Privacy Policy

This page describes how this Website is managed in relation to the processing of the personal data of users consulting it. This privacy policy has been drawn up in accordance with several legal systems, including Arts. 13 and 14 of Regulation (EU) 2016/679. Except as otherwise stated, this privacy policy concerns solely this Website.

Data Controller

Fiorenzato M.C. s.r.l. – Via Piana Giovanni Antonio, 6 – 20155 Milan – ITALY

Email address of the Data Controller: info@fiorenzato.it.

Types of Data collected

The Personal Data collected by this Website, whether autonomously or from third parties, include: email, name, surname, telephone numbers, address, company name, country, password, Cookie, Usage data and various types of Data.

Full details of each type of data collected are provided in the dedicated sections of this privacy policy or in specific information notices displayed before data are collected.

Personal Data may be freely provided by the User or, in the case of Usage Data, they may be collected automatically in the course of Website usage.

Except as otherwise specified, all Data requested by this Website are required. If the User refuses to communicate them, this Website may be prevented from providing the Service. If this Website indicates certain Data as optional, Users are free not to communicate such Data without this having any effect on the availability of the Service or its operation.

In case of doubt about which Data are required, Users can contact the Data Controller.

The use of Cookies or other tracking tools, if any, by this Website or by the owners of third-party services used by this Website, except as otherwise specified, is intended to provide the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy.

The User is accountable for any third-party Personal Data obtained, published or shared through this Website and guarantees that s/he is entitled to communicate or disseminate them, exempting the Data Controller from any liability towards third parties.

Method and place of Data processing

Method of processing

The Data Controller takes appropriate security measures to prevent any unauthorised access, disclosure, modification or destruction of Personal Data.

Data are processed using computer and/or telematic tools, with organisational methods and logics that are strictly related to the indicated purposes. In addition to the Data Controller, in some cases other parties involved in the organisation of this Website (administrative, sales, marketing staff, lawyers, system administrators) or external parties (such as third-party technical service providers, hosting providers, IT companies, communication agencies) may have access to Personal Data and are appointed, if necessary, as Data Processors by the Data Controller. The updated list of Data Processors may always be requested to the Data Controller.

Legal basis of processing

The Data Controller processes Personal Data concerning the User where one of the following conditions is met:

  • the User has given consent to processing for one or more specific purposes; Note: in some jurisdictions, the Data Controller may be authorised to process Personal Data without the User’s consent or another legal basis specified below, until the User objects (“opts-out”) to such processing. However, this is not applicable where Personal Data processing is regulated by European law on the protection of Personal Data;
  • processing is necessary for the performance of a contract with the User and/or in order to take steps prior to entering into a contract;
  • processing is necessary for compliance with a legal obligation to which the Data Controller is subject;
  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
  • processing is necessary for the purposes of the legitimate interests pursued by the Data Controller.

In any case, the User may always ask the Data Controller to clarify the concrete legal basis of each processing operation and, in particular, to specify whether processing is based on law, provided for in a contract or necessary to enter into a contract.

Place

Data are processed at the headquarters of the Data Controller and in any other place where the parties involved in data processing are located. For further information, please contact the Data Controller.

The User’s Personal Data may be transferred to a country other than that in which the User is located. For further information on the place of processing, the User may refer to the section giving details on the processing of Personal Data.

The User may obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organisation under public international law or consisting of two or more countries, such as the UN, as well as regarding the security measures adopted by the Data Controller to protect such Data.

If any transfer described above takes place, the User may refer to the respective sections of this document or ask for information from the Data Controller by contacting the latter using the details given above.

Storage period

Data are processed and stored for the time needed for the purposes of their collection.

Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be stored until contract performance is completed.
  • Personal Data collected for purposes related to the legitimate interest of the Data Controller will be stored until such interest is satisfied. The User may obtain further information regarding the legitimate interest of the Data Controller in the relevant sections of this document or by contacting the Data Controller.

Where processing is based on the User’s consent, the Data Controller may keep the Personal Data for a longer period until such consent is revoked. In addition, the Data Controller may be required to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

At the end of the storage period, Personal Data will be erased. Therefore, at the end of this term, the right of access, erasure, rectification and the right to data portability may no longer be exercised.

Purposes of Data processing

The User’s Data are collected to enable the Data Controller to provide its Services and for the following purposes: To contact the User, for Platform and hosting services, Hosting and back-end infrastructure, Backup storage and management, Statistics, Registration and authentication, Sale of goods and/or services, Viewing content from external platforms.

For further detailed information on the purposes of data processing and on the Personal Data concretely relevant for each purpose, the User may refer to the corresponding sections of this document.

Details on Personal Data processing

Personal Data are collected for the following purposes and using the following services:

  • To contact the User

Mailing list or newsletter (this Website)

Upon registration to the mailing list or newsletter, the User’s email address is automatically added to a list of contacts to which email messages containing information, including commercial and promotional information, relating to this Website may be sent. The User’s email address may also be added to this list as a result of the User’s registration on this Website or after making a purchase.
Personal Data collected: email, name.

Contact form (this Website)

By filling in the contact form with his/her Data, the User consents to the use thereof to answer requests for information, estimates, or any other request indicated in the header of the form.
Personal Data collected: email, name, surname, company name, address, country, telephone number.

“Work with us” form  (this Website)

By filling in the contact form with his/her Data, the User consents to the use thereof to answer the User’s contact request to work at Fiorenzato.
Personal Data collected: email, name, surname, telephone number.

  • Statistics

The services contained in this section allow the Data Controller to monitor and analyse traffic data and to track the User’s conduct.

Google Analytics (Google Inc.)

Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Website, compiling reports and sharing them with other services developed by Google.
Google may use Personal Data to contextualize and customise the ads of its advertising network.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States – Privacy policy. Organisation adhering to the Privacy Shield.

  • Sale of goods and services

Personal Data are used to provide services to the User or for the sale of products.

Google Fonts (Google Inc.)

Google Fonts is a font style display service managed by Google Inc. that allows this Website to incorporate such content in its pages.
Personal Data collected: Usage Data and various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy. Organisation adhering to the Privacy Shield.

Widget Google Maps (Google Inc.)

Google Maps is a map display service managed by Google Inc. that allows this Website to incorporate such content in its pages.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States – Privacy Policy. Organisation adhering to the Privacy Shield.

Use by minors

Users declare to be of legal age in accordance with the legislation applicable thereto. Minors may only use this Website with the assistance of a parent or guardian.

Rights of the User

Users may exercise given rights with respect to the Data processed by the Data Controller.
Specifically, the User may:

  • revoke his/her consent at any time. The User may revoke his/her previous consent to Personal Data processing.
  • object to Data processing. The User may object to Data processing when this takes place on a legal basis other than consent. Further details on the right to object are given in the section below.
  • access his/her Data. The User may obtain information on the Data processed by the Data Controller, on certain aspects of processing and may receive a copy of the Data processed.
  • verify Data and ask for their rectification. The User may verify the correctness of his/her Data and ask for them to be updated or corrected.
  • obtain restriction of processing. When certain conditions are met, the User may ask for the restriction of Data processing. In this case, the Data Controller will not process Data for any other purpose than their storage.
  • obtain the erasure or cancellation of his/her Personal Data. When certain conditions are met, the User may ask for his/her Data to be erased by the Data Controller.
  • receive his/her Data or have them transferred to another controller. The User has the right to receive his/her Data in a structured, commonly used and machine-readable format and, where technically feasible, to obtain their transfer to another controller without hindrance. This provision is applicable when Data are processed by automated tools and processing is based on the User’s consent, on a contract to which the User is a party or on contractual measures connected thereto.
  • lodge a complaint. The User may lodge a complaint with the competent data protection supervisory authority or take legal action.

Details on the right to object
Where Personal Data are processed in the public interest, in the exercise of official authority vested in the Data Controller or to pursue a legitimate interest of the Data Controller, Users are entitled to object to processing for reasons relating to their particular situation.
Where Data are processed for direct marketing purposes, Users may object to such processing without giving any reasons. To find out whether the Data Controller processes data for direct marketing purposes, Users may refer to the respective sections of this document.

How to exercise one’s rights
To exercise their rights, Users may send a request to the contact details of the Data Controller indicated in this document. Requests are deposited free of charge and are fulfilled by the Data Controller as soon as possible, in any case within one month.

Cookie Policy

This Website uses Cookies. For further information and to view the detailed information notice, the User may consult the Cookie policy.

Further information on data processing

Defence of legal claims
The User’s Personal Data may be used by the Data Controller in court or in the preparatory stages of a legal action to defend itself against any misuse of the Website or related Services by the User. The User acknowledges that the Data Controller may be required to disclose Data by order of the public authorities.

Specific information notices
At the User’s request, in addition to the information contained in this privacy policy, this Website may provide the User with additional and contextual information regarding specific Services or the collection and processing of Personal Data.

System log and maintenance
For operational and maintenance purposes, this Website and any third-party services used thereby may collect system logs, i.e. files that record interactions and may also contain Personal Data, such as the User’s IP address.

Information not contained in this policy
Further information with regard to the processing of Personal Data may be requested at any time from the Data Controller using the latter’s contact details.

Response to “Do Not Track” requests
This Website does not support “Do Not Track” requests. To find out whether any third-party services support them, the User can consult their privacy policies.

Changes to this privacy policy
The Data Controller reserves the right to bring changes to this privacy policy at any time, informing Users on this page and, if possible, on this Website and, where technically and legally feasible, sending a notice to Users using any contact details held by the Data Controller. Therefore, please consult this page regularly, referring to the date of the last change at the bottom of the page. If such changes involve processing operations whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.

Definitions and legal references

Personal Data (or Data)
Personal data are any information which, either directly or indirectly, even in connection with any other information, including a personal identification number, makes a natural person identified or identifiable.

Usage Data
Usage Data are information automatically collected via this Website (also by third-party applications incorporated into this Website), including: the IP addresses or domain names of the computers used by the User connecting to this Website, URI (Uniform Resource Identifier) addresses, the time of the request, the method used to send the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various time details of the visit (e.g. the time spent on each page) and the details of the itinerary followed within the Application, with special reference to the sequence of pages visited, the parameters of the User’s operating system and computer environment.

User
The individual using this Website who, except as otherwise specified, is the Data Subject.

Data Subject
The natural person to whom Personal Data refer to.

Data Processor (or Processor)
The natural or legal person, public administration and any other body that processes personal data on behalf of the Data Controller, as set out in this privacy policy.

Data Controller (or Controller)
The natural or legal person, public authority, service or other body which, either individually or jointly with others, determines the purposes and methods of data processing and the tools adopted, including the security measures regarding the operation and use of this Website. The Data Controller, except as otherwise specified, is the owner of this Website.

This Website (or this Application)
The hardware or software tool with which the Personal Data of Users are collected and processed.

Service
The Service provided by this Website, as defined in the corresponding terms and conditions (if any) of this website/application.

European Union (or EU)
Except as otherwise specified, any reference herein to the European Union shall be deemed to extend to all current member states of the European Union and the European Economic Area.

Cookie
Small portion of data stored inside the User’s device.

Newsletter

Constant updating on news from the Fiorenzato world.