Privacy Policies

Web Privacy Policy

This notice is issued pursuant to Articles 12, 13 and 14 of the EU Regulation 2016/679 GDPR and is intended for users of the company website. This site is intended for use in a B2B context.

The following applies only to websites, Apps, social profiles and services, whose domains or properties are registered or traceable to 'publisher MARCHESINI GROUP S.p.A. specifically to the marchesini.com domain and all third-level domains linked to it.

 

1. NOTES FOR THE READER

In order to make this document more comprehensible and transparent to our users, we have deemed it necessary to use simple and colloquial language. Therefore, the use of a less formal tone should not be interpreted as a lack of respect or courtesy towards the user, but simply a way to facilitate communication.

 

2. WHO IS THIS DOCUMENT ADDRESSED TO?

The following Privacy Policy (hereinafter referred to as "Policy"), provided pursuant to Articles 13 and 14 of the Regulation (EU) 27 April 2016 No. 679 (hereinafter referred to as "GDPR"), is intended to illustrate how MARCHESINI GROUP S.p.A. (hereinafter also referred to as "Company" or simply "MARCHESINI GROUP") processes personal data collected in the context of the use by the user of the applications and services offered through this website.

 

HOW CAN YOU CONTACT US?

The company MARCHESINI GROUP S.p.A., as Publisher and Data Controller, is primarily responsible to the user for any questions, doubts, or complaints regarding this policy or the processing of personal data.

In case you, as a "data subject," need clarification regarding the processing of your personal data, please contact us at the following addresses:

 

MARCHESINI GROUP S.p.A.

Headquarters : Via Nazionale, 100 - 40065 Pianoro (BO) Italy VAT IT 00680201209

REM: [email protected]

e-mail: [email protected]

 

3. DATA PROTECTION OFFICER (DPO)

MARCHESINI GROUP has appointed a Data Protection Officer. You can contact the Data Protection Officer (DPO) at the following e-mail address: [email protected].

 

4. DATA PROTECTION COORDINATOR

MARCHESINI GROUP has also appointed a Data Protection Coordinator in accordance with Article 2- quaterdecies of Legislative Decree No. 196/2003 (the Italian Data Protection Code), with the task of coordinating the processing of personal data and supporting the DPO in ensuring compliance with the GDPR. The Data Protection Coordinator is at your disposal for any clarification or information regarding the processing of your personal data and to facilitate you in the possible exercise of your rights under the Regulations.

You may contact the Data Protection Coordinator at the following e-mail address: [email protected].

 

5. OUR COMPANY POLICY ON THE PROCESSING OF PERSONAL DATA

MARCHESINI GROUP has always been attentive to the security of the information managed, with particular regard to information that may contain personal data (ex-art 4.1 GDPR) or special categories of personal data (ex-art. 9 GDPR). For this reason, the company decided to adopt an organizational model, called Data Protection Management System (hereinafter "DPMS"), also based on the guidelines of ISO 27001 standards. Taking into account the context of our organization, supply chain requirements and stakeholder expectations, the DPMS, establishes the commitment of the Data Controller, through the definition of organizational roles, internal and external responsibilities and authority of the individuals involved. Within the DPMS, security objectives are identified and the actions necessary to achieve them are planned. The necessary resources and expertise are also ensured for the purpose of constant and continuous improvement of the DPMS over time, periodically verifying its scope and alignment with corporate purposes.

 

6. FOR WHAT PURPOSES DO WE PROCESS YOUR PERSONAL DATA AND ON WHAT LAWFUL BASIS?

We process your personal data to give you the best possible experience when you access our website, use our services, and interact with us. The purposes include the following:

 

6.1 ALLOW YOU TO BROWSE OUR WEBSITE

When you visit our website, we automatically collect some information, including your IP address, login data, browser type and version, browser plugins, operating system and platform. During your navigation on our website, we may also collect other data such as the Clickstream URL, the articles viewed or searched, any display and download errors, the times and duration of visits to certain pages and the interaction with the page itself. To collect this data, we use various technologies, including cookies. More information about cookies is available in a specific information available in the footer of the website. If you need more information about the processing of your personal data, please contact us through the information we have provided you previously.

METHODS OF DATA ACQUISITION: The data are automatically provided by your browsing devices using the communication protocols of the Internet network (e.g. TCP/IP, UDP).

LEGAL BASIS: We process these data based on our legitimate interest (Article 6.1, letter f) of the GDPR) to provide and improve navigation on our website, offer efficient and secure web services, and seek to ensure the continuous improvement of your browsing experience over time.

HOW LONG WE KEEP YOUR DATA: We keep your personal data only for the time necessary to allow your navigation on the Site. In particular, some data are stored for the duration of your stay on the Site itself and others until you decide to delete them by deleting the technical and functional cookies (e.g. language setting). For more information on cookie management, see our Cookie Policy in the Footer of the site.

In some cases, we may anonymize the data relating to website accesses and the pages visited and keep them for statistical purposes indefinitely.

 

6.2 MANAGING COMMUNICATIONS WITH YOU

We collect your personal data when you communicate with us in person, through our website, email, phone, or by any other means using the contact information we have provided to you on this Site. For example, we collect your contact details and the details of our messages to and from you, including data about when you sent them, when we received them, and in some cases, also where you sent them.

METHODS OF DATA ACQUISITION: The data are partly automatically conferred in the communication protocol used by your chosen tool and partly are conferred by you in the content of the communication.

LEGAL BASIS: We mainly process this data because of our Legitimate Interest - art. 6.1 let. f) of the GDPR - to respond to your requests and handle necessary communications. However, in some cases we may be called upon to respond by virtue of specific contractual or legal obligations-Articles 6.1(b) and (c) of the GDPR.

HOW LONG WE KEEP YOUR DATA: In response to your contact or support requests, your personal data are processed only for the time necessary to provide you with the information and/or assistance you need and are generally stored for a period of 36 months. In case of the finalization of a commercial contract, the data will be processed and stored according to what is established in the Customers Privacy Policy MPAZ.IN.DPMS004 published in the appropriate area of the website.

 

6.3 MANAGING OUR DATA COLLECTION FORMS

As a user, you may provide us with your personal data, including data that allows your identification when you fill out specific forms (so-called" Forms"). These forms are designed in order to facilitate your inquiries and ensure quick and accurate responses and are supplemented by appropriate privacy notices if necessary.

METHODS OF DATA ACQUISITION: The data are voluntarily provided by you in filling out our Application or Registration Forms. Failure to provide them will result in our inability to provide you with the requested service.

LEGAL BASIS: The processing is necessary for the execution of pre-contractual measures taken at your request - art. - 6.1 let. b) of the GDPR.

HOW LONG WE KEEP YOUR DATA: We keep your personal information on the site only as long as it is needed to fulfill your request.

 

6.4 ALLOW ACCESS TO RESTRICTED AREAS OF THE WEBSITE.

To access any restricted areas of the website ( e.g., https://extra.marchesini.com ) , an "Account" user profile will be created. Information required to set up the account may include your name, e-mail address, your company, status, your role in the company, and other contact information. If you request to create an account, you will obtain a unique credential that will allow you to access your account and use the services offered through our restricted areas. We then process your data to create and manage your account, to allow you access to our restricted area of the site such as, for example, your user profile. We also process your data to communicate with you about your account and the services you have registered for with it.

METHODS OF DATA ACQUISITION: The data are voluntarily provided by you in the request for the creation of your account. Your choice not to provide us with your personal information will result in our inability to create your account.

LEGAL BASIS: The processing is necessary for the performance of a contract to which you are a party or the execution of pre-contractual measures taken at your request - art - 6.1(b) of the GDPR.

HOW LONG WE KEEP YOUR DATA: We will retain your personal information until your account is deleted. Deletion of your account will result in your inability to access the restricted area of the website.

When necessary, registration to specific restricted areas of the website is supplemented by a specific privacy policy..

 

7. COOKIES AND OTHER TECHNOLOGIES

When you browse our website, we automatically collect data through the use of "cookies." A cookie is a text file that contains small amounts of data which a website can send to your browser. These can then be stored on your computer as a tag that distinguishes your device but does not identify you personally. Some of our website's pages use cookies to provide you with a better service during subsequent visits to the website. You can set your browser to notify you before receiving a cookie, giving you the option to accept or decline it.

We use the ELMO plugin by Warrant HUB S.p.A. to manage your consent for the use of cookies on our website. However, you can also set your browser to disable cookies; keep in mind that if you do this, some pages of our website may not function properly.

Instructions for disabling cookies can be found on the following web pages: Mozilla Firefox - Microsoft Edge - Google Chrome - Opera - Apple Safari

For information about the specific cookies used on this website, we invite you to consult the Cookie Policy via the link found at the bottom of all pages of the site (footer). For more information on the tool we use to manage our cookies (Elmo), please visit the manufacturer's website at the following link: https://www.elmobot.eu/.

 

8. PROCESSING OF PERSONAL DATA COLLECTED THROUGH OUR SOCIAL PROFILES

When you follow our social media channels (such as LinkedIn, Facebook, Instagram, YouTube, Google My Business, X, etc.) or interact in any way with our social profiles (for example, by commenting, sharing, following, or liking), we will use your data to interact and communicate with you through our social media profile. This interaction aims to promote our products and services and develop our brand's image via the social media channel you engaged with. We inform you that any information you voluntarily provide on our social profiles, along with any expressions of interest, will be used solely for the analysis and communication purposes stated in this notice. Additionally, to protect our interests or those of third parties, we reserve the right to request the removal of offensive comments or those that violate any applicable law. Furthermore, where appropriate, we may use such comments or posts to protect or enforce our rights and/or interests in legal proceedings.

METHODS OF DATA ACQUISITION: The data are voluntarily provided by you in the request for the creation of your account. Your choice not to provide us with your personal information will result in our inability to create your account.

LEGAL BASIS: The processing is necessary for the performance of a contract to which you are a party or the execution of pre-contractual measures taken at your request - art - 6.1(b) of the GDPR.

HOW LONG WE KEEP YOUR DATA: We will retain your personal information until your account is deleted. Deletion of your account will result in your inability to access the restricted area of the website.

Please remember that for privacy purposes the social network is the autonomous controller of your personal information and, as such, does not operate under our responsibility. The collection and use of information obtained is governed by the social network's privacy policies to which we encourage you to refer.

 

9. NEWSLETTERS AND OTHER DIRECT MARKETING COMMUNICATIONS

We may use the information you provide to send you newsletters or other communications that we believe may be of interest to you. Where required by law, the sending of marketing communications will only take place after your consent has been obtained. In any case, we offer you the opportunity to unsubscribe from any communication sent.

Description of Service: If you want to keep up to date with our products and choose to subscribe to our newsletter or other form of automated direct communication, it is necessary to provide certain data such as your name, e-mail address or other specific data from time to time stated in the Registration Form. If you sign up for our newsletter service, you give us consent to send to your e-mail address, commercial communications (e.g. information notes, promotions, etc.) in an automated manner. These communications will never be invasive and will be done solely for the purpose of commercial promotion of our Brand and our products and/or services. You may revoke your consent to the processing for these purposes at any time, free of charge and in an easy manner through the appropriate link found within each of our e-mails or by using the contact information provided in this privacy policy. The effectiveness of communications made through the newsletter service is periodically monitored in order to also understand your interest in the communications made. In particular, proper delivery to your mail server, your interaction with the landing page such as, for example, whether or not you open our newsletters, the number of openings over time is monitored. Monitoring is done to understand your interest in our communications and to disable automatic delivery if messages are not received regularly or there is no interaction by you for long periods of time.

METHODS OF DATA ACQUISITION: The data necessary for the activation of the communication service (e.g. newsletter) , such as your name your e-mail address, are voluntarily given by you in the specific Registration Form. Information regarding the delivery of our communication to your mail server is automatically provided by the communication protocol. The data regarding your interaction with the communication service is obtained from special markers inserted by the newsletter service we use within the landing page

LEGAL BASIS: We process the data automatically conferred in the communication protocol and those obtained from the newsletter management system, by virtue of our Legitimate Interest - art. 6.1 let. f) of the GDPR - to carry out communications tailored to your interests. However, in accordance with Article

130 of Legislative Decree 196/2003, commercial communications carried out in an automated or systematic way (without the intervention of an operator), can only be carried out if the recipient has given his or her consent. This consent is equated by us with that provided for in art. - 6.1 let. a) of the GDPR and is handled in the manner established by art. 7 of the GDPR.

HOW LONG WE KEEP YOUR DATA: your personal information will be processed and stored until you decide to revoke your consent or request deletion.

 

10. LEGAL OBLIGATIONS

We may process your information in order to make necessary disclosures, in response to requests we are legally required to fulfill, to law enforcement or judicial authorities, or in defense of a right.

METHODS OF DATA ACQUISITION: The data are already in our possession as they are collected for other purposes.

LEGAL BASIS: The processing is necessary to fulfill a legal obligation - art. 6.1(c) of the GDPR to which you are subject or our company is subject.

HOW LONG WE KEEP YOUR DATA: We keep your personal information for as long as necessary to fulfill our obligations.

 

11. LINKS TO EXTERNAL WEBSITES

Where we provide links to other Web sites, we do so for informational purposes only. Other Web sites are beyond our control and this Policy does not apply. If you access other Web sites using the links we have provided, the operators of those sites may collect your information and use it in accordance with their Privacy Policy, which may differ from this Policy.

 

12. SECURITY OF YOUR PERSONAL DATA

We have taken a number of physical, technical and organizational measures to ensure adequate levels of security for the personal data processed under our control, so as to prevent all reasonably foreseeable risks, with particular but not limited reference to their destruction, loss, modification or unauthorized disclosure or accidental or unlawful access.

The data you provide is stored and archived on secure servers in the European Economic Area

If you have a password that allows you to access our Web services, it is your responsibility to keep it secure and confidential.

 

13. INTERNATIONAL TRANSFERS (EXTRA EU)

Our personal data processing operations generally take place within the European Economic Area ('EEA'). However, should Your personal data be transferred to countries outside the European Economic Area ('EEA'), in the absence of adequacy decisions from the European Union Commission, MARCHESINI GROUP will ensure that appropriate safeguards are in place to protect the personal data of its candidates in these countries. Some of the safeguards that may be adopted, where appropriate, include the use of the "Standard Contractual Clauses" (SCCs) established by the European Commission under Article 46(1) GDP, pseudonymization and if possible encryption of the data itself.

The transfer abroad of personal data is often related to the use of cloud technologies, digital communication systems, security software and protection of IT services. I these cases, our Company is committed to using services chosen from operators that guarantee higher standards of security and attention to the protection of personal data. In this regard, we would like to inform you that MARCHESINI GROUP uses some ICT services, provided by US companies (e.g. Microsoft 365 and Google) that have adhered to the EU-US Data Privacy Framework (DPF) (https://www.dataprivacyframework.gov/s/).

 

14. WHO WILL PROCESS YOUR PERSONAL DATA?

For the achievement of the above purposes, the following individuals may have access to your personal data:

  1. Our employees and contractors are adequately trained in measures to protect your rights and the security of your data. They act as authorized and competent persons in this regard.
  2. We cooperate with companies, professional firms, and consultants who specialize in assisting and/or advising MARCHESINI GROUP regarding privacy, administration, and legal matters. We also engage third parties to ensure the proper functioning of our website and its services. For example, we rely on service providers, cybersecurity experts, and other third parties to improve, extend, and protect our website and information systems. Each outside party is carefully evaluated for competence and reliability, and is contractually bound to provide a level of protection for your personal information that is no less than our own. These parties act as Data Processors within the meaning of Article 4.8 of the GDPR.
  3. We may disclose your data to administrative, institutional, judicial authorities or other entities for which disclosure is required by law or necessary for the purposes described in this notice. These parties will process the data in their capacity as Data Controllers in accordance with Article 4.7 of the GDPR.

 

15. WHAT ARE YOUR RIGHTS?

In accordance with applicable law and under the circumstances determined by the lawful basis under which your personal data is processed, you may exercise the following rights.

  1. Right of access to personal data. You have the right to obtain confirmation as to whether or not we are processing personal data concerning you and if so, to obtain access to the personal data processed. You have the right to obtain a copy of the data being processed. This right is applicable only if it does not lead to infringement of the rights and freedoms of others. On this point, please note that in the case of repeated requests, you may be charged a fee by us based on our administrative costs. If you have an account (e.g., access restricted catalog area), you can access your user profile in order to obtain a copy as well as correct, modify or delete inaccurate data. You also have the option to close your Account at any time by writing to [email protected]
  2. Right to rectify, delete or limit the processing of personal data. If you wish to rectify, delete or limit the processing of your personal data, please contact us through the information we have provided in the section. It is your responsibility to ensure that you provide data that is true, accurate, complete, and kept up-to-date (e.g., account).
  3. Right to withdraw consent. If you have provided us with consent to process your data, you can revoke it at any time (e.g., newsletter)
  4. Right to data portability. If the processing is based on your consent or contract and is carried out by electronic means, you have the right to receive, in a structured, commonly used and machine- readable format, the personal data concerning you that you have provided to us and you have the right to transmit such data to another data controller without hindrance from us.
  5. Right to object. As a user, you have the right to object to the processing of your data under certain circumstances. For example, you may benefit from this right if the processing is based on our legitimate interests (or those of third parties). You can challenge the merits of our legitimate interests, however, we may have the right to continue to process such personal data on the basis of our legitimate interests or when this is relevant in connection with legal actions, or the data is necessary for the establishment, exercise or defense of a right in court. You also have the right to object to the processing of your personal data for direct marketing purposes.
  6. Right not to be subjected to automated decision making.
  7. Compensation. We also remind you that anyone who suffers material or immaterial damage caused by a violation of Regulation (EU) 2016/679 has the right to obtain compensation for the damage from the data controller or processor.
  8. Right to lodge a complaint with the 'supervisory authority. Without prejudice to the possibility of approaching our Company for the exercise of rights related to the processing operations performed by us, you may lodge a complaint before the competent independent administrative authority in the Member State of the European Union where you normally reside, where you work, or where an alleged violation of the law on the protection of your personal data has occurred. In the Italian territory you can file a complaint with the following supervisory authority: https://www.garanteprivacy.it

 

16. LAST UPDATE

This Policy was last updated on 01/01/2024.

MARCHESINI GROUP S.p.A. acts as the Data Controller of your personal data. If you have any questions, concerns or complaints regarding this Policy or the management of your data, you may contact us by e-mail at: [email protected]