Privacy policy

This information is provided to natural persons who access and use this website of the company IACCHETTI S.R.L. pursuant to and for the purposes of Legislative Decree 196/2003 “Code regarding the protection of personal data” and subsequent amendments and of the articles 13 – 14 of EU Regulation 2016/679 “European regulation on the protection of personal data” to inform you of the essential elements of the treatments carried out. Data controller The data controller is the company IACCHETTI S.R.L. Via IV Novembre 11 Castelleone 26012 (CR) Italy in the person of the legal representative.

Managers and persons in charge of the treatment and Data Protection Officer (DPO)

The Data Protection Officer (DPO) is Mr. Mariano Mombelli, domiciled at IACCHETTI S.r.l. The updated list of data processors and persons in charge of data processing is kept at the headquarters of the Data Controller.

Data source and indication of the personal data being processed: The data processed by the data controller are acquired by the interested party filling in the appropriate fields on the website, or automatically by accessing and using the website by the user. The data acquired by the owner are the following: – name, surname, company name, telephone number, e-mail address; – information provided spontaneously by the interested party during navigation; – navigation data acquired from the IT systems and software procedures used to operate the Website (e.g. IP addresses, computer domain name…);

Purpose of the treatment

The collection and processing of personal data are carried out in order to:

  1. Verify the identity of the person requesting information, quotes, the delivery of products and the provision of services, as well as to provide the necessary assistance;
  2. Transmit information explicitly requested by the data subject;
  3. Fulfill orders or provide the services requested by the interested party or by a person appointed by him (service supply);
  4. Send marketing communications, promotions, advertising, market surveys relating to the products marketed or the services provided (marketing);
  5. Send marketing communications, promotions and advertising via e-mail regarding products and services similar to those requested by the interested party or by his representative (soft spam);
  6. Fulfill legal obligations (compliance);
  7. Protect the interests of the company IACCHETTI S.r.l., also legally both in and out of court;
  8. Prevent or detect any abuse in the use of the site or any fraudulent activity.

Legal basis and mandatory or optional nature of the processing The data processed for the purposes referred to in points 1, 2, 3, 7, 8, of the paragraph entitled “Purpose of processing” are essential for the establishment of the contractual relationship (including the pre-contractual) and/or for its execution. The data processed for the purposes referred to in points 4 and 6 do not derive from an obligation and their provision is optional and is based on the consent of the interested party. The extent and adequacy of the Data provided will be assessed from time to time, in order to determine the consequent decisions and avoid the processing of Data exceeding the purposes pursued.

Retention period The personal data collected and processed by the Data Controller will be stored in full compliance with current legislation as defined below:

– Provision of services: they will be kept for the time strictly necessary for the pursuit of said purposes and also for a longer period in order to to protect the interests of the company IACCHETTI S.r.l.;

– Marketing and profiling: will be kept until consent is revoked;

– Soft spam: they will be kept until the interested party objects to the treatment using the procedure indicated in each single soft spam email;

– Compliance: will be kept for the period defined by current legislation on the matter;

– Abuse or fraud: they will be kept for the time strictly necessary for this purpose and therefore until the company IACCHETTI S.r.l. will be required to keep them for legal protection and to communicate them to the competent authorities;

Place of data storage The data is currently processed and archived at the operational headquarters located in Via IV Novembre, 11, Castelleone. They are also processed on behalf of the writer by professionals and/or companies responsible for carrying out technical, managerial, development, administrative, accounting, tax, legal, etc. activities. The company also reserves the right to make use of servers, clouds and other IT tools for archiving and managing personal data owned or managed by third parties, ensuring that the service providers will be selected from among those who provide adequate guarantees, as required by the ‘art. 46 of EU Regulation 2016/679 “European regulation on the protection of personal data”.

Rights of the interested party At any time, the interested party may exercise, pursuant to Legislative Decree 196/2003 and articles 15 to 22 of EU Regulation 2016/679 [1], the right to:

  1. Access your data. The interested party may at any time request and obtain from the Data Controller information on the personal data processed (including the existence of an ongoing processing of personal data concerning him), he also has the right to access it according to the provisions of art. 15 of EU Regulation 2016/679, and extract a copy, provided that the rights and freedoms of others are not violated.
  1. Verify and rectify your data. The interested party has the right to verify the correctness of their data, to obtain the updating, correction and integration of inaccurate personal data concerning them, without unjustified delay, according to the provisions of art. 16 of EU Regulation 2016/679.
  1. Obtain cancellation (Right to be forgotten). If the conditions indicated in art. 17 of EU Regulation 2016/679 can request the cancellation of their data by the Data Controller.
  1. Obtain the limitation of the treatment. When the conditions referred to in art. 18 of EU Regulation 2016/679, the interested party may request the limitation of data processing. In this case, the Data Controller will not be able to process the data for any other purpose other than their conservation or for the “assessment, exercise or defense of a right in court or to protect the rights of another natural person or law or for reasons of significant public interest of the Union or of a Member State”.
  1. Get data portability. The interested party has the right to receive their data in a structured format, commonly used and readable by an automatic device and, where technically feasible, to request and obtain, without obstacles, their transfer to another Data Controller.
  1. Object to data processing. When the personal data have been processed for the purposes of “the execution of a task of public interest or connected to the exercise of public powers vested in the data controller” or “the processing is necessary for the pursuit of the legitimate interest of the data controller of the treatment or third parties provided that the interests or the fundamental rights and freedoms of the data subject who require the protection of personal data do not prevail, in particular if the data subject is a minor”, the Data Subject may object to the processing for related reasons to your particular situation. Furthermore, the interested party may at any time oppose the processing for direct marketing purposes, without it being necessary to indicate specific reasons.
  1. Propose a complaint. If the interested party believes that the processing of their personal data is carried out in violation of EU Regulation 2016/679 “he has the right to lodge a complaint with a supervisory authority, especially in the Member State in which he habitually resides, works or of the place where the alleged violation has occurred.
  1. Object to automated decision making. The interested party can oppose the fully automated processing of his personal data, including profiling, unless this form of processing is necessary for the purpose of concluding and/or executing the contract, is required by current legislation or is conducted following the explicit consent of the interested party, who can revoke it at any time.
  1. Withdraw consent at any time. The interested party can revoke the consent to data processing at any time. However, the withdrawal of consent does NOT affect the lawfulness of the processing based on the consent given before the withdrawal;

The interested party exercises his rights by writing to the Data Controller at the above address or by certified e-mail or by mail to the address info@iacchettilab.com, specifying the subject of his request, the right he intends to exercise and attaching a photocopy of the identity document certifying the legitimacy of the request.

Data transfer For all the purposes indicated in this disclosure, the personal data of a common nature of the interested party may be communicated to all companies belonging to the IACCHETTI S.r.l. group, subsidiaries, connected companies, etc. also located abroad, inside and outside the European Union, in compliance with the rights and guarantees established by current legislation, subject to verification that the country in question guarantees an “adequate” level of protection.

Automated decision-making processes The Data Controller does not carry out processing consisting of automated decision-making processes on the data of natural persons.

Changes This Information is effective from 20/05/2018. The company IACCHETTI S.r.l. reserves the right to modify or simply update its content, in part or completely, also due to changes in the applicable legislation. IACCHETTI S.r.l. will inform you of these changes as soon as they are introduced and they will be binding as soon as they are published on the Site. IACCHETTI S.r.l. therefore invites you to regularly visit this section to read the most recent and updated version of the Information in order to always be updated on the Personal Data collected and on the use made of it.

The Data Controller

IACCHETTI S.r.l.

For more detailed knowledge of the rights of the interested party, please consult Legislative Decree 196/2003 “Code regarding the protection of personal data” and subsequent amendments. the EU Regulation 2016/679 “European regulation on the protection of personal data”.