Privacy Policy

PRIVACY POLICY

Pursuant to and for the purposes of art. 13 13, of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC – General Data Protection Regulation (“GDPR”)

COLLECTION OF PERSONAL DATA FROM THE DATA SUBJECT

With this document we provide specific information on the processing of personal data, as required by current legislation.

Definitionsto understand this privacy policy

“Personal data”: any information concerning an identified or identifiable natural person («concerned»); the identifiable natural person shall be deemed to be the natural person who can be identified, directly or indirectly, with particular reference to an identifier such as the name, an identification number, location data, an online identifier or one or more characteristic elements of its physical, physiological, genetic, psychological, economic, cultural or social identity.
“Treatment”: any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, registration, organisation, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction.
“Holder of the treatment”: means the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria applicable to his designation may be determined by Union or Member State law.
“Recipient” means any natural or legal person, public authority, service or other body which receives communication of personal data, whether or not it is a third party. However, public authorities which may receive communication of personal data in the context of a specific investigation in accordance with Union or Member State law shall not be considered as recipients; the processing of such data by those public authorities complies with the applicable data protection rules according to the purposes of the processing.
“Consent of the data subject” means any expression of free, specific, informed and unambiguous will of the data subject, by which the data subject expresses his or her consent, by means of an unequivocal declaration or positive action, that personal data concerning him or her are subject to processing.
“EU”: European Union.

Data controller

The Data Controller is the company LENTI & VILLASCO S.R.L. (P.IVA number 01914930068), with registered office in 15048 Valenza (AL), piazza Lanza, n. 2, e-mail: info@lentivillasco.com.

Place of processing

Registered office.

Legal basis of the processing

We will lawfully process personal data, where the processing:

is based on express consent;
is necessary for the performance of a contract;
is necessary to fulfil a legal obligation incumbent upon our society.

Typeof personal data processed

The following personal data may be processed: name, surname, e–mailaddress,mobile phone, landline phone. The processing will not necessarily cover all the listed data, it may also cover a part of them. If we need to process additional data not indicated, we will ask for consent. Personal data of minors under 18 years will not be processed.

If the engraving or personalization of a Product involves the communication to the Holder of particular information (By way of example and not exhaustive, religious belief, political opinions) consent to the processing of personal data is also given for this type of personal data.

Mandatory nature of consent

The provision of personal data is necessary in order to fulfil legal and contractual obligations. Without consent or in case of incorrect and/or incomplete communication of personal data, we will not be able to respond to any requests or contractual fulfillment.

Purpose of the processing

Personal data may be processed:

to respond to any requests;
to perform a contract;
to fulfil legal obligations;
for accounting and/or administrative needs;
for sending offers and commercial information;
for the management of customer service.

If we need to process personal data for purposes not included in the above list, we will ask for consent for any and further processing purposes.

Methods of processing

The processing of personal data will be carried out either by means of paper or electronic/IT tools. The databases where personal data are stored meet the security requirements of the GDPR.

Recipients of personal data

Personal data may also be processed by subjects the Data Controller uses to be able to carry out its activities. The categories of recipients of personal data (all operating in EU countries) are as follows:

employment advisers;
accountants and auditors;
lawyers;
computer consultants;
agencies for the development of e-commerce;
contractors and sub-contractors;
persons with whom the Holder has signed contracts for the development of his business;
authorities competent for inspection or verification purposes;
banks/credit institutions;
insurers.

If we need to have personal data processed by persons not included in the above list, we will ask for consent. All the subjects of which we make use, have signed special letters of assignment, in compliance with the obligations of correctness, lawfulness and transparency imposed by the current legislation. In any case, personal data may be disclosed to third parties to comply with legal obligations, to comply with orders from public authorities or to exercise a right of the Data Controller in court or out-of-court.

If a recipient is not established in an EU country, We will verify the existence of the requirements required by current legislation for the transfer of data to a third country or an international organisation or we will request the necessary documents for the transfer of data in accordance with Article 46 of the GDPR.

Retention period of personal data

Personal data will be kept for the period of time provided for by current legislation, in any case for the period necessary to carry out the activities indicated above (“Purpose of Processing“).

Right of access

You have the right to access personal data, namely the right to obtain confirmation on the processing of your personal data and, therefore, the right of access to them.

Right to rectificationof personal data

You have the right to request the rectification of your personal data. Without consent or in the event of incorrect or incomplete communication of personal data, we may not be able to comply with legal obligations and we will not be able to respond to any requests and/or contractual obligations.

Right to erasure of personal data (“Right to be forgotten”)

You have the right to request the deletion of your personal data. Without consent, we may not be able to comply with legal obligations and we will not be able to comply with your requests and/or contractual obligations.

Right to restriction of processingof personal data

You have the right to request the restriction of the processing of certain personal data. In the event of incomplete communication of personal data, we may not be able to comply with legal obligations and/or comply with any requests and/or contractual obligations.

Oppositionto the processing of personal data

You have the right to object to the processing of your personal data. Without your consent, we may not be able to comply with legal obligations and we will not be able to comply with your requests or contractual obligations.

Portabilityof personal data

You have the right to the portability of personal data, namely the right to receive your personal data in a structured, commonly used and readable format, as well as the right to transmit the data to another data controller.

Withdrawal of consent to the processing of personal data

You have the right to withdraw your consent to the processing of your personal data. The withdrawal of consent does not affect the lawfulness of the processing based on consent before the withdrawal. Without consent we may not be able to comply with legal obligations and we will not be able to comply with any requests and/or contractual obligations.

Right to lodge a complaint

You have the right to lodge a complaint with the Data Protection Authority (www.garanteprivacy.it) and/or with other Authorities that may be identified by the legislator.

***

Cookie	Duration	Description
__cfruid	End of session	This cookie is set by HubSpot’s CDN provider because of their rate limiting policies.
__hs_cookie_cat_pref	13 months	This cookie is used to record the categories a visitor consented to. It contains data on the consented categories.
__hs_do_not_track	13 months	This cookie can be set to prevent the tracking code from sending any information to HubSpot. It contains the string "yes".
__hs_initial_opt_in	7 days	This cookie is used to prevent the banner from always displaying when visitors are browsing in strict mode. It contains the string "yes" or "no".
__hs_opt_out	13 months	This cookie is used by the opt-in privacy policy to remember not to ask the visitor to accept cookies again. This cookie is set when you give visitors the choice to opt-out of cookies. It contains the string "yes" or "no".
__hsmem	1 year	This cookie is set when visitors log in to a HubSpot-hosted site. It contains encrypted data that identifies the membership user when they are currently logged in.
_ga	2 years	Used to distinguish users.
_ga_	2 years	Used to persist session state.
_gid	1 day	Used to distinguish users.
_key	14 days	When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login again. The cookie name is unique for each password-protected page. It contains an encrypted version of the password so future visits to the page will not require the password again.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Others".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
hs_ab_test	End of session	This cookie is used to consistently serve visitors the same version of an A/B test page they’ve seen before. It contains the id of the A/B test page and the id of the variation that was chosen for the visitor.
hs_langswitcher_choice	2 years	This cookie is used to save the visitor’s selected language choice when viewing pages in multiple languages. It gets set when an end user selects a language from the language switcher and is used as a language preference to redirect them to sites in their chosen language in the future, if they are available. It contains a colon delimited string with the ISO639 language code choice on the left and the top level private domain it applies to on the right. An example will be "EN-US:hubspot.com".
hs-membership-csrf	End of session	This cookie is used to ensure that content membership logins cannot be forged. It contains a random string of letters and numbers used to verify that a membership login is authentic.
hs-messages-hide-welcome-message	1 day	This cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed. It contains a boolean value of True or False.
hs-messages-is-open	30 minutes	This cookie is used to determine and save whether the chat widget is open for future visits. It is set in your visitor's browser when they start a new chat, and resets to re-close the widget after 30 minutes of inactivity. If your visitor manually closes the chat widget, it will prevent the widget from re-opening on subsequent page loads in that browser session for 30 minutes. It contains a boolean value of True if present.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__hssc	30 minutes	This cookie keeps track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
__hssrc	End of session	Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session. It contains the value "1" when present.
__hstc	13 months	The main cookie for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
hubspotutk	13 months	This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts It contains an opaque GUID to represent the current visitor.