Privacy Policy

This document provides useful information to understand every aspect relating to the processing of personal data carried out through the website – ​​ in accordance with the provisions of art. 13 of the General Data Protection Regulation (EU Reg. No. 679/2016 or “G.D.P.R.”)

  1. Data Controller

ECG N&S ITALY SRL – Via del Broaldo, 2/3, 40064 – Ozzano dell’Emilia (BO) –

  1. Data processed
  • a) Navigation data: the computer systems and software procedures used to operate this site acquire, during their normal operation, some Personal Data, for example:
    • IP addresses;
    • Addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server ( successful, error, etc.);
    • Other parameters relating to the operating system (eg browser user-agent string present in the http request) and to the user’s computer environment, the transmission of which is implicit in the use of Internet communication protocols.

This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Website and to check its correct functioning, to identify anomalies and / or abuses. Except in cases in which the data are used to ascertain responsibility in the event of hypothetical computer crimes against the site or third parties, such data does not persist for more than seven days.

  • b) Cookie: cookies are small text files that the sites visited by the user send and record on their computer or mobile device, to be then re-transmitted to the same sites on the next visit. For more information on the cookies used on this Website, you can consult the “Cookie Policy”.
  • c) Data provided voluntarily by the user: the Website offers the User the possibility to provide their personal data (for example: name, surname, e-mail, telephone number, payment and billing data, personal image) in order to access certain services such as:
      • Registration on the Website;
      • Sending requests for information and quotes via the contact form;
      • Subscription to the Newsletter service;
      • Purchase of goods and / or services from e-commerce;
      • Publication of testimonies also in the form of storytelling (images and videos).
  • d) Dati di terzi forniti volontariamente dall’utente: Third party data provided voluntarily by the user: in the use of some services of the Website, the processing of personal data of third parties sent by the User may occur. With respect to these hypotheses, the User acts as an independent data controller, assuming all the obligations and responsibilities of the law. In this sense, the User grants the widest indemnity on this point with respect to any dispute, claim, request for compensation for damage from processing, etc. that should reach the Data Controller from third parties whose Personal Data have been processed through its use of the Website functions in violation of the applicable personal data protection rules.

In any case, if the User provides or otherwise processes Personal Data of third parties in the use of the Website, he / she guarantees from now – assuming all related responsibility – that this particular hypothesis of treatment is based on an appropriate legal basis for pursuant to art. 6 of the Regulation which legitimizes the processing of the data in question.

  1. Purpose of the treatment
  • a) Functional monitoring: the Data Controller processes anonymous browsing data in order to monitor the technical functioning and performance of the Website, to understand how to improve services and make them evolve. These data are necessary to ensure the correct functioning and constant improvement of the site.
  • b) Statistics: the Data Controller processes the data in order to obtain anonymous statistical information on the use of the site, to check its correct functioning.
  • c) Remarketing and behavioral targeting: cookies aimed at collecting data useful for the presentation of targeted advertisements could also be used.
  • d) Newsletter and direct marketing: the Data Controller processes personal data in order to provide specific services requested (eg subscription to the newsletter), or in order to send commercial and promotional communications.
  • e) Contact form: the Data Controller processes the User’s personal data in order to respond to any specific questions or requests made through the appropriate contact form.
  • f) Provision of the services requested by the User: the Data Controller processes the User’s personal data in order to provide specific services requested by the user (e.g. registration on the Website, purchase of goods and / or services from e-commerce) .
  • g) Legal obligations: the Data Controller processes the user’s personal data where required in execution of a legal obligation.
  1. Legal basis

Each of the following legal bases is the basis for the processing of personal data respectively indicated below.

  • a) Legitimate Interest of the Data Controller:
    • Monitoring of the technical functioning and performance of the Website, to identify anomalies and / or abuses, or for the purpose of obtaining anonymous statistical information on the use of the site;
    • Extrapolation of anonymous statistics about the use of the Website by Users.
  • b) User consent: User profiling for the purpose of presenting targeted advertisements;
    • Sending the Newsletter and direct marketing communications;
  • c) Adoption of pre-contractual measures at the request of the interested party:
    • Response to requests for information and quotes sent by the User through the contact form of the Website;
  • d) Execution of contractual obligations between the Parties:
    • Provision of specific services requested by the User (eg. Registration on the Website, purchase of goods and / or services from e-commerce);
  • e) Fulfillment of a legal obligation:
    • Preservation of accounting records relating to goods and / or services sold through e-commerce (Article 2220 of the Civil Code);

Other (any processing carried out in execution of a legal obligation imposed on the Owner).

  1. Processing methods

The data collected through the site are processed through the support of IT, telematic and paper means. The owner ensures the adoption of technical security measures (e.g. antivirus, firewall etc.) and organizational (e.g. distribution of roles and responsibilities and authorizations in the execution of the activity and controls), suitable for guaranteeing data protection. personnel involved in the treatment operations against loss, theft, as well as the use, disclosure or unauthorized modification, as provided for in accordance with art. 32 of the EU Reg. 679/2016 (GDPR).

  1. Place of treatment

The User’s personal data are processed at the operational headquarters of the Data Controller and in any other place the parties involved in the processing operations are located (see paragraph: “Data communication scope).

In this regard, the User’s personal data may be transferred to a country other than that of the location of the Data Controller and the User himself. Should the involvement of third parties in the processing operations involve the transfer of the User’s personal data outside the European Economic Area (EEA), guarantee measures will be adopted for the transfer to the recipients, which depending on the cases may be: verification of the existence of adequacy decisions for the recipient country by the Commission, signing of standard contractual clauses, verification of the adoption of any additional measures in implementation of the 01/2020 EDPB recommendation. Notwithstanding these guarantees, (in ref. Of art.49 of the GDPR), where applicable, the existence of a contract or pre-contractual measures in favor of the interested party or consent to the transfer occurs.

  1. Data recipients

The data collected by the Data Controller may be shared, for the purposes mentioned above, with the following categories of subjects:

  • a) Employees and collaborators who assist the Data Controller in the management of the company structure such as, for example, administrative staff, work groups and system administrators, expressly authorized to process with the assurance of adoption of a confidentiality agreement.
  • b) Third parties who typically act as data processors, that is: people, companies or professional firms that provide assistance and advice to the Data Controller in relation to the provision of services, (for example in administrative and legal matters), subjects with who need to interact for the management of statistics relating to the use of the Website, as well as for the purpose of providing the Website services (for example hosting providers, management platforms, email marketing providers, payment gateways), or delegated subjects to carry out technical maintenance activities, including maintenance of network equipment and electronic communication networks.

The complete list of data processors can be requested from the Data Controller by sending a communication to the e-mail address indicated in point 1. of this document.

  • c) Third parties acting as independent data controllers in pursuit of their own purposes, (for example third parties that send profiling cookies), or third parties involved in order to guarantee certain functions of the Website (eg YouTube), as well as in order to facilitate registration operations on the Website and other third-party sites / applications (eg Facebook, etc.). It should be noted that these third parties, listed below with the related links to the privacy policies, are typically independent data controllers of the collected data; you will therefore have to refer to their personal data processing policies, information and consent forms (selection and de-selection of the respective cookies):
  1. Periodo di conservazione dei dati

The Data Controller retains personal data only for the time necessary to pursue the purposes for which they were collected, or for the times provided for by specific regulations.

In detail:

  • Personal data collected for purposes related to the execution of contractual obligations or pre-contractual measures between the Data Controller and the User will be kept until the execution of these obligations and / or measures and in any case up to the time allowed by Italian law. to protect their interests (Article 2946 of the civil code and following);
  • Personal data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until this interest is satisfied;
  • Personal data processed for the purposes of fulfilling a legal obligation will be kept until the time required by the specific obligation or applicable law;
  • Personal data processed by virtue of a User’s consent will be kept until the time of withdrawal of the consent and in any case for the period of validity of the aforementioned consent, as identified by specific regulations and / or measures (e.g. 2 years for activity marketing and sending the newsletter). Once these terms have elapsed, the User will receive a request to renew the specific consent to the processing and, in the event of non-response, the data processed for the aforementioned purposes will be deleted within 15 days of the request.
  1. Rights of the interested party

At any time, the User has the right to access information concerning him and request its updating, rectification and integration, as well as cancellation, transformation into anonymous form or blocking. The user also has the right to object in whole or in part to the processing, as well as to withdraw their consent to specific processing.

To exercise these and the other rights referred to in Articles 15-22 of the GDPR, you can contact the Data Controller by sending a communication to the e-mail address indicated in point 1. of this document.

Furthermore, the user has the right to contact the Guarantor for the protection of personal data or other authorities to lodge a complaint regarding the processing of their personal data.

Other information