Privacidad

Who are we and what do we do with your personal data?

The company Fabio Perini S.p.A., with its registered office in 55100 Lucca, Via Giovanni Diodati 50 (hereinafter also the "Controller"), as data controller will see to the confidentiality of your personal data and guarantee its necessary protection from any event that could put it at a risk of violation. 

The Controller applies policies and practices concerning the collection and use of personal data and the exercise of the rights recognised by the applicable legislation. The Controller is responsible for updating the policies and practices adopted for the protection of personal data whenever it becomes necessary and in any case whenever regulatory and organisational changes that may affect the processing of your personal data arise.

The Controller has appointed a Data Protection Officer (DPO) that you can contact if you have questions about the policies and practices adopted. The contact details of the Data Protection Officer are as follows:

dpo@fabioperini.com

How does the Controller Fabio Perini S.p.A. collect and process your data?

The Controller collects and/or receives information about you, such as in general: name, surname, title, company role, physical and telematic address, fixed and/or mobile telephone number, language. The data may be processed by the Controller for commercial promotion and market surveys and research purposes in relation to the products and services offered by the Controller only if you authorise such processing and/or you do not object to the same.

The Controller transfers your personal data abroad and in particular:

Israel - European Commission adequacy decision on the protection of personal data by the state of Israel;

South Africa, South Korea, Russia, Turkey - Preparation of standard contractual clauses aimed at ensuring adequate guarantees, including in relation to the rights of data subjects regarding the extra-EU transfer of personal data.

Your personal data will not be disseminated or disclosed to undetermined and non-identifiable subjects, even as third parties.

Your personal information will be processed for:

1) marketing and commercial activities

With your consent, your data may be processed for marketing and commercial activities (commercial information, invitations to fairs, marketing, sending company magazines) concerning products and services offered by the Controller. The processing of your data (such as name, surname, physical and telematic address, fixed and/or mobile number) can be carried out through:

  • email and direct mail;
  • sms;
  • apps;
  • telephone contact, also without an operator;
  • push notifications;
  • paper mail;
  • messaging platforms and social networks.

The processing in question can be carried out if:

  1. you give your consent to the use of the data, also in relation to the methods of communication, both traditional and automated, with which the processing takes place;
  2. if the processing is carried out through contact with a telephone operator, you are registered in the register of oppositions referred to in Italian Presidential Decree no. 178/2010;
  3. if you are not opposed to the processing and/or if appropriate, you are not opposed in a specific and separate way to sending communications through traditional methods and/or through automatic means. 

2) for the communication and transfer of data to third parties/recipients even in non-EU countries for marketing activities (direct, research and market surveys) carried out autonomously by the same

With your consent, your data may be processed for the communication and transfer of data to subsidiaries and/or affiliates in countries outside the EU (China, USA, Brazil) of the group to which the Controller belongs, the network of companies operating in the manufacturing and system marketing sector, software and services for the production, packaging and storage of tissue products for marketing activities concerning the products and services of the recipients.

3) for information security purposes

The Controller processes, also through its suppliers (third parties and/or recipients), your personal data, including electronic (e.g. logical access) or related to traffic which is collected or obtained in the case of services displayed on the website of the Controller, strictly necessary and proportionate to ensuring the security and ability of a network or servers connected to it to withstand, at a given level of security, unforeseen events or illicit or malicious acts that compromise availability, authenticity, integrity and the confidentiality of personal data stored or transmitted. 

For this purpose, the Controller provides procedures for the management of the violation of personal data (data breach). 

What happens if you do not give your consent to the processing of personal data for marketing purposes (direct, research and market surveys) carried out by the Controller or for communication to third parties/recipients, also in non-EU countries, for marketing purposes autonomously pursued by the same?

Your personal data will not be processed for these purposes.

If you have given your consent and subsequently revoke or oppose the processing for marketing purposes, your data will no longer be processed for marketing activities, without this having consequences or detrimental effects for you.

How and for how long is your data stored?

The processing of your data is carried out through electronic and manual means and tools made available to subjects acting under the authority of the Controller and for the authorised and trained purpose. The paper and especially electronic archives where your data is kept and stored are protected by effective security measures which are adequate to counter the risks of infringement considered by the Controller. The Controller ensures the periodic and constant verification of the measures taken, especially for electronic and telematic tools, to guarantee the confidentiality of personal data through treaties, archived and stored, especially if belonging to particular categories.

For personal data intended for marketing purposes (direct, research and market surveys) for which you have given consent, you may always oppose the related processing and/or revoke your consent. 

The IT archives are located within the confines of the EU (and EEA), however their connection or interaction with databases located in non-EU countries is also envisaged. In particular:

Israel - European Commission adequacy decision on the protection of personal data by the state of Israel;

South Africa, South Korea, Russia, Turkey - Preparation of standard contractual clauses aimed at ensuring adequate guarantees, including in relation to the rights of data subjects regarding the extra-EU transfer of personal data.

How

The processing of data is carried out with paper support or IT procedures by internally authorised and trained individuals. They are allowed access to your personal data to the extent and within the limits necessary for the performance of the processing activities that concern you. 

The Controller periodically checks the tools with which your data is processed and the security measures provided for the same, which are constantly updated, verifying, also by means of the subjects authorised to the processing, that no personal data is collected, processed, kept or stored for which no processing is necessary, as well as verifying that the data is kept with the guarantee of integrity and authenticity and its use for the purposes of the processing is actually performed. 

Where

The data is stored in paper, computer and electronic archives located within the European Economic Area, and appropriate security measures are ensured. 

How long

Personal data processed by the Controller for marketing purposes (direct, research and market surveys) will be retained for 24 months by the Controller, subject to revocation of the consent you have given and/or subject to opposition to the processing.

However, you are entitled to oppose the processing at any time based on a legitimate interest for reasons related to your particular situation. 

What are your rights?

At any time, free of charge and without any special charges and formalities for your request, you can basically:

  • obtain confirmation of the processing carried out by the Controller;
  • access your personal data and learn its origin (when the data is not obtained directly from you), the purposes and scope of the processing, the data of the subjects to whom it is communicated, the retention period of your data or useful criteria to determine the same;
  • withdraw your consent at any time, if it constitutes the basis of the processing. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal;
  • update or rectify your personal data so that it is always accurate;
  • delete your personal data from the Controller's databases and/or archives, also backup archives, in the case, among others, where it is no longer necessary for the purposes of the processing or if the processing is assumed to be illicit, and if there are any conditions required by law, and in any case if the processing is not justified by another equally legitimate reason;
  • limit the processing of your personal data in certain circumstances, for example where you have challenged its accuracy, for the period necessary for the Controller to verify its accuracy. You must be informed, in a reasonable amount of time, even when the suspension period has been completed or the cause of the limitation of processing has ceased, and therefore the limitation itself revoked;
  • obtain your personal data, if received and/or otherwise processed by the Controller with your consent and/or if its processing is carried out on the basis of a contract and with automated tools, in electronic format, also in order to transmit them to another controller.

The Controller must proceed in this sense without delay and, in any case, no later than one month after receiving your request. That period may be extended by two further months where necessary, taking into account the complexity and number of requests received by the Controller. In such cases, within one month of receiving your request the Controller will inform you of the reasons for the extension. 

For any further information and to send your request, you must contact the Controller at the address privacy@fabioperini.com

How and when can you oppose the processing of your personal data?

For reasons related to your particular situation, you can oppose the processing of your personal data at any time when this takes place for marketing purposes (direct, research and market surveys), sending your request to the Controller at the address privacy@fabioperini.com

You have the right to delete your personal data if you are opposed to its processing for marketing purposes (direct, research and market surveys). ​

Who can you lodge a complaint with?

Without prejudice to any other action in administrative or judicial proceedings, you can lodge a complaint with the competent supervisory authority, i.e. that carrying out its duties and exercising its powers in Italy where you have your habitual residence or work, or if different in the member State where the violation of Regulation (EU) 2016/679 occurred.

Every update to this policy will be communicated to you promptly and by appropriate means and you will be notified if the Controller will process your data for purposes other than those referred to in this policy before proceeding and in time to give your consent if necessary.