Privacy policy

Dear Customer,

according to Legislative Decree no. 196/2003 and subsequent amendments, as well as EU Regulation no. 2016/679 (hereinafter referred to as GDPR 2016/679) laying down provisions for the protection of persons and other subjects regarding the processing of personal data, I wish to inform you that the personal data you provide will be processed in compliance with the above mentioned legislation and confidentiality obligations.

Data controller

Fornitalia Sas Di Leopoldo Caporali & C., with registered office in Via Archimede, 327 – 21047 Saronno (VA), tax code and VAT number 02046320129, tel. 02.964.59.069 – fax 02.964.59.628 – e-mail: fornitalia@fornitalia.com; pec: fornitalia@pec.it.

Fornitalia Sas Di Leopoldo Caporali & C. deals with the management of sales made through e-commerce (by way of example but not limited to: order management, sale and delivery of products through a third party courier, management of returns and guarantees and other activities necessary for the sale of products through e-commerce), but does NOT deal with transactions made by the User/Interested party through their bank, or through the Stripe platform (in the case of payment through an account or credit card). Information on the latter payment instrument can be found at: https://stripe.com/it-us

1. Purpose of data processing.

The processing is aimed solely at the correct and complete performance of the contracts concluded (legal basis of the processing) and, specifically:

without the express consent of the data subject pursuant to Art. 6(b) et seq. of the GDPR), for the following purposes

to allow registration to e-commerce and manage access to the related services
to maintain and manage the account created following registration
to process a contract or pre-contractual request and facilitate the purchase of products online, as well
as to execute the contract entered into
to respond to requests to exercise the right of withdrawal and/or the legal guarantee of conformity and/or other rights arising from the purchase contract concluded on e-commerce and/or provided by law in relation to said contract and/or in relation to the service rendered, as well as to carry out any activities that prove necessary as a consequence of the exercise of said rights and to proceed, where appropriate, to the relevant refunds
process internal statistics;
fulfil tax obligations arising out of existing relationships;
comply with obligations provided for by law, regulation, Community legislation or an order from the Authority;
safeguard the vital interests of the data subject or of another natural person;
preventing or detecting fraudulent activities or abuse harmful to the website;
to pursue a legitimate interest of the Data Controller or a third party, within the limits and under the conditions set out in Article 6(f) GDPR;
exercise the rights of the Controller, (by way of example only, the right to defence in court).

B) only with the specific and unambiguous consent of the data subject ex art. 7, GDPR), for the following purposes

acquisition of particular data (when requested) pursuant to Art. 6, paragraph 1, letter a), GDPR.
sending e-mail newsletters, commercial communications and/or advertising material on products and/or services, different and/or dissimilar to those already purchased, offered by the Controller.

2. Modalities of data processing.

a) The processing is carried out by means of the operations or set of operations indicated in Article 4(1)(a) of the Consolidated Act and Article 4(2) of GDPR 2016/679: collection, recording, organisation, structuring, storage, consultation, processing, adaptation, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure and destruction of data.

b) The operations may be carried out with or without the aid of electronic or automated tools in compliance with the provisions of Article 32 of GDPR 2016/679 on security measures by specially appointed persons and in compliance with the provisions of Article 29 GDPR 2016/679.

c) We point out that, in compliance with the principles of lawfulness, purpose limitation and data minimisation, pursuant to Art. 5 GDPR 2016/679, subject to the free and explicit consent of the data subject, the personal data of the data subject will be retained for the period of time necessary to achieve the purposes for which they are collected and processed, as well as for the period of time strictly related to tax purposes and/or other purposes provided for by laws or regulations. The data subject’s data will be kept for 10 years from the termination of the contractual relationship for any fulfilment consequent to the conclusion of the contract itself, for 2 years for marketing purposes.

3. Provision of data.

The conferment of data for the purposes described in point 1, letter A) is necessary; in the absence of such conferment, the aforesaid activities cannot be carried out.

The provision of data for the purposes described in point 2, letter b), on the other hand, is optional.

4. Disclosure of data.

Personal data, to the minimum extent possible, may be communicated to the persons in charge of the processing and to all those public and private entities to whom such communication is necessary for the proper fulfilment of the purposes indicated in point 1, or for the fulfilment of legal obligations.

More specifically, the data of the data subject may be communicated to

employees and collaborators of the Data Controller, consultants authorised to manage the site and to provide related services, in their capacity as internal Data Processors and/or Data Trustees and/or System Administrators
third party companies or other subjects (by way of example only: credit institutions, professional firms, consultants, couriers and transporters, insurance companies, etc.) that perform outsourcing activities on behalf of the Data Controller, in their capacity as external Data Processors and/or Persons in charge of processing personal data.

5. Circulation of data.

Personal data are not subject to circulation.

6. Transfer of data abroad.

Personal data may be transferred to countries within the European Union within the scope of the purposes set forth in point 1.

The data will not be transferred outside the European Union. It is in any case understood that, should it become necessary to transfer the location of the servers to countries outside the EU, such transfer will always take place in compliance with Art. 45 et seq. of the GDPR. In this case, however, the Data Controller assures as of now that the transfer of data outside the EU will take place in compliance with the applicable legal provisions by entering into, if necessary, agreements that guarantee an adequate level of protection and/or by adopting the standard contractual clauses provided for by the European Commission.

7. Special categories of personal data.

Pursuant to Articles 9 and 10 of GDPR 2016/679, you may provide the data controller with data qualifying as “special categories of personal data” and namely those data revealing “racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data concerning a person’s health or sex life or sexual orientation”. These categories of data may only be processed with the free and explicit consent of the data subject.

8. Navigation data

The computer systems and software procedures used to operate the site may acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment.

These data, necessary for the use of web services, are also processed in order to

– obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or per day, geographical areas of origin, etc.)

– checking the correct functioning of the services offered.

Surfing data are not retained for more than seven days (except in the event of the need to ascertain crimes by the judicial authorities).

9. Cookies and other tracking systems

To find out all the details regarding the use of cookies within the website www.fornitalia.com, you can directly access the Cookie Policy .

10. Rights of the interested party.

At any time, the data subject may exercise, pursuant to Articles 15 to 22 of GDPR 2016/679, the right to:

(a) request confirmation of the existence or non-existence of his/her personal data, access to the same and to information relating thereto, as well as the provision of said personal data in intelligible form;

b) obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the storage period
c) obtain the updating, rectification, integration, deletion of data and their transformation into anonymous form. All this without prejudice to the legal obligations arising from the conclusion of the contract and the conservation aimed at protecting the rights of the data controller;
d) obtain the restriction of processing
e) obtain portability of the data, i.e. receive them from a data controller in a structured, commonly used and machine-readable format and transmit them to another data controller without hindrance
f) to object to the processing at any time and also in the case of processing for direct marketing purposes;
g) object to automated decision-making concerning natural persons, including profiling;
h) revoke consent at any time, without prejudice to the lawfulness of the processing based on consent given before revocation;
i) lodge a complaint with a supervisory authority (Data Protection Authority – www.garanteprivacy.it).

The interested party may exercise its rights with a written request sent to Fornitalia Sas Di Leopoldo Caporali & C., with registered office: Via Archimede, 327 – 21047 Saronno (VA), Tax Code and VAT number 02046320129, tel. 02.964.59.069 – fax 02.964.59.628 – e-mail: fornitalia@fornitalia.com; pec: fornitalia@pec.it

LET’S GET TO KNOW EACH OTHER BETTER

Address

Via Archimede, 327 21047 Saronno (Va) IT

Telephone

+39 02 96459069
+39 02 96451290

E-mail

fornitalia@fornitalia.com

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
wp-wpml_current_language	session	Stores the current language.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_FXK5CJXSP9	2 years	This cookie is installed by Google Analytics.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.

Cookie	Duration	Description
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
li_gc	5 months 27 days	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
ln_or	1 day	Used to determine if Oribi analysis can be performed on a specific domain
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Privacy policy

LET’S GET TO KNOW EACH OTHER BETTER

ARE YOU LOOKING FOR INFORMATION?FILL IN THE FORM!

ARE YOU LOOKING FOR INFORMATION?
FILL IN THE FORM!