General Data Protection Regulation (GDPR)
Millefili S.p.A. is committed to safeguard and protect the personal data of its customers, employees, suppliers and of all those it comes daily into contact with (so-called "Data Subject").
This page contains the information relating to the processing of personal data of users (the “Users”) who consult and use the services offered by the site https://www.millefili.it (the “Site”).
Data controller of the processing
Purpose of the processing of personal data of data subject
Categories of personal data processed
Nature of the provision of such data
Legal basis for the processing
Data processing duration
Subjects to whom personal data may be communicated or subjects who may come to knowledge as processor or authorized persons, and the scope of diffusion of data
Transfer of data abroad
1. General information
The consultation of the Site takes place as a simple visitor.
2. Data controller of the processing
The Processing Data Controller is Millefili S.p.A., with registered office in Carpi (MO), Via carlo Marx n. 35-37, fiscal code and registration number in the companies register of Bologna 81003350022 (the "Data Controller").
You can contact the Data Controller
at the telephone number + 39 059 6222711;
at the fax number + 39 059 640180;
or by writing to the registered office;
or by sending an e-mail to the address: email@example.com
3. Purpose of the processing of personal data of data subject
The Data Controller processes the Personal Data of the Users, for the following purposes:
a) allowing navigation of the Users on the Site through the use of technical navigation cookies, and therefore data will be processed in an anonymous way.
b) processing of data spontaneously sent by the User through the addresses indicated in the "Contacts" page for the processing of the request for information and estimates.
4. Categories of personal data processed
a) data provided voluntarily by the Users;
b) Navigation data.
In particular, with regard to navigation data, their transmission is implicit in the use of internet browsing protocols. This information is not collected to identify Users therefore IP addresses, the type of browser used and the number of accesses made are not profiled. These data are used in order to obtain anonymous statistical information on the use of the site and to check its correct functioning. Navigation data is deleted immediately after processing.
5. Nature of the provision of such data
The provision of data by Users is mandatory for the purposes specified above. Any refusal to provide the personal data requested may determine the impossibility to respond to requests for information and estimates as well as the inability to use the services offered by the Site.
6. Legal basis for the processing
For the purposes referred to in point 3, letter a), the legal basis of the processing is the provision of website services (execution of a contract).
For the purposes referred to in point 3, letter b), the legal basis of the processing is the execution of pre-contractual measures requested by Users.
7. Data processing duration
The Users’ navigation data will be deleted immediately after processing and will be used for the sole purpose of obtaining anonymous statistical information on the use of the site and checking its correct functioning.
The Users’ data related to the communications sent via e-mail to the Firm, that will be provided spontaneously, , will be stored and processed for the time necessary for the performance of the services requested, in respect of the purposes listed above, and in any case for a period not exceeding 2 years from the last contact received.
8 Subjects to whom personal data may be communicated or subjects who may come to knowledge as processor or authorized persons, and the scope of diffusion of data
Both the navigation data and the data voluntarily provided by Users will be processed by the Firm and may be processed by IT service providers related to the management and operation of the site and / or by third parties only where this is necessary for the provision of services and / or services requested by Users.
The data will not be disclosed to other parties, nor disseminated in any way.
9. Transfer of data abroad
The management and storage of personal data will be realized on servers, located within the European Union, of the Data Controller and / or ThirdParty companies in charge and duly appointed as Data Processors. Currently the servers are located in Italy.
The individual data may eventually be the subject of future transfer outside the European Union, in accordance with the provisions of Chapter V of the GDPR, after the Users has been expressly informed and after the consent has been expressly given, if it is mandatory.
10. Users rights
Users may exercise, towards the Data Controller, the rights expressly recognized in Articles 15 et seq. of the GDPR, by using the contact details of the Data Controller indicated in this information, including:
i. to obtain confirmation of the existence or non-existence of personal data concerning you, even if not registered yet, and their communication in an intelligible form;
ii. to obtain the indication about: a) the origin of personal data; b) the purposes and methods of the processing; c) the logic applied in case of processing carried out with the aid of electronic instruments; d) the identification details of the Data Controller, of the Processors pursuant to art. 3, paragraph 1, GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or can learn about them as processors or authorized persons;
iii.to request and obtain - in the event that the legal basis is a contract or consent - that the data are transmitted in a structured and legible format by an automatic device, also in order to communicate such data to a new data controller (so-called right to portability);
iv. to obtain: a) the updating, adjustment or, when there is interest, the integration of data; b) cancellation (so-called right to be forgotten), transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disclosed, except in the case where such fulfillment is impossible or involves a manifestly disproportionate to the protected right use of means;
v. to proceed to: a) the opposition, in whole or in part, for legitimate reasons to the processing of personal data provided, even if pertinent to the purpose of the collection; b) to the request to be informed about the existence of a decision-making process aimed at sending advertising material or carrying out market research or commercial communication. Once the opposition to the processing data has been received at the address indicated in the epigraph, the personal data will no longer be processed, except to the extent permitted by applicable laws and regulations;
vi. to limit the processing of data, i.e. to allow processing within the limits of retention, for the assessment, exercise or defense of a right in court or to protect the rights of another natural or legal person or for reasons of relevant public interest of the Union or of a Member State, in the cases provided for by the GDPR.
At last, Users have the right to complain to the Guarantor Authority, which may be exercised:
a. by registered letter, with return receipt, addressed to “Garante per la Protezione dei Dati personali”, Piazza di Monte Citorio, 121 00186 Rome;
b. by e-mail to: firstname.lastname@example.org, or email@example.com; fax to the number: 06 / 69677.3785.