Privacy Manual
Documentation prepared in compliance with the provisions of GDPR 2016/679 “General Data Protection Regulation”
and Legislative Decree 196/2003 “Code on the Protection of Personal Data “
Filippi Srl
Via Enrico Fermi, 22
35030 Veggiano (PD)
Tel. +39.049.9001486 – Fax +39.049.9003144
eM.: info@filippi1965.it
SUBJECT: Pursuant to Art. 13 of Italian Legislative Decree 196/03 and articles 13 and 14 of GDPR UE 2016/679 on the protection of the processing of personal data.
In your capacity as “Controller”, “Data Processor” or “Data Subject””, i.e. person to whom the processed data refer, we wish to inform you of the essential elements of the processing performed.
Purposes of data processing.
The personal data are collected and processed for the following purposes:
- To perform all operations imposed by regulatory obligations and tax laws arising from the performance of the business activity and by anti-money laundering provisions;
- To establish and perform the contractual relationships in progress, as well as any pre- and post-sales support activities;
- To carry out transactions that are strictly connected to and in furtherance of the aforesaid relationships, including the acquisition of preliminary information upon conclusion of the Contract;
- To manage relations with customers with respect to administration, accounting, orders, shipping, invoicing, services activities and the management of any dispute;
- To supply services in general, concerning procedures for the management of equipment, goods and people, related to the artisanal production of leather and leather-like products;
- To survey customer satisfaction, develop statistics for internal use;
- In particular, to send advertising or direct marketing material, carry out market research or commercial communications both through automated contact methods (e-mail, other remote communication systems via communication networks, such as without limitation: SMS, mms, WhatsApp) and traditional methods (mail of printed media); such activities shall be performed by the Controllers in full compliance with art. 130 of Legislative Decree 196/03 and the measure issued by the Italian Data Protection Authority on 04/07/2013 “Guidelines on promotional activities and countering spam”);
and shall be processed based on principles of fairness, lawfulness, transparency and protection of your privacy and your rights.
The contractual, service provision, commercial and non-commercial litigation and promotional purposes exclusively refer to the processing of Customer personal data. Customer personal data shall be processed for as long as the contractual relationship is in place and thereafter to fulfil all legal obligations as well as for future business purposes.
Anti-money laundering and anti-terrorism.
The provision of data required by Anti-Money Laundering and Anti-Terrorism legislation is mandatory and failure to reply shall preclude the provision of the requested professional service and may involve reporting the transaction to the relevant supervisory authority. In this regard, please note that the processing of personal data in relation to anti-money laundering obligations shall take place having regard to the specific implementation procedures imposed on non-financial operators by the Regulation on the identification and retention of information envisaged by art. 3, paragraph 2 of Legislative Decree no. 56/2004 and implemented through Ministerial Decree no. 143/2006. Other information could also be taken from public sources to comply with the obligations under Legislative Decree no. 231/2007.
Processing methods.
The data processing for the purposes set out above takes place using either automated, on electronic or magnetic media, or non-automated means, on paper, in compliance with the confidentiality and security rules set forth in laws, ensuing regulations and internal provisions.
Place of processing.
The data are currently processed and archived at the registered office, Via G. Galilei, 51/B – 35035 Mestrino (PD). They are also processed, on behalf of the undersigned, by professionals and/or companies appointed to carry out technical, development, management and administrative – accounting activities.
Optional or mandatory provision of data
Some data are essential for establishing or performing the contractual relationship, while others can be defined as ancillary to these purposes. The provision of data to the undersigned is mandatory only for data for which there is a legal or contractual obligation.
Consequences is you fail to provide the data
In cases where the provision of data is required by a regulatory or contractual obligation and you refuse to provide the data, the Supplier will not be able to perform or continue to perform the Contract as such activity would involve the unlawful processing of data. In cases where there is no legal obligation to provide data, your refusal would not have the effect mentioned above but would still prevent the performance of ancillary operations.
Disclosure of data
Without prejudice to disclosure and dissemination carried out in compliance with legal obligations, your personal data may be disclosed in Italy and/or abroad to:
- Professionals and consultants, consulting companies, factoring companies, credit institutions, debt collection companies, credit insurance companies, commercial information companies, companies operating in the transport sector;
- Public and private bodies, including as a result of inspections or checks such as, for example: Tax Administration, Tax Police, Judicial Authorities, Italian Exchange Office, Labour Inspectorate, Local Health Authorities, Social Security Agencies, ENASARCO, Chamber of Commerce, etc.;
- Other Group companies residing in Italy or abroad (see the following specific point);
- Persons who can access your data pursuant to legal provisions;
Sensitive data, although processed in a completely anonymous form, shall not be disseminated and/or transferred in any way, except for the achievement of the purposes set out in this information document and subject to your specific written authorization.
Data retention period
The data provided shall be stored in our archives according to the following criteria:
- For administration, accounting, orders, management of the quotation process and of the production flow, support and maintenance, shipping, invoicing, services, management of any disputes: 10 years as required by law, specifically by art. 2220 of the Italian Civil Code, except in case of late payments of the fees that would justify an extension of this period;
- For the purposes referred to in paragraph 6 above, the retention period is up to the expiry of the contract and/or the supply of the goods/services.
- For marketing purposes: 24 months;
Rights of the data subject
With regard to their personal data, Customers can exercise the rights envisaged by articles 15 to 22 of GDPR 2016/679 and by art .7 of Legislative Decree 196/03 (a copy of which is attached hereto) within the limits and under the conditions set out in articles 8, 9 and 10 of the aforementioned legislative decree. If you give your consent in any form to the processing requested by FILIPPI SRL, please note that you can withdraw your consent at any time, without prejudice to the mandatory obligations provided for by the legislation in force at the time of withdrawal, by contacting the Data Controller at the addresses specified below.
Data controller and Data processor
The Data Controller to be contacted in order to assert your rights under Articles from 15 to 22 of GDPR 2016/679 and to the above-reported art. 7, is FILIPPI SRL, with registered office in Via G. Galilei, 51/B – 35035 Mestrino (PD). The data processor is Fiorenzo Filippi. You can also exercise the aforementioned rights by sending communications to the following e-mail address: info@filippi1965.it.
Mestrino, 21/01/2019
FILIPPI SRL
Cookie Policy
Cookies consist of portions of code installed in the browser that assist the Owner in providing the Service according to the purposes described. Some of the purposes of installation of cookies may also require the consent of the User. When the installation of Cookies is based on consent, this consent can be freely revoked at any time by following the instructions contained in this document.
Technical and statistical cookies aggregated
Activities strictly necessary for operation
This application uses cookies to save the User session and to perform other activities strictly necessary for the operation of this Application, for example in relation to the distribution of traffic.
Activities for saving preferences, optimization and statistics
This application uses cookies to save browsing preferences and optimize the user’s browsing experience. These cookies include, for example, those for setting the language and currency or for the management of statistics by the owner of the site.
Other types of cookies or third-party tools that may install
Some of the services listed below collect statistics in aggregate and anonymous form and may not require the consent of the User or could be managed directly by the Data Controller – depending on the description – without the help of third parties. If among the tools indicated below there were services managed by third parties, these could – in addition to what is specified and also without the knowledge of the owner – perform tracking activities of the User. For detailed information, it is advisable to consult the privacy policy of the services listed.
Statistics
The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.
Google Analytics with anonymized IP (Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualise and personalize the advertisements of its advertising network.
This integration of Google Analytics makes your IP address anonymous. Anonymisation works by shortening the IP address of the Users within the borders of the member states of the European Union or in other countries participating in the agreement on the European Economic Area. Only in exceptional cases, the IP address will be sent to Google’s servers and shortened within the United States. Personal Data collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy – Opt Out. Company adhering to the Privacy Shield.
How can I express consent to the installation of cookies?
In addition to what is indicated in this document, the User can manage preferences related to cookies directly within his browser and prevent – for example – that third parties can install. Through the preferences of the browser it is also possible to delete the cookies installed in the past, including the cookie in which the consent to the installation of cookies by this site is eventually saved. The User can find information on how to manage cookies with some of the most popular browsers, for example at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari e Microsoft Internet Explorer.
With reference to Cookies installed by third parties, the User can also manage his own settings and revoke the consent by visiting the relative opt out link (if available), using the tools described in the third party’s privacy policy or by contacting it directly. Without prejudice to the foregoing, the User may use the information provided by EDAA (UE), Network Advertising Initiative (USA) and Digital Advertising Alliance (USA), DAAC (Canada), DDAI(Japan) or other similar services. With these services you can manage tracking preferences of most advertising tools. The Owner, therefore, advises Users to use these resources in addition to the information provided by this document.
Since the installation of Cookies and other tracking systems operated by third parties through the services used within this Application can not be technically controlled by the Owner, any specific reference to Cookies and tracking systems installed by third parties is to be considered indicative. To obtain complete information, the User is invited to consult the privacy policy of any third party services listed in this document. Given the objective complexity of identification of the technologies based on Cookies, the User is invited to contact the Data Controller if he wishes to receive any further information regarding the use of the Cookies themselves through this Application.
Definitions and legal references
Personal Data (or Data)
It constitutes personal data any information that, directly or indirectly, also in connection with any other information, including a personal identification number, makes a physical person identified or identifiable.
Usage Data
This information is collected automatically through this Application (also from third party applications integrated into this Application), including: IP addresses or domain names of the computers used by the User that connects with this Application, addresses in URI notation ( Uniform Resource Identifier), the time of the request, the method used in forwarding the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (good order, error, etc.) the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of the pages consulted, to the parameters related to the operating system and to the IT environment you.
User
The individual who uses this application that, unless otherwise specified, coincides with the interested party.
Interested
The person to whom the Personal Data refers.
Data Processor (or Processor)
The natural person, legal person, public administration and any other entity that processes personal data on behalf of the Owner, as set out in this privacy policy.
Data Controller (or Controller)
The natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data and the tools adopted, including the security measures related to the operation and use of this application. The Data Controller, unless otherwise specified, is the owner of this Application.
This Application
The hardware or software tool through which the Personal Data of Users are collected and processed.
Service
The Service provided by this Application as defined in the relevant terms (if any) on this site / application.
European Union (or EU)
Unless otherwise specified, any reference to the European Union contained in this document shall be extended to all current member states of the European Union and the European Economic Area.
Cookie
Small portion of data stored in the User’s device.
Legal references
This privacy statement is drawn up on the basis of multiple legislative systems, including articles 13 and 14 of Regulation (EU) 2016/679.
Unless otherwise specified, this privacy statement only concerns this Application. Last modification: 21 January 2019Enrico