POLICY RELATING TO THE PROCESSING OF PERSONAL DATA PURSUANT TO ART. 13 – 14 OF EU REGULATION 2016/679 AND CONSENT
Pursuant to EU Regulation 2016/679 (hereinafter Regulation or "GDPR") and the national legislation in force regarding the protection of personal data, this policy is provided: to natural persons operating in the name and on behalf of the Customers, to the Customer - if a natural person (e.g. sole proprietorship or professional), potential customers, site users hereinafter also Data Subjects.
SDR PACK S.p.A, with registered office in via Segafredo no. 6 in Rosà (VI), Tax Code 01447990282 –
VAT no. 02485550244 Tel 0424 581990 fax. 0424 858323, e-mail: firstname.lastname@example.org
2.Type of data processed
Data provided voluntarily by users
The personal data processed are collected directly from the Data Subjects or from the company for which they work, on the occasion of pre-contractual activities, the stipulation and execution of the contract. These common data are personal data (name and surname, …), contact details (telephone number, e-mail address, …). The Data Controller does not process any “sensitive” or “special” data (see art. 9 of the GDPR). The processing of personal data takes place, in compliance with the provisions of the GDPR and the current Privacy Regulations, using manual, paper, IT and telematic tools, also automated and according to the principles of fairness, lawfulness and transparency in order to guarantee safety and confidentiality of the data. In particular, the processing can take place through automated systems (such as e-mail or other types of electronic communication) and traditional systems.
During normal use, the computer systems and software procedures used to run this website acquire certain personal data (so-called log files), which are implicitly transmitted through the use of Internet communication protocols. This information is not collected in order to identify interested parties but, due to its nature, it might help to identify users through the processing and grouping of data held by third parties.
This data category includes IP addresses or computer domain names employed by users who access the website, as well as the URI (Uniform Resource Identifier) addresses of requested resources, the time of request, the method used to submit the request to a server, the size of the file obtained as a response, the numerical code indicating the response status given by the server (successful, error, etc.) and other parameters concerning the operating system and the user’s computer environment. Such data are used for the sole purpose of obtaining anonymous statistical information on website use and to check that the website is functioning properly. Such data may be used to ascertain responsibility in the event of any cyber crimes committed against the site and may be disclosed to Judicial Authorities, if explicitly requested.
This site uses Lead Champion, a service provided by ADChange Srl. Lead Champion collects and analyses data relating to legal entities in order to offer a Business Lead Generation and Marketing Business Intelligence service that automatically recognises the company name and profile of those visiting a website.
3. Purpose, legal basis of the processing and mandatory provision of data – The Data Controller processes the personal data:
The provision of personal data for these purposes is not mandatory and the related processing requires the consent of the data subjects. Failure to give consent will not affect the service provided but will make it impossible for the Data Controller to send you commercial communications. The legal basis of the processing is identified in the express consent.
4. Categories of recipients of personal data: personal data, within the limits and for the purposes indicated, may be disclosed or become known and therefore be processed by:
The complete list of recipients is available at the Data Controller’s registered office.
5. Data retention period: the personal data in question are processed for the entire duration of the commercial relationship and even subsequently for a maximum of 10 years; for marketing purposes, the data are processed and stored until the consent is revoked.
6. Transfer of data abroad: the processing is normally carried out in Italy, for specific business processes personal data may be transferred to non-EEA countries, in such cases data protection is assured by specific contractual clauses.
7. Automated decision-making processes: any automated decision-making process including profiling is excluded.
8. Rights of the data subject: the Data Controller hereby informs that, with reference to the data provided, as a Data Subject you have the following rights:
9. Contact information: for any clarification and to exercise their rights, data subjects may contact the Data Controller by writing to:
SDR PACK SpA
Via Segafredo, 6 - 36027 Rosà (VI)
or by writing an email to