Privacy Policy pursuant to the General Data Protection Regulation (EU Regulation 2016/679)

Data Controller

Pentaferte Italia S.r.l., with legal address in Piane Nocella 23, 64012 Campli (TE), Tel. +39.0861.560201, email info@pentaferte.com hereinafter “data controller” , as the party responsible for the data processing activities hereby informs you of the following as regards the processing of your personal data pursuant to art. 13 of EU Regulation 2016/679.

Types of Data collected and mandatory or voluntary nature of the provision

The website https://www.pentaferte.com/ collects your personal data. The personal data collected by this website, autonomously or through third parties are: name, surname, date of birth, residence address, telephone, e-mail, cookie, usage data and IP address.

Your personal data are supplied by you on a voluntary basis. However, for purpose a) described below, your refusal to supply your personal data may result in the impossibility of providing the services that you require. Unless otherwise stated, all the data requested by this website are necessary for the provision of the services. In those cases when this website may indicate the supply of certain data as optional, you may abstain from supplying such data without any consequences on the availability of the service or its functionality.

Navigation data

The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used in the submit the request to the server, the size of the file obtained in response, the number code indicating the status of the response given by the server (success, error, etc..) and other parameters relating to the operating system and the user’s IT environment. These data are used for the purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are kept for the times defined by the relevant legal regulation. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

Processing purposes and place

Processing procedures

The Data Controller implements the appropriate security measures to prevent access to your personal data, their disclosure, their modification or their unauthorised destruction.

The processing activities are carried out using paper tools, electronic and/or telematics means, following organisational procedures and logics strictly correlated with the stated purposes. Data are processed using tools and/or methods aimed at ensuring their confidentiality and security, pursuant to the principles outlined in art. 5 of EU Regulation 2016/679.

In addition to the Data Controller, in certain cases data may also be accessed by other authorised parties (administrative, commercial and marketing personnel, system administrators, etc.), or by external or internal parties in charge of website maintenance activities, or by external Data Processors appointed pursuant to art. 28 of EU Regulation 2016/679. The updated list of Data Processors may be requested from the Data Controller at any time.

Place

Your personal data are processed at the operating premises of the Data Controller and
to the web Hosting
(SAMORANI s.r.l. v. Einstein 3/5 – 47122 Forlì (FC) who is the Data Processor. Your personal data are only processed by technical personnel, or personnel authorised to carry out such processing activities.

Transfer of collected data

The personal data collected from this site are not provided to third parties, except in specific cases:

  • legitimate request by the judicial authority in the cases provided by the law;

  • supply of a specific service requested by the User;

  • execution of security checks or site optimization.

This site may share some of the personal data collected with services located outside the European Union area (ex. Google). The transfer is authorized based on specific decisions of the European Union and the Guarantor for the protection of personal data, in particular decision 1250/2016 (Privacy Shield – link to the information page of the Guarantor), for which no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield.

Purposes of the treatment

Your personal data are collected to allow the Owner to provide services for the following purposes:

  1. contact the user following his request for information (‘’ Contact us”);

  2. performance of activities connected or instrumental to the use of this website (technical cookies);

  3. performance of analysis activities in order to collect information on the number of users and on how they visit the site (analysis or statistical cookies)

Regarding purposes c) and d) refer to the Cookie Policy document (https://www.pentaferte.com/en/cookie-policy) for detailed information.

Legal basis of the processing activities

Your personal data are processed in order to consent the Data controller to provide you the services for the following purposes:

  • For the purpose referred to in points a),b) e c) based on our legitimate interest in order to answer
    to the requests of the data subjects and to ensure the proper functioning of our website (Article 6, paragraph 1, letter f) of EU Regulation 2016/679). In such cases the user always has the right to object to the processing of data (see par. Right of Opposition).

Data storage period

Data are processed and stored for the period of time required for the achievement of the purposes for which they are collected.

Therefore:

  • personal data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied;

  • the data (IP address) used for the security of the site (attempts to block the site) are kept for 30 days .

  • the data for analytics purposes (statistics) are kept for 24 months.

At the end of the conservation period, which in some specific cases may exceed the term indicated in art. 2220 of the Italian Civil Code, personal data will be deleted.

Rights of the Data Subject

With reference to the personal data processed by the Data Controller, as Data Subject you may exercise the rights set forth by EU Regulation 2016/679. In specific, you have the right to:

  • access your data (art. 15 GDPR). You have the right to get information on the data processed by the Data Controller or on specific aspects of the processing activities, and to receive a copy of such data;

  • check and ask for the correction of your data (art. 16 GDPR). You have the right to check that your data are correct and request their update or correction;

  • obtain the cancellation of your data (art. 17 GDPR). In some specific cases, you may ask to the Data Controller that your data are deleted;

  • obtain the limitation of the processing (art. 18 GDPR). In some specific cases, you may ask to the Data Controller that the processing of your data is limited;

  • receive notification in case of correction, cancellation or limitation of the processing (art. 19 GDPR). In such cases, the Data Subject shall receive a notification by the Data Controller, confirming the correction, deletion or limitation of the processing activities;

  • receive your data or have them transferred to another Data Controller (art. 20 GDPR). You have the right to receive your data in a structured standard format readably using an automatic device. When technically possible, you shall also have the right to obtain the transfer of your data, without obstacles, to another Data Controller. This provision applies when data are processed using automated means and the processing is based on your consent, or a contract;

  • lodge a complaint (art. 77 GDPR). You may lodge a complaint to the Control Authority if you think there has been a violation on the protection of your personal data www.garanteprivacy.it.

Right of objection

You may object to your personal data being processed on a legal basis pursuant to art. 6, par. 1, letter e) or f), or being processed for direct marketing purposes: you have the right to oppose at any time to the processing of your personal data for such purposes, including any profiling in connection with such direct marketing activities. ( art. 21 GDPR ).

In order to exercise your rights, you may forward at any time a specific request to the Data Controller at the above addresses.