Privacy Policy

Pursuant to and for the purposes of art. 13 13, of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC – General Data Protection Regulation (“GDPR”)

Most recent update: 25/07/2023

 

COLLECTION OF PERSONAL DATA FROM THE DATA SUBJECT

We have the pleasure and duty to provide the following information about the processing of personal data, in accordance with the Privacy Code and Regulation (EU) 2016/679.

 

Definitions to understand this privacy policy

  • “Personal data”: any information concerning an identified or identifiable natural person («concerned»); the identifiable natural person shall be deemed to be the natural person who can be identified, directly or indirectly, with particular reference to an identifier such as the name, an identification number, location data, an online identifier or one or more characteristic elements of its physical, physiological, genetic, psychological, economic, cultural or social identity.
  • “Treatment”: any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction.
  • “Holder of the treatment”: means the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria applicable to his designation may be determined by Union or Member State law.
  • “Recipient” means any natural or legal person, public authority, service or other body which receives communication of personal data, whether or not it is a third party. However, public authorities which may receive communication of personal data in the context of a specific investigation in accordance with Union or Member State law shall not be considered as recipients; the processing of such data by those public authorities complies with the applicable data protection rules according to the purposes of the processing.
  • “Consent of the data subject” means any expression of free, specific, informed and unambiguous will of the data subject, by which the data subject expresses his or her consent, by means of an unequivocal declaration or positive action, that personal data concerning him or her are subject to processing.
  • “EU”: European Union.

 

Data controller and data processor

The Data Controller is the company LENTI & VILLASCO S.R.L. (P.IVA number 01914930068), with registered office in 15048 Valenza (AL), piazza Lanza, n. 2, e-mail: info@lentivillasco.com.

 

Place of processing

Registered office.

 

Legal basis of the processing

We will lawfully process personal data, where the processing:

  • is based on express consent;
  • is necessary for the performance of a contract;
  • is necessary to fulfill a legal obligation incumbent upon our society.

 

Type of personal data processed

The following personal data may be processed: name, surname, e–mail address, mobile phone, landline phone. The processing will not necessarily cover all the listed data, it may also cover a part of them. If we need to process additional data not indicated, we will ask for consent. Personal data of minors under 18 years will not be processed.

If the engraving or personalization of a Product involves the communication to the Holder of particular information (By way of example and not exhaustive, religious belief, political opinions) consent to the processing of personal data is also given for this type of personal data.

 

Mandatory nature of consent

The provision of personal data is necessary in order to fulfil legal and contractual obligations. Without consent or in case of incorrect and/or incomplete communication of personal data, we will not be able to respond to any requests or contractual fulfillment.

 

Purpose of the processing

Personal data may be processed:

  1. to respond to any requests;
  2. to perform a contract;
  3. to fulfil legal obligations;
  4. for accounting and/or administrative needs;
  5. for sending offers and commercial information;
  6. for the management of customer service.

If we need to process personal data for purposes not included in the above list, we will ask for consent for any and further processing purposes.

 

Methods of processing

The processing of personal data will be carried out either by means of paper or electronic/IT tools. The databases where personal data are stored meet the security requirements of the GDPR.

 

Recipients of personal data

Personal data may also be processed by subjects the Data Controller uses to be able to carry out its activities. The categories of recipients of personal data (all operating in EU countries) are as follows:

  1. employment advisers;
  2. accountants and auditors;
  3. lawyers;
  4. computer consultants;
  5. agencies for the development of e-commerce;
  6. contractors and sub-contractors;
  7. persons with whom the Holder has signed contracts for the development of his business;
  8. authorities competent for inspection or verification purposes;
  9. banks/credit institutions;
  10. insurers.

If we need to have personal data processed by persons not included in the above list, we will ask for consent. All the subjects of which we make use, have signed special letters of assignment, in compliance with the obligations of correctness, lawfulness and transparency imposed by the current legislation. In any case, personal data may be disclosed to third parties to comply with legal obligations, to comply with orders from public authorities or to exercise a right of the Data Controller in court or out-of-court.

If a recipient is not established in an EU country, We will verify the existence of the requirements required by current legislation for the transfer of data to a third country or an international organization or we will request the necessary documents for the transfer of data in accordance with Article 46 of the GDPR.

 

Retention period of personal data

Personal data will be kept for the period of time provided for by current legislation, in any case for the period necessary to carry out the activities indicated above (“Purpose of Processing“).

 

Right of access

You have the right to access personal data, namely the right to obtain confirmation on the processing of your personal data and, therefore, the right of access to them.

 

Right to rectification of personal data

You have the right to request the rectification of your personal data. Without consent or in the event of incorrect or incomplete communication of personal data, we may not be able to comply with legal obligations and we will not be able to respond to any requests and/or contractual obligations.

 

Right to erasure of personal data (“Right to be forgotten”)

You have the right to request the deletion of your personal data. Without consent, we may not be able to comply with legal obligations and we will not be able to comply with your requests and/or contractual obligations.

 

Right to restriction of processing of personal data

You have the right to request the restriction of the processing of certain personal data. In the event of incomplete communication of personal data, we may not be able to comply with legal obligations and/or comply with any requests and/or contractual obligations.

 

Opposition to the processing of personal data

You have the right to object to the processing of your personal data. Without your consent, we may not be able to comply with legal obligations and we will not be able to comply with your requests or contractual obligations.

 

Portability of personal data

You have the right to the portability of personal data, namely the right to receive your personal data in a structured, commonly used and readable format, as well as the right to transmit the data to another data controller.

 

Withdrawal of consent to the processing of personal data

You have the right to withdraw your consent to the processing of your personal data. The withdrawal of consent does not affect the lawfulness of the processing based on consent before the withdrawal. Without consent we may not be able to comply with legal obligations and we will not be able to comply with any requests and/or contractual obligations.

 

Right to lodge a complaint

You have the right to lodge a complaint with the Data Protection Authority (www.garanteprivacy.it) and/or with other Authorities that may be identified by the legislator.

 

Cookie Policy

Cookies are small text files that are stored on your device when you browse certain websites via your browser (e.g. Safari, Google Chrome).
With this information we ask your prior and informed consent to the installation of cookies used for purposes other than purely technical.
Read more on our Cookie Policy Page.