Privacy Policy

PRIVACY POLICY FOR USERS OF THE WEBSITE WWW.VICENZI.IT

Vicenzi S.p.A. (hereinafter “Vicenzi” or the “Data Controller”), as Data Controller of personal data, informs you, pursuant to art. 13 of EU Regulation 2016/679 (hereinafter “GDPR”), that access to this website and/or registration to the various sections of it and/or any requests for information or services require the provision of personal data which will be processed in full compliance with the GDPR and the principles of correctness, lawfulness and transparency and confidentiality of the interested parties.

The information is effective exclusively for this site and does not extend to other websites that may be consulted by the user via external links.

This privacy and cookie policy can be modified by the Data Controller if necessary. We recommend that you review this privacy and cookie policy from time to time to check for any changes.

THE DATA CONTROLLER OF PERSONAL DATA

The data controller is VICENZI S.p.A., based in Via Forte Garofolo 1, 37057 San Giovanni Lupatoto (VR), (hereinafter “Vicenzi” or the “Data Controller”), tel. +39 045 8262800.

THE DATA PROTECTION OFFICER

Vicenzi S.p.A., pursuant to art. 37 of the GDPR, has designated the Data Protection Officer (or Data Protection Officer – DPO), who can be contacted at the following email address: dpo@vicenzi.it.

CATEGORIES OF PERSONAL DATA SUBJECT TO PROCESSING

In addition to the Personal Data provided directly by users through requests sent via the forms (such as name, surname, contact details such as email or telephone numbers etc…), when connecting to the Site, the IT systems and software procedures responsible for operation of the Site itself automatically and indirectly administer and/or acquire some information that could constitute Personal Data, the transmission of which is implicit in the use of Internet communication protocols (such as, by way of example but not limited to, the so-called “cookies” ( as better specified below), “IP” addresses, domain names of the computers used by users who connect to the Site, the addresses in “Url” notation of the requested resources, the time of the request to the server, navigation on the Site.

PURPOSE AND LEGAL BASIS OF THE PROCESSING

According to the needs expressed from time to time by the user who accesses the various sections of the Site (and without prejudice to particular rules and information for individual operations which involve the provision of specific Personal Data, published from time to time), the purposes are indicated below of the processing of Personal Data, i.e. those provided directly by users by completing online forms or direct access, via links, to the email address relating to the requested service, or those acquired automatically through navigation:

1. respond to user requests received through the forms on the website.
2. fulfill requests for offers/information regarding the supply of products marketed by Vicenzi S.p.A.
3. subject to the user’s consent and until its revocation, carry out marketing activities such as, by way of example but not limited to: market research, sending informative and promotional material, sending free product samples, marketing and advertising regarding the products and services of the undersigned company, also using the email address provided to us (subscription to the newsletter).
4. need to ascertain, exercise or defend a right in court.
5. management and execution of the obligations required by law (accounting, administrative, fiscal nature, etc.).

The legal basis is represented: for the purposes referred to in n. 1 and 2: execution of pre-contractual measures (art. 6 letter b) GDPR); for the purposes referred to in n. 3: consent of the interested party (art. 6 letter a) GDPR); for the purposes referred to in n. 4: legitimate interest of the Data Controller (art. 6 letter f) GDPR) and for the purposes referred to in n. 5: legal obligation of the Data Controller (art. 6 letter c) GDPR).

NATURE OF THE PROVISION OF PERSONAL DATA

With the exception of navigation data whose processing is necessary (e.g. technical cookies), the provision of data through the forms on the site or collected through profiling cookies is optional; however, failure to provide it will not allow the request to be processed and/or the subscription to the newsletter and/or the use of the services on the website that require registration.

METHODS OF PROCESSING OF PERSONAL DATA

The Personal Data will be processed in a predominantly automated but also paper form, with logic strictly related to the purposes, through databases and electronic platforms managed by the Data Controller through its own appointed internal staff authorized to process or by third parties appointed as Data Processors. The Data Controller has adopted suitable technical and organizational security measures to protect users against the risk of loss of confidentiality, availability or accessibility, abuse or alteration of Personal Data. It uses secure data transmission protocols known as HTTPS. Furthermore, it stores user data on servers located in European territory. The Servers are subject to an advanced, daily back up and disaster recovery system.

DURATION OF PROCESSING OF PERSONAL DATA

The data communicated are kept for a period of time not exceeding that necessary to achieve the purposes for which they are collected, or for a longer period, in the case of contractual, regulatory obligations or for the legitimate interest of the Data Controller. The data communicated for subscription to the newsletter are kept for a maximum of 24 months from the last interaction.

PLACE OF PROCESSING OF PERSONAL DATA

Personal Data is processed mainly at the headquarters of the Data Controller and/or in the places where the Managers are located.

CATEGORIES OF RECIPIENTS OF PERSONAL DATA

The Personal Data may be processed by employees or collaborators of the Data Controller who, operating under the direct authority of the latter, process the data as authorized for processing or system administrators and who will receive adequate operational instructions in this regard from the Data Controller pursuant to art.  29 GDPR, as well as by third parties, by way of example but not limited to the subjects who are entrusted with assistance, communication, promotions and sales of products and/or services, IT service providers, managers and/or developers of websites or applications contained therein, managers of electronic platforms, partners, who carry out outsourced activities on behalf of Vicenzi S.p.A. and who operate as Data Processors appointed by the Data Controller pursuant to art. 28 GDPR.

TRANSFER OUTSIDE THE EU OF USERS’ PERSONAL DATA

The data will not be transferred to third countries outside the EU and, if they are transferred, the conditions and guarantees provided for by the articles will be respected. 44 and following of the GDPR.

MINORS

The site contains almost no information aimed directly at minors. Minors must not provide personal information or data. Participation in any competitions present on the website is intended exclusively for adults.

USE OF COOKIES

The complete information on cookies is available from the Cookie Policy link on the website.

SOCIAL NETWORK PLUGINS

This site also incorporates plugins and/or buttons in order to allow the sharing of content on the social networks used by the visitor. When you visit a page of our website that contains a plugin, your browser connects directly to the servers of the social network from where the plugin is loaded, which server can track your visit to our website and possibly also associate it to your social account, in particular if you are logged in at the time of your visit or if you have recently browsed one of the websites containing social plugins. If you do not want the social network to record data relating to your visit to our website, you must log out of your social account, and we also recommend deleting the cookies that the social network has installed in your browser (see also the instructions contained in our cookie policy).

The collection and use of information by these third parties are governed by their respective privacy policies to which please refer.

USERS’ RIGHTS

Users can exercise the rights referred to in the articles. 16-21 GDPR (right of rectification, right to be forgotten, right to limitation of processing, right to data portability, right to object). Specifically:

• The right of access: to obtain confirmation or not of personal data concerning him and to obtain access to such data and specific information (e.g. purpose of the processing, categories of data in question, recipients to whom the data will be communicated);
• The right to rectification: to obtain the rectification of inaccurate data concerning him without unjustified delay. In this case, the data controller is obliged to communicate the rectification to all recipients to whom the data have been transmitted, unless this involves a disproportionate effort;
• The right to cancellation: to obtain the cancellation of data concerning him without unjustified delay and the data controller has the obligation to cancel them without unjustified delay if certain reasons exist (e.g. the personal data are no longer necessary in relation to the purposes for which they were collected; if the interested party withdraws consent; if they must be deleted for a legal obligation). In this case, the data controller is obliged to communicate the cancellation to all recipients to whom the data have been transmitted, unless this involves a disproportionate effort;
• The right to limit processing: the data controller may be given a restriction on the processing of data, for example to storage only with the exclusion of any other use, in certain cases (e.g. if the processing is unlawful and the interested party opposes the deletion of the data; if the interested party disputes the accuracy, within the limits of the accuracy verification period…). In this case, the data controller is obliged to communicate the limitation of processing to all recipients to whom the data have been transmitted, unless this involves a disproportionate effort;
• The right to data portability: to obtain the return of personal data provided and transmit them to others or to request transmission from one owner to another, if technically feasible;
• The right to object: to object at any time to processing for purposes of public interest or legitimate interest; for marketing purposes; for scientific, historical or statistical research purposes.

RIGHT TO COMPLAIN

If the interested party believes that the processing of personal data is in violation of the provisions of the Regulation, he or she has the right to lodge a complaint with the Guarantor for the Protection of Personal Data (www.garante, as provided for by art. 77 of the Regulation itself or act in the appropriate judicial offices (art. 79 of the Regulation).

The Data Controller

Vicenzi S.p.A.