Information on the processing of your personal data
Please read carefully the following information so that you can knowingly express your wishes regarding the processing of your personal data and the rights granted to you for the purposes you have requested, as provided for by Article 13 of European Regulation 2016/679 (hereinafter the “GDPR”).
1. Who processes your personal data?
The Data Controller, i.e. the entity that decides the purposes and means of the processing of your personal data and the tools used, is Marmi Rossi S.p.A., VAT No. 01286070238, with registered office in Località Montean, 7 - Z.I. 37010 Cavaion Veronese (VR), which has determined the methods and purposes of processing your data.
2. How and why do we use your data?
Your personal data will be used by Marmi Rossi S.p.A. according to your choices for the following purposes:
| Type of data and their use | Purpose and use of data | Who has access | Retention period |
|---|---|---|---|
| Browsing data | This processing is necessary to manage access to the website and interaction with its contents. The legal basis is the legitimate interest of the Controller in the proper functioning of the website. | Persons authorised/appointed to process the data and any service providers involved (appointed as data processors). | For the technically necessary time only. |
| Contact data: Sending you emails containing technical and commercial information, following your request. | This processing is optional and subject to your request. The legal basis is the consent expressed through your request. | Up to 24 months after your request has been dealt with. | |
| Newsletter Data: Management of the subscription service to the company newsletter and its delivery. | Until objection to the processing, which can be exercised using the tools at the end of each communication sent or via the contact details indicated in this notice. | ||
| Social data: Data relating to the use of social buttons and the management of pages on social platforms. | Social buttons are embedded to allow users to share website content or access the Controller’s profiles/content. The Controller’s social profiles are used to publish promotional, informational and editorial content, to respond to users’ public comments and private messages, to moderate the page (removal of unlawful or offensive content), to analyse Insights in order to improve digital communication and for advertising campaigns. The legal basis is legitimate interest. | Persons authorised/appointed to process the data and any service providers involved (appointed as data processors). Data transmitted to social providers through the buttons are not stored directly by the Controller; their storage falls under the exclusive responsibility of each platform, in accordance with its own privacy policy. | Public comments and contents: remain visible on the page until deleted by the user or the page administrator. Private messages: stored for the time necessary to handle the request and for no longer than 24 months from receipt, unless the contact leads to the conclusion of a contract. Insights data: can be viewed on the platform within the time window made available by the platform itself (usually up to 2 years). |
3. To whom will my data be communicated?
Data may be disclosed to independent service providers (e.g. social platform providers) where necessary to carry out the processing, as well as to authorities or professionals acting as independent controllers in the event of legal obligations or for legal protection needs.
4. Do you transfer data outside the EU?
The Data Controller does not directly carry out any transfer of data outside the European Union.
The Controller may however use IT services provided by suppliers that may transfer data to the United States. In such case, where the transfer does not take place to countries subject to an adequacy decision by the European Commission, it will be carried out by adopting standard contractual clauses in compliance with the provisions of the European Commission.
Data are not subject to profiling or dissemination (except for data relating to social platforms which, once shared, remain under the ownership of the respective platforms).
5. How can I protect my rights?
Marmi Rossi S.p.A. and its partners allow you to exercise all the rights granted by law in relation to the management of the personal data you have provided.
You may exercise these rights at any time and, in particular, you may:
- ask us whether data concerning you exist and how they are used (right of access);
- where necessary, ask us to update, rectify or supplement your data;
- ask us to erase your personal data (“right to be forgotten”);
- ask us to restrict or block data processed in possible breach of the law;
- where technically feasible, ask us to obtain a copy of your data in an interoperable format that can be easily transferred to another provider;
- object, on legitimate grounds, to the use of your data;
- withdraw at any time the consent you have given,
- ask us for information about the existence of a decision-making process based solely on automated processing.
You may address all the above requests to the registered office of Marmi Rossi S.p.A. or by email to privacy@marmirossi.com. You will in any case have the right to lodge a complaint directly with the supervisory authority, identified as the Italian Data Protection Authority (Garante per la protezione dei dati personali).