With this policy the data controller, as defined below, wishes to explain to you how to manage the website, indicating the purposes for which it collects and process Your personal data, the categories of personal data that are the subject of processing and also Your Rights. The information is made available only for this website and not for other Web pages that may be consulted by the user through links.
The data controller of Your personal data is GSP S.R.L., responsible for the legitimate and correct use of Your personal data and that you may contact for any information or request at the following addresses:
Contacts and addresses:
Your personal data are collected and processed for the purposes listed below, with the clarification of the typology of the data processed and of the reason legitimating the processing (legal basis):
|Purposes||Data Processed||Legal Basis|
|Provide feedback to submitted requests by users/customers through the appropriate form on the site or by sending an e-mail to the e-mail addresses indicated.||Contact details (telephone number, e-mail, etc.); Name, business name, address or other personal identifying elements.||The processing shall be carried out to the extent that it is necessary for the execution of a contract of which the person concerned is a party or the execution of pre-contractual measures adopted at the request of the same, within the meaning of Article 6, par. 1, lit. b) Reg. EU 2016/679.|
|Send information material and/or advertising material related to products similar to those already purchased by the customer/to customers already acquired (direct marketing).||Contact details (telephone number, e-mail, etc.); Name, business name, address or other personal identifying elements.||The processing is necessary for the pursuit of the legitimate interest of the owner of the processing, within the meaning of Article 6, par. 1, lit. f) Reg. EU 2016/679.|
|Marketing activities||Contact details (telephone number, e-mail, etc.); Name, business name, address or other personal identifying elements.||The person concerned has expressed his consent to the processing of his personal data for one or more specific purposes, within the meaning of Article 6, par. 1, lit. A) Reg UE 2016/679.|
The conferral of data to provide feedback to its requests is necessary for the completion of the related pre-contractual/contractual fulfilments. Refusal to provide such data will result in the impossibility for the processor to carry out the instrumental activities in achieving the objectives.
In addition, by pursuing a legitimate interest, the processor may send commercials and advertising communications to customers already acquired, in promoting products similar to those already sold. In any case, you may oppose such processing within the meaning of Directive art. 21, par. 2, of GDPR.
In addition, with Your express and specific consent, the processor can process his data for promotional (present and future) initiatives of a commercial nature, sending of advertising material, direct sales, commercial communication, related to products and/or offered services. The dispatch of commercial communications can be done through the use of traditional systems (paper mail, etc.) and automated communication systems (e-mail, etc.).
The conferral of data for promotional purposes is optional and, if issued, can be revoked at any time by writing to the processor at the above mentioned contact details.
The data collected will be processed by automatic or non automatic means in order to guarantee feedback to the requests received. The data will be recorded within our electronic databases accessible to staff duly instructed and instructed in the field of security and confidentiality of personal data.
Your data may be communicated to the recipients or categories of recipients below: consultants and freelancers in a single or associated form, public bodies or offices in accordance with statutory and/or contractual obligations; Postal Police for the determination of any malicious activities for the company's site.
No data arising from the Web service is communicated to third parties unless it is strictly relevant for the purpose of the processing or imposed by laws or regulations (e.g. public institutions for security reasons, etc.).
The data processor may also communicate some of its information to external entities of which it recourses for the carrying out of activities necessary for the attainment of the above mentioned and described purposes (subjects with whom the processor has stipulated contracts with, by way of example, assistance and maintenance activities of computer systems and management software, etc.).
The subjects mentioned above, who process their data on behalf of the processor, have been expressly appointed by the latter, data controllers.
The list of data controllers may be requested by contacting the owner at the following addresses:
Your personal data may, finally, be processed by the staff within the company, specifically instructed and authorized by the processor, to perform data processing operations.
Your personal data shall be processed by the processor only for the time necessary for the above mentioned purposes. In particular it must be aware, in order to ensure that the data are processed as correctly and transparently as possible, with respect to the duration of the processing, that:
Processing can be carried out through automated processes that do not determine the profiling of the interested and through non-automated means (paper archives) and will be done through means and tools suitable to guarantee the safety of data.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
During the period in which the processor is in possession or carries out the processing of his data, you, acting as the person concerned, may at any time exercise the following rights:
The above rights may be exercised against the processor by writing to the above-mentioned contact details.
The exercise of its rights as a person concerned shall be free of charge within the meaning of article 12 GDPR. However, in the case of unfounded or excessive requests, including for their repetitiveness, the processor may charge a reasonable fee in the light of the administrative costs incurred to manage his request, or deny the satisfaction of his request.