Data Subject must cease using this Application and may request the Data Controller to delete his/her Personal Data.
- Categories of Personal Data processedThe Data Controller processes the following types of Personal Data voluntarily provided by the Data Subject:
- Contact data: first name, last name, address, e-mail, telephone, pictures, authentication credentials, any additional information submitted by the Data Subject, etc.
- Tax and payment information: tax code, VAT number, credit card information, bank account details, etc.
- Technical Data: Personal Data produced by the devices, applications, tools and protocols used, such as, for example, information about the device being used, IP addresses, browser type, Internet Service Provider (ISP) type. Such Personal Data can leave traces that, particularly when combined with unique identifiers and other information received by servers, can be used to create profiles of individuals
- Application navigation and usage data: such as, for example, pages visited, number of clicks, actions taken, duration of sessions, etc.
- Data related to the exact location of the Data Subject: e.g., geolocation data that precisely identifies the location of the Data Subject that may be collected through the satellite network (e.g., GPS) and other means, collected with the consent of the Data Subject. The Data Subject may revoke consent at any time.
- Cookies and Similar TechnologiesThe Application uses cookies, web beacons, unique identifiers and other similar technologies to collect Personal Data about the Data Subject’s pages, links visited and other actions performed when the Data Subject uses the Application. They are stored and then transmitted to the next visit of the Data Subject. You can view the full Cookie Policy at the following address: ____________________
- Legal basis and purpose of processingPersonal Data processing is necessary:
- For the execution of the contract with the Interested Party, namely:
- fulfillment of any obligation arising from the pre-contractual or contractual relationship with the Interested Party
- registration and authentication of the Interested Party: to allow the Interested Party to register on the Application, log in and be identified also through external platforms
- support and contact with the Interested Party: to respond to requests from the Interested Party
- Payment management: to manage payments by credit card, bank transfer or other means
- By legal obligation and specifically:
- The fulfillment of any obligations required by current rules, laws and regulations, in particular, in tax and fiscal matters
- Based on the legitimate interest of the Owner, to:
- Email marketing purposes of Holder’s products and/or services to directly sell Holder’s products or services using the email provided by the Data Subject in the context of the sale of a product or service similar to the one being sold
- management, optimization, and monitoring of the technical infrastructure: to identify and solve any technical problems, to improve the performance of the Application, to manage and organize information in a computer system (e.g., servers, databases, etc.)
- Security and anti-fraud: to ensure the security of the Holder’s assets, infrastructure and networks
- statistics with anonymous data: to perform statistical analysis on aggregated and anonymous data to analyze the behavior of the Data Subject, to improve the products and/or services provided by the Controller and better meet the expectations of the Data Subject
- Based on the consent of the Data Subject, to:
- profiling of the Data Subject for marketing purposes: to provide the Data Subject with information about the Controller’s products and/or services through automated processing designed to collect personal information for the purpose of predicting or evaluating the Data Subject’s preferences or behavior
- retargeting and remarketing: to reach with a personalized advertisement the Data Subject who has already visited or shown interest in the products and/or services offered by the Application using his/her Personal Data. The Interested Party can opt-out by visiting the Network Advertising Initiative page.
- Marketing purposes of products and/or services of the Owner: to send commercial and/or promotional information or materials, to carry out direct sales activities of products and/or services of the Owner or to carry out market research by automated and traditional means
- Detection of the exact location of the Interested Party: to detect the presence of the Interested Party, to control the accesses, times and presence of the Interested Party at a certain place, etc.
- For the execution of the contract with the Interested Party, namely:
- Methods of processing and recipients of Personal DataPersonal Data is processed using paper and computer tools with organizational methods and logic strictly related to the stated purposes and by adopting appropriate security measures.Personal Data is processed exclusively by:
- persons authorized by the Data Controller to process Personal Data who have committed to confidentiality or have an appropriate legal duty of confidentiality;
- entities operating independently as separate data controllers or by entities designated as data processors by the Data Controller in order to carry out all processing activities necessary to pursue the purposes set forth in this policy (e.g., business partners, consultants, IT companies, service providers, hosting providers);
- Subjects or entities to which it is mandatory to communicate Personal Data by legal obligation or by order of the authorities.
- PlacePersonal Data will not be subject to any transfer outside the territory of the European Economic Area (EEA).
- Personal Data Retention PeriodPersonal Data will be retained for as long as necessary to fulfill the purposes for which it was collected, specifically:
- for purposes related to the performance of the contract between the Data Controller and the Data Subject, will be retained for the duration of the contractual relationship and, after termination, for the ordinary limitation period of 10 years. Nel caso di contenzioso giudiziale, per tutta la durata dello stesso, fino all’esaurimento dei termini di esperibilità delle azioni di impugnazione
- for purposes related to the legitimate interest of the Owner, will be retained until the fulfillment of that interest
- for the fulfillment of a legal obligation, by order of an authority and for protection in court, will be retained in accordance with the timeframes stipulated by said obligations, regulations and in any case until the completion of the prescriptive period stipulated by the regulations in force
- for purposes based on the consent of the Data Subject, will be retained until the consent is revoked
- Rights of the Data SubjectThe Data Subjects may exercise certain rights with respect to the Personal Data processed by the Data Controller. In particular, the Interested Party has the right to:
- Be informed about the processing of their Personal Data
- withdraw consent at any time
- limit the processing of your Personal Data
- object to the processing of their Personal Data
- access their Personal Data
- verify and request rectification of their Personal Data
- obtain the restriction of the processing of their Personal Data
- obtain the deletion of their Personal Data
- transfer their Personal Data to another controller
- Propose complaints to the supervisory authority for the protection of their Personal Data and/or take legal action.
Last updated: 23/05/2024