Privacy Policy
Pursuant to Article 13 of Legislative Decree 196/03 and EU Regulation 679/2016
The company G.I.P.R.I. srl., with registered office in G. March 14/A, 57121 Livorno, Italy tax code and VAT number 01889700496, in the person of its legal representative pro tempore (hereinafter "Owner"), informs you, pursuant to art. 13 Legislative Decree June 30, 2003 no. 196 (hereinafter, "Privacy Code") and art. 13 EU Regulation no. 2016/679 (hereinafter, "GDPR") that your data will be processed in the following manner and for the following purposes:
1. Object of the treatment
The Data Controller processes your personal identifying data (for example, name, surname, company name, e-mail or other data provided by you) - hereinafter, "personal data" or even "data") communicated by you or collected by us in the following ways:
- by filling in forms available on the website;
- by sending his e-mail contact request;
2. Methods and purposes of processing
The processing of your personal data is carried out by means of the operations indicated in art. 4 Privacy Code and art. 4 n. 2) GDPR and specifically: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data is processed both on paper and electronically and/or by automated means. The Data Controller will process personal data for the time necessary to fulfill the above purposes and in any case for no longer than 10 years from the termination of the relationship for the Contractual or Pre-contractual Purposes or until the request for cancellation of the data for the Marketing Purposes. Your personal data will be processed:
A) without your express consent (art. 24 letter a), b), c) Privacy Code and art. 6 letter b), e) GDPR), for the following Service Purposes:
- fulfilling pre-contractual, contractual and tax obligations arising from relations with you;
- fulfilling obligations required by law, regulation, Community legislation or an order of the Authority (such as in the field of anti-money laundering);
- exercise the rights of the Holder, such as the right of defense in legal proceedings;
B) Only after your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), for the following Marketing Purposes:
- send you by e-mail, mail and/or SMS and/or telephone contacts, newsletters, commercial communications and/or advertising material on products or services offered by the Owner, invitations to events, webinars or other specific marketing initiatives or updates of our company.
3. Access to data
Your data may be made accessible for the purposes referred to in art. A) and 2. B):
to employees and collaborators of the Holder, in their capacity as persons in charge and/or system administrators;
to third companies or other subjects (by way of indication, business partners, credit institutions, professional studios, consultants, insurance companies for the provision of insurance services, etc.) that perform outsourced activities on behalf of the Data Controller, in their capacity as external data processors.
4. Communication of data
Without the need for an express consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller can communicate your data for the purposes referred to in art. 2.A) supervisory bodies (such as IVASS), judicial authorities, insurance companies for the provision of insurance services, as well as to those persons to whom the communication is required by law to carry out the said purposes. These subjects will process the data in their capacity as autonomous data controllers. Your data will not be disclosed.
5. Data transfer
Personal data are stored on servers located within the European Union or on servers located outside the EU. In the latter case, the Data Controller assures that the transfer of non-EU data will take place in compliance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.
6. Nature of data submission and consequences of refusal to answer
The conferment of data for the purposes referred to in art.2. A) is mandatory. Without submission, we will not be able to guarantee you the services of art. 2.A). The conferment of data for the purposes referred to in art. 2.B) is discretional. You may therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in such a case, you will not receive newsletters, commercial communications and advertising material relating to the Services offered by the Owner. In any case, you will be entitled to the Services referred to in art. 2.A).
7. Rights of the interested subject
As interested subject, you have the rights under Art. 7 Privacy Code and art. 15 GDPR and more specifically:
I. obtain confirmation of the existence or otherwise of personal data concerning you, even if not yet recorded, and their communication in intelligible form;
II. to obtain the indication:
(a) the origin of the personal data;
b) the purposes and methods of processing;
c) the logic applied in case of treatment with the aid of electronic instruments;
d) the identification data of the Owner, the managers and the representative appointed pursuant to art. 5, paragraph 2 Privacy Code and art. 3, paragraph 1, GDPR;
e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, managers or agents;
III. get:
a) the updating, rectification or, where interested therein, integration of the data;
b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;
IV. oppose, in whole or in part:
a) for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of collection;
b) to the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and / or by traditional marketing methods by telephone and / or mail. Please note that the right of opposition of the person concerned, set out in point b) above, for purposes of direct marketing through automated means extends to the traditional ones. Where applicable, he also has the rights under Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to limit processing, right to data portability, right to object), as well as the right to complain to the Guarantor.
8. Methods of exercising rights
You may at any time exercise your rights by sending:
- a registered letter with advice of receipt to G.I.P.R.I. srl., with registered office at V.G. March 14/A, 57121 Livorno Italy; -
- a PEC (Certified e-mail) at the address giprisrl@pec.it
- an e-mail to info@giprisrl.it
9. Owner, responsible and entrusted
The data Controller is G.I.P.R.I. srl., with registered office at via G. March 14/A, 57121 Livorno, Italy tax code and VAT number 01889700496. The updated list of those responsible for and in charge of the processing is kept at the registered office of the Data Controller.
1. Object of the treatment
The Data Controller processes your personal identifying data (for example, name, surname, company name, e-mail or other data provided by you) - hereinafter, "personal data" or even "data") communicated by you or collected by us in the following ways:
- by filling in forms available on the website;
- by sending his e-mail contact request;
2. Methods and purposes of processing
The processing of your personal data is carried out by means of the operations indicated in art. 4 Privacy Code and art. 4 n. 2) GDPR and specifically: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data is processed both on paper and electronically and/or by automated means. The Data Controller will process personal data for the time necessary to fulfill the above purposes and in any case for no longer than 10 years from the termination of the relationship for the Contractual or Pre-contractual Purposes or until the request for cancellation of the data for the Marketing Purposes. Your personal data will be processed:
A) without your express consent (art. 24 letter a), b), c) Privacy Code and art. 6 letter b), e) GDPR), for the following Service Purposes:
- fulfilling pre-contractual, contractual and tax obligations arising from relations with you;
- fulfilling obligations required by law, regulation, Community legislation or an order of the Authority (such as in the field of anti-money laundering);
- exercise the rights of the Holder, such as the right of defense in legal proceedings;
B) Only after your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), for the following Marketing Purposes:
- send you by e-mail, mail and/or SMS and/or telephone contacts, newsletters, commercial communications and/or advertising material on products or services offered by the Owner, invitations to events, webinars or other specific marketing initiatives or updates of our company.
3. Access to data
Your data may be made accessible for the purposes referred to in art. A) and 2. B):
to employees and collaborators of the Holder, in their capacity as persons in charge and/or system administrators;
to third companies or other subjects (by way of indication, business partners, credit institutions, professional studios, consultants, insurance companies for the provision of insurance services, etc.) that perform outsourced activities on behalf of the Data Controller, in their capacity as external data processors.
4. Communication of data
Without the need for an express consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller can communicate your data for the purposes referred to in art. 2.A) supervisory bodies (such as IVASS), judicial authorities, insurance companies for the provision of insurance services, as well as to those persons to whom the communication is required by law to carry out the said purposes. These subjects will process the data in their capacity as autonomous data controllers. Your data will not be disclosed.
5. Data transfer
Personal data are stored on servers located within the European Union or on servers located outside the EU. In the latter case, the Data Controller assures that the transfer of non-EU data will take place in compliance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.
6. Nature of data submission and consequences of refusal to answer
The conferment of data for the purposes referred to in art.2. A) is mandatory. Without submission, we will not be able to guarantee you the services of art. 2.A). The conferment of data for the purposes referred to in art. 2.B) is discretional. You may therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in such a case, you will not receive newsletters, commercial communications and advertising material relating to the Services offered by the Owner. In any case, you will be entitled to the Services referred to in art. 2.A).
7. Rights of the interested subject
As interested subject, you have the rights under Art. 7 Privacy Code and art. 15 GDPR and more specifically:
I. obtain confirmation of the existence or otherwise of personal data concerning you, even if not yet recorded, and their communication in intelligible form;
II. to obtain the indication:
(a) the origin of the personal data;
b) the purposes and methods of processing;
c) the logic applied in case of treatment with the aid of electronic instruments;
d) the identification data of the Owner, the managers and the representative appointed pursuant to art. 5, paragraph 2 Privacy Code and art. 3, paragraph 1, GDPR;
e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, managers or agents;
III. get:
a) the updating, rectification or, where interested therein, integration of the data;
b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;
IV. oppose, in whole or in part:
a) for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of collection;
b) to the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and / or by traditional marketing methods by telephone and / or mail. Please note that the right of opposition of the person concerned, set out in point b) above, for purposes of direct marketing through automated means extends to the traditional ones. Where applicable, he also has the rights under Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to limit processing, right to data portability, right to object), as well as the right to complain to the Guarantor.
8. Methods of exercising rights
You may at any time exercise your rights by sending:
- a registered letter with advice of receipt to G.I.P.R.I. srl., with registered office at V.G. March 14/A, 57121 Livorno Italy; -
- a PEC (Certified e-mail) at the address giprisrl@pec.it
- an e-mail to info@giprisrl.it
9. Owner, responsible and entrusted
The data Controller is G.I.P.R.I. srl., with registered office at via G. March 14/A, 57121 Livorno, Italy tax code and VAT number 01889700496. The updated list of those responsible for and in charge of the processing is kept at the registered office of the Data Controller.