Documentation prepared in compliance with the provisions of GDPR 2016/679 “General Data Protection Regulation”
and Legislative Decree 196/2003 “Code on the Protection of Personal Data “
Via G. Galilei, 51/B
35035 Mestrino (PD)
Tel. +39.049.9001486 – Fax +39.049.9003144
SUBJECT: Pursuant to Art. 13 of Italian Legislative Decree 196/03 and articles 13 and 14 of GDPR UE 2016/679 on the protection of the processing of personal data.
In your capacity as “Controller”, “Data Processor” or “Data Subject””, i.e. person to whom the processed data refer, we wish to inform you of the essential elements of the processing performed.
Purposes of data processing.
The personal data are collected and processed for the following purposes:
- To perform all operations imposed by regulatory obligations and tax laws arising from the performance of the business activity and by anti-money laundering provisions;
- To establish and perform the contractual relationships in progress, as well as any pre- and post-sales support activities;
- To carry out transactions that are strictly connected to and in furtherance of the aforesaid relationships, including the acquisition of preliminary information upon conclusion of the Contract;
- To manage relations with customers with respect to administration, accounting, orders, shipping, invoicing, services activities and the management of any dispute;
- To supply services in general, concerning procedures for the management of equipment, goods and people, related to the artisanal production of leather and leather-like products;
- To survey customer satisfaction, develop statistics for internal use;
- In particular, to send advertising or direct marketing material, carry out market research or commercial communications both through automated contact methods (e-mail, other remote communication systems via communication networks, such as without limitation: SMS, mms, WhatsApp) and traditional methods (mail of printed media); such activities shall be performed by the Controllers in full compliance with art. 130 of Legislative Decree 196/03 and the measure issued by the Italian Data Protection Authority on 04/07/2013 “Guidelines on promotional activities and countering spam”);
and shall be processed based on principles of fairness, lawfulness, transparency and protection of your privacy and your rights.
The contractual, service provision, commercial and non-commercial litigation and promotional purposes exclusively refer to the processing of Customer personal data. Customer personal data shall be processed for as long as the contractual relationship is in place and thereafter to fulfil all legal obligations as well as for future business purposes.
Anti-money laundering and anti-terrorism.
The provision of data required by Anti-Money Laundering and Anti-Terrorism legislation is mandatory and failure to reply shall preclude the provision of the requested professional service and may involve reporting the transaction to the relevant supervisory authority. In this regard, please note that the processing of personal data in relation to anti-money laundering obligations shall take place having regard to the specific implementation procedures imposed on non-financial operators by the Regulation on the identification and retention of information envisaged by art. 3, paragraph 2 of Legislative Decree no. 56/2004 and implemented through Ministerial Decree no. 143/2006. Other information could also be taken from public sources to comply with the obligations under Legislative Decree no. 231/2007.
The data processing for the purposes set out above takes place using either automated, on electronic or magnetic media, or non-automated means, on paper, in compliance with the confidentiality and security rules set forth in laws, ensuing regulations and internal provisions.
Place of processing.
The data are currently processed and archived at the registered office, Via G. Galilei, 51/B – 35035 Mestrino (PD). They are also processed, on behalf of the undersigned, by professionals and/or companies appointed to carry out technical, development, management and administrative – accounting activities.
Optional or mandatory provision of data
Some data are essential for establishing or performing the contractual relationship, while others can be defined as ancillary to these purposes. The provision of data to the undersigned is mandatory only for data for which there is a legal or contractual obligation.
Consequences is you fail to provide the data
In cases where the provision of data is required by a regulatory or contractual obligation and you refuse to provide the data, the Supplier will not be able to perform or continue to perform the Contract as such activity would involve the unlawful processing of data. In cases where there is no legal obligation to provide data, your refusal would not have the effect mentioned above but would still prevent the performance of ancillary operations.
Disclosure of data
Without prejudice to disclosure and dissemination carried out in compliance with legal obligations, your personal data may be disclosed in Italy and/or abroad to:
- Professionals and consultants, consulting companies, factoring companies, credit institutions, debt collection companies, credit insurance companies, commercial information companies, companies operating in the transport sector;
- Public and private bodies, including as a result of inspections or checks such as, for example: Tax Administration, Tax Police, Judicial Authorities, Italian Exchange Office, Labour Inspectorate, Local Health Authorities, Social Security Agencies, ENASARCO, Chamber of Commerce, etc.;
- Other Group companies residing in Italy or abroad (see the following specific point);
- Persons who can access your data pursuant to legal provisions;
Sensitive data, although processed in a completely anonymous form, shall not be disseminated and/or transferred in any way, except for the achievement of the purposes set out in this information document and subject to your specific written authorization.
Data retention period
The data provided shall be stored in our archives according to the following criteria:
- For administration, accounting, orders, management of the quotation process and of the production flow, support and maintenance, shipping, invoicing, services, management of any disputes: 10 years as required by law, specifically by art. 2220 of the Italian Civil Code, except in case of late payments of the fees that would justify an extension of this period;
- For the purposes referred to in paragraph 6 above, the retention period is up to the expiry of the contract and/or the supply of the goods/services.
- For marketing purposes: 24 months;
Rights of the data subject
With regard to their personal data, Customers can exercise the rights envisaged by articles 15 to 22 of GDPR 2016/679 and by art .7 of Legislative Decree 196/03 (a copy of which is attached hereto) within the limits and under the conditions set out in articles 8, 9 and 10 of the aforementioned legislative decree. If you give your consent in any form to the processing requested by FILIPPI SRL, please note that you can withdraw your consent at any time, without prejudice to the mandatory obligations provided for by the legislation in force at the time of withdrawal, by contacting the Data Controller at the addresses specified below.
Data controller and Data processor
The Data Controller to be contacted in order to assert your rights under Articles from 15 to 22 of GDPR 2016/679 and to the above-reported art. 7, is FILIPPI SRL, with registered office in Via G. Galilei, 51/B – 35035 Mestrino (PD). The data processor is Fiorenzo Filippi. You can also exercise the aforementioned rights by sending communications to the following e-mail address: email@example.com.
Cookies consist of portions of code installed in the browser that assist the Owner in providing the Service according to the purposes described. Some of the purposes of installation of cookies may also require the consent of the User. When the installation of Cookies is based on consent, this consent can be freely revoked at any time by following the instructions contained in this document.
Technical and statistical cookies aggregated
Activities strictly necessary for operation
Activities for saving preferences, optimization and statistics
Other types of cookies or third-party tools that may install
The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.
Google Analytics with anonymized IP (Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualise and personalize the advertisements of its advertising network.
How can I express consent to the installation of cookies?
In addition to what is indicated in this document, the User can manage preferences related to cookies directly within his browser and prevent – for example – that third parties can install. Through the preferences of the browser it is also possible to delete the cookies installed in the past, including the cookie in which the consent to the installation of cookies by this site is eventually saved. The User can find information on how to manage cookies with some of the most popular browsers, for example at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari e Microsoft Internet Explorer.
Definitions and legal references
Personal Data (or Data)
It constitutes personal data any information that, directly or indirectly, also in connection with any other information, including a personal identification number, makes a physical person identified or identifiable.
This information is collected automatically through this Application (also from third party applications integrated into this Application), including: IP addresses or domain names of the computers used by the User that connects with this Application, addresses in URI notation ( Uniform Resource Identifier), the time of the request, the method used in forwarding the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (good order, error, etc.) the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of the pages consulted, to the parameters related to the operating system and to the IT environment you.
The individual who uses this application that, unless otherwise specified, coincides with the interested party.
The person to whom the Personal Data refers.
Data Processor (or Processor)
Data Controller (or Controller)
The natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data and the tools adopted, including the security measures related to the operation and use of this application. The Data Controller, unless otherwise specified, is the owner of this Application.
The hardware or software tool through which the Personal Data of Users are collected and processed.
The Service provided by this Application as defined in the relevant terms (if any) on this site / application.
European Union (or EU)
Unless otherwise specified, any reference to the European Union contained in this document shall be extended to all current member states of the European Union and the European Economic Area.
Small portion of data stored in the User’s device.
This privacy statement is drawn up on the basis of multiple legislative systems, including articles 13 and 14 of Regulation (EU) 2016/679.
Unless otherwise specified, this privacy statement only concerns this Application. Last modification: 21 January 2019