Snaidero Rino s.p.a. undertakes to comply to the maximum extent with the provisions of the EU Regulation 679/2016 (GDPR, available at the following address: https://www.garanteprivacy.it/il-testo-del-regolazione), as well as with the Italian Legislative Decree no. 196/2003 (Data Protection Code), as amended by the Italian Legislative Decree no. 101/2018.

This document describes the principles, methods, limits and scope of processing personal data of the users who access, consult and provide their data through the site (desktop as well as mobile version):

www.snaidero.com

This policy is issued pursuant to article 13 of the GDPR and describes the processing, based on principles of lawfulness, accuracy and transparency, of personal data provided by natural persons who browse the site or acquired during the use of the site.

PLEASE NOTE:

This policy does not apply to other sites, pages or online services that may be reached via hypertext links published on the site, but referring to sources outside the domain of Snaidero Rino s.p.a.

As regards the processing of personal data by the managers of the Social Media platforms used by Snaidero Rino s.p.a., please refer to the privacy policies provided by the same.

Snaidero Rino s.p.a. processes the personal data provided by users through the pages of the Social Media platforms used by the same, exclusively to manage interactions with users (comments, public posts, etc.) and in compliance with current legislation.

DEFINITIONS:

“Personal data” means any information relating to an identified or identifiable natural person (“data subject”).

“Processing” means any operation or set of operations, which is performed on personal data or on sets of persona data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Data Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

“Data processor” means the natural or legal person, public authority, agency or another body that processes personal data on behalf of the data controller.

1) DATA CONTROLLER

The Data Controller (hereinafter, the Data Controller) is

SNAIDERO RINO S.p.A. (Tax Code 00153510300), with registered office in Majano (UD), Viale Rino Snaidero n. 15, in the person of its pro tempore managing director.

For any information or explication on the processing of personal data provided for in this policy, as well as to exercise the rights referred to in point 6) below, you can use one of the following methods:

– Send a communication by post to the following address: Snaidero Rino Spa, Viale Rino Snaidero, 15 33030 Majano (UD)

2) CATEGORIES OF PERSONAL DATA

Snaidero may acquire information about the user in the following ways:

DATA PROVIDED BY THE USER

This category of data includes the information that the user optionally and explicitly provides when using the site (name, surname, address, contact details, etc.) to send requests for information on Snaidero products by filling in the forms (digital forms) existing on the site (or by otherwise contacting the Data Controller using the contact details on the site itself), to request after-sales technical assistance as well as create a personalised account on the site in order to take advantage of the associated functions.

NAVIGATION DATA

The computer systems and software procedures used to operate the websites acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols (such as IP addresses or domain names of the devices used by users who connect to the Sites, the type of browser and the operating system used, information on the pages visited by users within the site, the access time and in general parameters relating to the operating system and the user’s computing environment).

The processing of such data is necessary to ensure the proper functioning, the best use and the implementation of the website, as well as to monitor and ensure the security of the site itself.

COOKIES

Cookies are text strings that are recorded on the user’s terminal or allow access to information on the user’s terminal.

The terminals referred to are, for example, computers, tablets, smartphones, or any other device capable of storing information.

 Cookies may be used for different purposes, such as storing information provided by users while accessing the site or preferences set while browsing, personalising the user experience based on the aforementioned preferences, analysing user behaviour on the site in order to improve the site and provide personalised advertising content, etc.

For more information about the cookies used on this site, please refer to our “Cookie Policy”.

3) PURPOSE AND LAWFUL BASIS

In addition to specifically indicating which personal data are processed and the related purposes of the processing itself, the regulation on the protection of personal data requires the Data Controller to process data exclusively if a legitimate assumption or reason among those identified by the same regulation applies (lawful basis for processing).

The data mentioned above may be processed for the following purposes:

a) contact the user through any channel, in order to provide the information requested by the same providing adequate and specific responses.

In the case of contact data provided in any information request, the voluntary, optional and explicit provision of such data corresponds to giving the consent to the Data Controller using such information to respond to requests received (Article 6 letter A) of the GDPR).

The personal data collected in this way will therefore be processed and stored in the Data Controller’s electronic or analogue databases for the time strictly necessary to respond to the requests.

Once this period of time has elapsed, the personal data acquired will be deleted from any database, except when further legitimate reasons for processing exist, based on subsequent requests or orders for products made by the user who initially requested for information. In this case, subsequent and separate information will be provided if conditions apply.

b) guarantee the correct execution of after-sales services and technical assistance accessible through the site.

As regards the data that may be required for the execution of after-sales services and technical assistance requested by the user who has previously purchased Snaidero products, the processing will be considered authorised by virtue of article 6 letter B) and C) of the GDPR (legal and contractual obligations).

In this case, the data will be stored in Snaidero’s electronic and analogue database, as well as in the databases of duly appointed subjects, or subjects appointed as data processors on behalf of Snaidero in compliance with the current legislation on the provision of the requested services, and will be stored for the time needed to provide the service.

c) for direct promotional and advertising purposes, by sending the user communications containing advertising information, promotional initiatives, special offers, news on Snaidero products, market research and newsletters.

In this case, the processing will take place only and exclusively if the user has previously given express consent (Article 6 letter A) of the GDPR) to receiving such communications.

Consent to such processing may be expressed using the appropriate command that will be displayed during navigation, when the user voluntarily provides contact details through the site.

Once the user has given his/her consent, Snaidero will store the data and process them for sending the communications and information mentioned above as long as the user does not – freely and at any time – withdraw his/her consent by sending a specific request according to section 1) above.

d) Monitor the structure of the site and ensure its security, preventing any abuses and computer fraud also in order to protect the users.

In this case, the processing of data corresponds to a legitimate interest of Snaidero (Article 6 letter f) of the GDPR).

PLEASE NOTE:

If the lawful basis of the processing is identified in the consent previously given by the user, the latter may always withdraw it. However, consent withdrawal will make it impossible for Snaidero to provide the requested information or service, or will prevent the user from receiving advertising and promotional information, as well as what is described in point c) above; this without prejudice to the lawfulness of the processing prior to the consent withdraw.

When necessary, the personal data mentioned above may also be transmitted to police forces and to judicial and administrative authorities, in accordance with the law, for the detection and prosecution of crimes, the prevention and protection from threats to the public security, as well as to allow the Data Controller to exercise or protect its own or third party rights before the competent Authorities, and for other reasons related to the protection of the rights and freedoms of others.

In this case, the storage of personal data will take place for the entire further period necessary to defend or assert a right or to fulfil any further legal obligations or orders of the Authorities.

4) TRANSFER OF DATA TO THIRD PARTIES

In relation to the purposes mentioned above, personal data may be disclosed to the following subjects:

• Companies of the Snaidero Group, subjects belonging to the distribution and commercial chain (e.g. retailers, designers, agents, …) as well as suppliers, duly appointed as Data Processors.

• Subjects who could become aware of the data, such as Snaidero appointees or managers (staff assigned to the administrative, commercial, technical, production or IT office) for instrumental activities and/or activities related to the provision of the service or information requested, as well as to ensure the proper functioning of the site.

When carrying out these activities, the aforementioned subjects may have access to the personal data mentioned above, which will be processed exclusively for the time necessary for the purpose and within the limits of the purposes described above.

• Administrative/judicial authorities for the purposes of protecting rights or ascertaining/preventing offenses or in the event of an explicit request by the aforementioned Authorities.

5) SECURITY MEASURES

Snaidero electronically and analogically processes and stores data provided by the users or legitimately acquired through the site, adopting all the most appropriate IT, physical, logical and organizational security measures to prevent any breach of user rights.

Snaidero regularly tests, checks and evaluates the effectiveness of data security measures, in order to guarantee a secure data processing.

6) RIGHTS OF THE DATA SUBJECT

The data subject may exercise the following rights by the methods mentioned in point 1) above:

– ask the Data Controller to

  • access to personal data being processed and the information relating to the same: if the data subject so wishes, the Data Controller will provide a copy of all personal data in his/her possession;
  • rectify inaccurate data or integrate incomplete ones;
  • obtain personal data from the Data Controller in order to transmit them to another Data Controller, in the cases provided for in article 20 of the GDPR (right to data portability).
  • erase personal data (if one of the conditions set forth in article 17, paragraph 1 of the GDPR applies and in compliance with the exceptions provided for in paragraph 3 of the same article);
  • restrict the processing of personal data (if one of the hypotheses set forth in article 18, paragraph 1 of the GDPR applies);
  • the data subject may also object to the processing of personal data in accordance with the provisions of article 21 of the GDPR.

The exercise of the right to restrict processing, the right to object to processing, right to be forgotten or to withdraw the consent given may make it impossible for the Data Controller to provide the service or information requested by the user.

The user may use the methods mentioned in section 1) above to communicate to the Data Controller his/her will to exercise one of the rights listed above.

lodge a complaint with the Autorità Garante per la Protezione dei dati personali, if he/she considers that a breach of his/her rights has occurred or is in progress in relation to the processing of personal data: to this end, Snaidero invites users of the site to consult the specific instructions available at the following address:

https://www.garanteprivacy.it/modulistica-e-servizi-online/reclamo

7) CHANGES TO THIS POLICY

This policy is updated as of 05/04/2024

Snaidero invites users to monitor any changes to this policy that may be required in the event of changes to the site’s functionality or regulatory innovations.

Where possible, Snaidero will promptly inform users about the changes made and their consequences.