The official version of this text is in Italian. In case of discrepancies, the Italian
text shall prevail. FACEM S.p.A. shall not be held responsible for incomplete or
incorrect translations into other languages of these instructions.

FACEM S.P.A.
Registered Office: Via Bricherasio 7, 10128 Torino (TO), Italy
VAT Number: IT00517250015
Email: facem@facem.com
Telephone: +39 0124 707711

Data Processing Manager:
The Data Controller has appointed CALICANTUS SRL as Data Processing Manager, which is also accountable to the Controller for the lawful and proper processing of personal data. For any inquiries or requests, the Data Processing Manager may be contacted at: telephone +39 0422 782890, email: privacy@calicant.us.

Data Processors/Authorized Personnel:
The updated list of authorized personnel and data processors is kept at the Data Controller’s registered office.

 

Model: IS – Update Date: 05/2024

Privacy Notice

Articles 13 and 14 of Regulation (EU) 2016/679 (GDPR)

Legislative Decree 196/2003 as amended by Legislative Decree 101/2018

Dear Data Subject,

This Privacy Notice describes the modalities of processing of personal data of users who visit this website, as well as the data processing practices related to the website's operation. Pursuant to Articles 13 (data collected from the data subject) and 14 (data not collected directly from the data subject) of Regulation (EU) 2016/679 (hereinafter "GDPR"), the users of this website are hereby provided with the following information, which relates exclusively to data processing carried out through this website and not through other websites that may be accessed via links, for which reference should be made to the relevant privacy notices issued by the respective data controllers.

This website and any services offered therein are intended solely for persons who have reached the age of eighteen (18). The Data Controller does not knowingly process personal data of minors under the age of eighteen (18). Upon request of such users, the Data Controller shall promptly delete any inadvertently collected personal data.

1. Data Controller

The Data Controller is FACEM S.P.A., with registered office at Via Bricherasio 7, 10128 Torino (TO), Italy, VAT Number IT00517250015 (hereinafter, the "Controller"). The Controller reserves the right to appoint a Data Processing Manager for technical assistance, maintenance, technical management, and related activities concerning this website, including web agencies or consultants, whose details may be provided upon request to the contacts above. The Controller and the Data Processing Manager process users' data through authorized internal personnel designated for this purpose and trained with instructions on data handling.

2. Categories of Data Processed and Sources of Origin

• Navigation Data: IT systems and software procedures used for the operation of this website collect certain personal data during normal operation, the transmission of which is implicit in the use of Internet communication protocols. This category includes IP addresses, browser type, operating system, domain names, referring websites, pages visited, access times, duration of page visits, internal navigation analysis, and other technical parameters related to the user's IT environment. Such technical data are collected and processed solely in aggregated and anonymized form. They are processed to enable and verify the correct functioning of the website and to derive anonymous statistical data on website usage, and are promptly deleted after processing.

• Cookies: Please refer to our dedicated Cookie Policy for details.

• Voluntarily Provided Data: This includes, but is not limited to, identification data, personal data, billing data, and similar, as well as, only exceptionally, special categories of data pursuant to Article 9 GDPR or data relating to criminal convictions pursuant to Article 10 GDPR.

• Sources: Data may be collected from navigation, other websites, cookies and similar technologies, users themselves, or public sources.

The Controller may process primarily navigation data and cookies, as well as voluntarily provided data (e.g., via contact forms or email communications). Exceptional processing of special categories of data or criminal data will only occur if strictly necessary, based on the user's explicit consent.

 

3. Purpose of Processing

The personal data of users collected via this website shall be processed in compliance with GDPR provisions for purposes including, but not limited to:

• Responding to specific requests submitted by the user via the website and its communication tools (e.g., contact forms, information requests).

• Sending informational communications concerning the Controller’s services, following user inquiries submitted through electronic communications or forms.

• Managing registrations and participation in events organized by the Controller, including notifications of updates or changes.

• Other related or ancillary purposes consistent with the website's operations.

The processing of data provided in a general manner shall be carried out—also following automatic collection during navigation—solely for the purposes of verifying and monitoring access to the Website. This also applies to technical cookies, understood as session cookies, functionality cookies, or analytics cookies that meet the requirements specified by the Data Protection Authority (Garante).

In particular, with regard to the latter, it is clarified that they may be equated to technical cookies when they are created and used directly by the Website. In any case, for such analytics cookies, the Website, in accordance with the clarifications provided by the Garante, has implemented the anonymization of IP addresses and adjustments to data processing; the collection and use of said browsing data (without prejudice to the anonymization of IP addresses) allow for monitoring the Website’s performance and contribute to improving the service offered, providing the User with a better browsing experience. Please refer to the specific Cookie Policy for further information.

4. Legal Basis for Processing

The processing of personal data is based on the fulfillment of contractual or pre-contractual obligations related to the request made by the User (for example, requests for information regarding the services provided by the Data Controller, requests for quotations, etc.), as well as, where necessary, on the User’s consent, given through the free and informed completion of the appropriate information fields in the form designated for data collection and provision, and by checking the corresponding checkbox where required.

It should be noted that completing the required fields in forms for information requests is inherent to the request itself and therefore constitutes the fulfillment of a pre-contractual or contractual obligation, depending on the context. Consent may be requested subsequently for the processing of additional data.

A specific privacy notice will be provided wherever necessary (a notice distinct from this one).

In any case, the processing is also based on legitimate interest, including the right to information, as detailed in the following paragraph.

5. Legitimate Interest of the Data Controller

The processing of personal data is also based on the legitimate interest of the Data Controller, such as the exercise of its rights within the context of the information society, the performance of contractual obligations, and the execution of direct marketing operations (in the manner, by the means, and within the timeframes provided by applicable law).

6. Mandatory Nature of Data Provision

The provision of data related to Users' browsing, for the purposes outlined above, depends on the level of privacy that the User has enabled or disabled via their browser. In some cases, disabling these settings may impair navigation on this Website. For certain forms on this Website, the provision of browsing data and/or the use of technical cookies is mandatory for the proper functioning of the Website.

The provision of certain personal data is, in any case, necessary due to the structure of the Website and its procedures. Any request for optional data will be preceded by a specific approval checkbox. The provision of all other data is optional, depending on the type of information the User wishes to provide to the Website.

Notwithstanding the above, for example, the provision of an email account is necessary in order to respond to a request made via the contact form, as are the other data fields marked with an asterisk. The other data are optional.

Failure to provide the data necessary for the requested action (e.g., the email account in a form used to request information) will make it impossible for the Data Controller to process the request.

PROVISIONS APPLICABLE TO ALL PROCESSING ACTIVITIES

In any case, even if the data subject has given consent to allow the Data Controller to pursue all the purposes mentioned above, they shall remain free at any time to revoke said consent.

In compliance with Article 21 of the Regulation, the data subject is specifically and separately informed that they have the right to object at any time to the processing of personal data concerning them for the purposes described above. Should the data subject object to the processing, the personal data may no longer be processed for such purposes.

7. Potential Recipients of Personal Data

The data may be disclosed to companies affiliated with, connected to, or controlled by the Data Controller, as well as to consultants and third parties acting on behalf of the Data Controller for the fulfillment of services related to the purposes outlined in this notice, both within the EU and outside the EU (in the latter case, only to entities adhering to applicable regulations).

Browsing data and similar information (as referenced above), as well as profiling cookies including those from third parties (refer to the Cookie Policy of this Website), will be disclosed to the respective third parties, provided they are not directly managed by them as Data Controllers.

In any event, the data may be disclosed to Data Processors, as well as to persons authorized to process data and properly instructed, always within the scope of the purposes of the processing.

For brevity, a detailed list of these entities is available at our registered office.

8. Data Retention Period

The data voluntarily provided by the Data Subject will be retained until express revocation by the Data Subject, including through actions taken in their browser, cookie clearing, an explicit request, or other manifested means. Browsing data will be retained, in accordance with the principle of proportionality, in a form that permits the identification of the Data Subject for no longer than is necessary for the purposes for which the data were collected or subsequently processed.

The above retention terms are without prejudice to cases in which it is necessary to retain the data for a longer period in order to defend or assert a legal claim or to comply with any legal obligations or orders from Authorities.

9. Data Subject's Rights

Each Data Subject has the right of access, rectification, erasure (right to be forgotten), restriction, notification in case of rectification or erasure or restriction, portability, objection, and not to be subject to automated individual decision-making, including profiling, pursuant to Articles 15 to 22 of the GDPR. These rights may be exercised in the manner and within the timeframes provided in Article 12 of the GDPR, via written communication sent to the Data Controller (see Section 10).

The Data Controller will provide an appropriate response as soon as possible and in any event within one month of receipt of the request.

10. Right to Withdraw Consent (How to Exercise Your Rights)

Consent may be withdrawn, where applicable, at any time and/or the rights described above may be exercised by sending:

- a registered letter with acknowledgment of receipt to the Data Controller (see the address on the letterhead);

- an email to: facem@facem.com

11. Complaints

Each Data Subject has the right to lodge a complaint pursuant to Articles 77 et seq. of the GDPR with a supervisory authority, which for Italy is the Data Protection Authority (Garante per la protezione dei dati personali). The procedures, methods, and deadlines for filing a complaint are provided and governed by national legislation. Filing a complaint does not preclude other administrative or judicial remedies, which in Italy may be brought either before the Garante or the competent Court.

12. Profiling

Personal data provided through navigation of this website and any completion of forms published on it may be subject to profiling by third-party providers via third-party cookies.

Profiling enables such third-party providers, as independent Data Controllers, to evaluate certain personal aspects of the Data Subject, in particular with regard to preferences, interests, and tastes based on the pages visited and activities carried out, in order to offer the Data Subject a more specific and tailored service.

For more information, the User is encouraged to read the Cookie Policy.

13. Data Controller, Data Processor, Appointees/Authorized Persons

Below is some information that must be brought to your attention, not only to comply with legal obligations but also because transparency and fairness towards data subjects are fundamental values of our company.

Data Controller: The Data Controller of your personal data is FACEM S.P.A., responsible for the lawful and correct use of your personal data, and can be contacted for any information or request at: telephone +39 0124 707711; email: facem@facem.com.

Data Processor: The Data Controller has appointed CALICANTUS SRL as the Data Processor, which is also responsible for the lawful and correct use of your personal data and can be contacted for any information or request at: telephone +39 000 00000; email: info@mail.com.

Appointees/Authorized Persons: The updated list of Appointees/Authorized Persons is kept at the Data Controller’s registered office.

14. Social Media Plug-ins

This website may contain plug-ins from certain social media networks (e.g., Facebook). Social plug-ins are special tools that allow social network functionalities to be embedded directly within the website (e.g., Facebook’s "like" function) and are marked with the respective social network’s logo. When you visit a page of this site and interact with a plug-in (e.g., by clicking the "like" button) or choose to leave a comment, the corresponding information is transmitted from the browser directly to the social network platform (in this case, Facebook) and stored there. For information on the purpose, type, and method of collection, processing, use, and storage of personal data by the social network platform, as well as how to exercise your rights, please refer to the privacy policy of the social network.

15. Links to Third-Party Sites

This site may contain links to other third-party websites. The Data Controller disclaims any responsibility for the potential handling of personal data by such third-party websites and for the handling of authentication credentials provided by third parties.

16. Cookies

Cookies are packets of information sent by a web server (e.g., the site) to the User’s Internet browser, automatically stored on the computer and automatically sent back to the server each time the site is accessed. For full information on the features, types, methods of use, and options for removing, deleting, or disabling cookies on this website, please refer to the specific Cookie Policy.

Data Controller

FACEM S.P.A.

Contact Us

FACEM S.P.A. welcomes your comments regarding this privacy policy.

You are invited to contact us at: facem@facem.com

 

 

 

 

Form ICONT – Last Updated: 05/2024

Privacy Notice for the Processing of Personal Data

Pursuant to Article 13 of the EUROPEAN REGULATION No. 679/2016

 

Dear Data Subject,

FACEM S.P.A., in its capacity as Data Controller pursuant to Article 13 of European Regulation No. 679/2016 "General Data Protection Regulation (GDPR)" (hereinafter referred to as the "EU Regulation"), which lays down provisions concerning the processing of personal data, hereby informs you regarding the processing of your personal data.

The Regulation stipulates that any individual who processes personal data must inform the data subject about the data being processed and the defining elements of such processing, which must always be carried out lawfully, fairly, and transparently, as well as in a manner that protects confidentiality and guarantees the rights of the data subject.

Please note that "processing of data" means any operation or set of operations concerning the collection, recording, organization, storage, consultation, processing, modification, selection, retrieval, comparison, use, interconnection, blocking, communication, dissemination, destruction of such data.

1. Data Controller

The Data Controller is FACEM S.P.A., with its registered office at Via Bricherasio 7 – Torino (TO), Italy, VAT no. IT00517250015, contactable at the following: phone +39 0124 707711 and email: facem@facem.com.

2. Nature of the Data Processed, Purposes, and Legal Basis of the Processing

Nature of the Data Processed. In relation to the purposes of processing outlined below, please be informed that only "common personal data" will be processed, such as:

• Company identifying data (name, surname, email, etc.).

Purposes of the Processing. Your personal data will be processed for the following purposes:

• To respond to your requests: via voluntary completion of the contact form found in this contact area;

• To fulfill legal obligations;

• Marketing: to send you advertising materials, direct sales communications, market research, and commercial and promotional messages;

• Profiling: to analyze your preferences and receive personalized informational and/or commercial communications.

Legal Basis of the Processing. Personal data for the purposes stated in points 2A and 2B will be lawfully processed to fulfill pre-contractual and contractual obligations between us and the user (Art. 6(1)(b)), and to fulfill our legal obligations (Art. 6(1)(c)).

Your personal data for the purposes indicated in points 2C-2D of this notice may only be lawfully processed with your specific, separate, express, documented, prior, and entirely optional consent (Art. 6(1)(a) of the EU Regulation).

The consent you provide may be withdrawn at any time without affecting the lawfulness of the processing based on consent before its withdrawal (Art. 7(3) EU Regulation).

Furthermore, please be informed that, pursuant to Article 21 of the EU Regulation, you have the right to object at any time to the processing of your personal data carried out for direct marketing purposes (including profiling), and should you object to the processing, your personal data will no longer be processed for those purposes.

Clarification: In keeping with our Company's principle of maximum transparency toward the Data Subject, please be informed that if you decide to give consent to point 2C (marketing), you must first be informed and aware that the processing purposes pursued are of a specifically commercial, advertising, promotional, and broadly marketing-related nature, such as:

• Sending promotional advertising and informational materials (e.g., newsletters);

• Sending commercial information through paper-based, automated, or electronic methods and, specifically, via postal mail or email, telephone (e.g., calls, WhatsApp messages, SMS, MMS), fax, and any other digital channel (e.g., websites, mobile apps);

• Sending invitations to events, exhibitions, and informational/promotional meetings;

• Sending updates on promotional initiatives or technical innovations, services, training or support, and/or assessing the level of satisfaction with quality.

3. Data Recipients and Processing Methods – Existence of Automated Decision-Making Processes, Including Profiling

The processing of your personal data will be carried out in accordance with the principles of fairness, lawfulness, and transparency, using both paper and electronic tools, by authorized personnel of the Data Controller, or by external parties appointed to carry out specific tasks on behalf of the Data Controller, as Data Processors pursuant to Article 28 of the EU Regulation, through our letter of appointment that binds them to confidentiality and security obligations for the processing of personal data, and to the adoption of appropriate security measures to prevent data loss, unlawful or improper use, and unauthorized access, in compliance with current data protection regulations.

For brevity, the detailed list of such entities is available at the Data Controller's headquarters and is available upon request.

Your personal data will not be disclosed or transferred to third countries or international organizations, and will not be communicated to third parties except where required by legal or contractual obligations.

With reference to Article 13(2)(f) and Article 14(2)(g) of the EU Regulation, please be informed that the Data Controller currently does not use any automated decision-making system or process.

4. Data Retention Period

Your personal data will be retained for no longer than is necessary for the purposes for which they are processed, in accordance with the storage limitation principle established by the EU Regulation and/or for the time required by legal and contractual obligations, or until the specific consent given by the Data Subject is revoked.

• With reference to the purposes indicated in points 2A-2B, the data will be retained for no longer than is necessary to achieve the purposes for which they are processed and/or for the time strictly necessary to fulfill legal and contractual obligations;

• With reference to the purposes indicated in point 2C, data processed for marketing purposes will be retained for no longer than 24 months from the date of collection;

• With reference to the purposes indicated in point 2D, data processed for profiling purposes will be retained for no longer than 12 months from the date of collection.

To ensure compliance with the declared retention periods, a periodic annual review of the processed data will be carried out to assess whether they can be deleted if no longer necessary for the intended purposes.

5. Data Access (Categories of Recipients to Whom Data May Be Disclosed)

We also inform you that the collected data will never be disseminated and will not be communicated without your explicit consent, except for necessary communications that may involve the transfer of data to public entities, consultants, or other parties for the fulfillment of fiscal and legal obligations or for the execution of the purposes (where authorized), subject to our engagement letter which imposes on them the duty of confidentiality and security in the processing of personal data.

Pursuant to Article 13, paragraph 1, letter (e) of the EU Regulation, we hereby indicate the subjects or categories of subjects (duly identified and instructed) who may have access to your personal data in their capacity as data processors or authorized persons, and we provide below a specific list by category:

• Shareholders, employees, collaborators, and suppliers of the Data Controller, both in Italy and abroad, in their capacity as authorized persons and/or data processors (e.g., commercial, technical, administrative, legal, press offices; system administrators; external professionals; service providers, etc.);

• Partner companies and/or companies directly connected with the Data Controller, where their activities are essential to the completion/execution of your request;

• Your personal data may also be communicated to external parties involved in matters that concern you, in carrying out relevant activities, and to third parties interacting with the Controller, always and exclusively for activities functional to the purposes described above. Such external parties are engaged to perform specific tasks on behalf of the Data Controller, in their capacity as Data Processors pursuant to Article 28 of the EU Regulation.

For brevity, a detailed list of such entities is available at our registered office and is at your disposal.

6 & 7. Data Disclosure and Transfer

Without the need for express consent (pursuant to Article 6, paragraph 1, letters b), c), and f) of the EU Regulation), the Data Controller may communicate your data for the purposes set out in points 2A to 2F to supervisory bodies, judicial authorities, as well as to parties to whom such communication is mandatory under the law for the fulfillment of the purposes indicated above.

These parties will process the data in their capacity as independent data controllers.

Personal data is stored on devices located at the Data Controller’s headquarters or at providers within the European Union.

Your data will not be disseminated.

To ensure the security of such transfers, we only rely on entities that offer the necessary guarantees to implement appropriate technical and organizational measures so that the processing complies with Regulation (EU) 679/2016.

For both data stored on internal devices and any data held by providers, the Data Controller has implemented adequate technical and organizational measures to ensure an appropriate level of security, in full compliance with the provisions of the EU Regulation.

8. Consequences of Failure to Provide Data

The personal data referred to in points 2A–2B of this notice are necessary; without such data, it would be impossible to proceed and fulfill contractual and legal obligations.

Conversely, the personal data referred to in points 2C–2D are optional. Refusing to provide them will have no consequences and will not affect your request to proceed with registration or the execution of contractual and legal obligations. Therefore, you may decide not to provide any data or to subsequently deny consent to the processing of data already provided, at any time.

9. Data Subject Rights

As a data subject, you have the rights provided for in Articles 15 to 22 of the EU Regulation, specifically the right to:

• Obtain confirmation of the existence and processing of personal data concerning you and, where applicable, access your data (so-called right of access);

• Obtain information regarding the purposes of the processing, the categories of data concerned, the recipients or categories of recipients to whom the data has been or will be disclosed, particularly if recipients are in third countries or international organizations, the envisaged data retention period or the criteria used to determine such period; and where the data is not collected from the data subject, all available information as to its source;

• Obtain the rectification of personal data concerning you (so-called right to rectification);

• Obtain the erasure of personal data concerning you (so-called right to erasure or right to be forgotten);

• Obtain restriction of processing (so-called right to restriction of processing);

• Receive your data in a structured, commonly used, and machine-readable format and transmit it to another controller without hindrance (so-called right to data portability);

• Object to processing at any time (so-called right to object). You are specifically informed, as required by Article 21 of the EU Regulation, that if personal data is processed for direct marketing purposes (including profiling), you have the right to object at any time to the processing of personal data concerning you for such purposes. If you object to processing for direct marketing purposes, your personal data may no longer be processed for such purposes;

• Be informed of (and object to) the existence of automated decision-making processes concerning individuals, including profiling;

• Withdraw consent at any time without affecting the lawfulness of processing based on consent prior to its withdrawal;

• Lodge a complaint with the supervisory authority (Italian Data Protection Authority – "Garante per la Protezione dei Dati Personali").

Please note that certain conditions or limitations may apply to data subjects' rights. For example, you may not have the right to data portability in all cases, as this depends on the specific circumstances of the processing activity.

Another example: if you decide to object to the processing of your data, the Data Controller has the right to assess your request, which may not be accepted if there are compelling legitimate grounds for processing that override your interests, rights, and freedoms.

10. Exercise of Rights

You may exercise your rights at any time without any formality, in a clear and explicit manner, by sending:

• A registered letter with return receipt to the Data Controller;

• An email to the address: ufficio.personale@facem.com;

• Or by directly contacting the Data Controller at the following number: +39 0124707711.

11. Minors

The services offered by the Data Controller and the relationship established with you do not involve the intentional collection of personal information relating to minors. If personal data relating to minors is inadvertently collected, the Data Controller will promptly delete such data upon request or notification from the data subject.

12. Data Processors and Authorized Persons

We hereby provide certain information that is necessary to bring to your attention, not only to comply with legal obligations but also because transparency and fairness toward data subjects are fundamental principles of our business.

Data Processor. The Data Controller has appointed CALICANTUS SRL as the Data Processor. This company is also responsible to you for the lawful and proper use of your personal data and can be contacted for any information or request at the following details:
Phone: +39 000 00000
Email: info@mail.com

Authorized Persons. The updated list of authorized persons/data processors is maintained at the registered office of the Data Controller.

 

 

Mod. INL – Data Update 05/2024

                                                  Privacy Notice for the Processing of Personal Data
                                Pursuant to Article 13 of the European Regulation No. 679/2016 (GDPR)

Dear Data Subject,

FACEM S.P.A., in its capacity as Data Controller pursuant to Article 13 of European Regulation No. 679/2016, the “General Data Protection Regulation (GDPR)” (hereinafter the “EU Regulation”), containing provisions regarding the processing of personal data, hereby informs you regarding the processing of your personal data.

The Regulation requires that anyone who processes personal data must inform the data subject about the data being processed and the elements characterizing such processing, which must, in any event, be carried out lawfully, fairly, and transparently, as well as ensure confidentiality and protect the rights of the data subject.

Please note that "processing of data" refers to any operation or set of operations concerning the collection, recording, organization, storage, consultation, processing, alteration, selection, retrieval, comparison, use, interconnection, blocking, communication, dissemination, or destruction of said data.

1. Data Controller

The Data Controller is FACEM S.P.A., with registered office at Via Bricherasio 7, Torino (TO), Italy, VAT No.: IT00517250015, and can be contacted at the following details:
Phone: +39 0124 707711
Email: facem@facem.com
(hereinafter, the “Controller” or “Data Controller”).

2. Nature of the Data Processed, Purposes, and Legal Basis of the Processing

Nature of the data processed. In relation to the purposes of the processing set out below, please be informed that only “ordinary personal data” will be processed, such as, for example:

• Personal identification data of the company contact person (first name, last name, company name, email);

• etc.

Purposes of the processing. Your personal data will be processed for the following purposes:

1. To respond to your request to register for our newsletter: through the voluntary completion of the specific form available in this newsletter section;

2. To fulfill legal obligations;

3. Marketing: to send you advertising material, direct sales communications, carry out market research, and commercial and promotional communications;

4. Profiling: to analyze your preferences and receive personalized commercial communications and/or information.

Legal basis of the processing. The processing of personal data for the purposes referred to in points 2A and 2B is lawful as it is necessary to perform pre-contractual and contractual obligations between us and the user (Art. 6(1)(b) of the Regulation), as well as to fulfill our legal obligations (Art. 6(1)(c) of the Regulation).

Your personal data, for the purposes outlined in points 2C–2D of this notice, may only be processed lawfully with your prior consent (Art. 6(1)(a) of the EU Regulation), which must be specific, separate, explicit, documented, informed, and entirely optional.

The consent you provide may be revoked at any time, without prejudice to the lawfulness of the processing based on the consent given before such revocation (Art. 7(3) of the EU Regulation).

Furthermore, the data subject is informed that, pursuant to Art. 21 of the EU Regulation, the data subject has the right to object at any time to the processing of their personal data carried out for direct marketing purposes (including profiling). If the data subject objects to such processing, their personal data may no longer be processed for these purposes.

Clarification: In line with our Company’s principle of maximum transparency toward the data subject, we inform you that if you choose to consent to point 2C (marketing), you must be clearly informed and aware that the processing purposes pursued are of a specific commercial, advertising, promotional, and marketing nature, including:

• Sending promotional and informational materials (e.g., Newsletters);

• Sending commercial information using paper-based, automated, or electronic methods, including regular mail or email, telephone (e.g., calls, WhatsApp messages, SMS, MMS), fax, and any other digital channel (e.g., websites, mobile apps);

• Sending invitations to events, exhibitions, and informational or promotional meetings;

• Sending updates on promotional initiatives or technical news, services, training or support activities, and/or conducting satisfaction surveys regarding service quality.

3. Data Recipients and Processing Methods
Existence of Automated Decision-Making, Including Profiling

The processing of your personal data will be carried out in accordance with the principles of fairness, lawfulness, and transparency. Processing may be carried out using both paper and electronic tools by employees of the Controller, who are authorized/appointed for the processing of personal data, as well as by external entities appointed to perform specific tasks on behalf of the Data Controller, as Data Processors pursuant to Art. 28 of the EU Regulation, based on our formal appointment letter requiring them to maintain the confidentiality and security of the processed personal data and to adopt appropriate security measures to prevent data loss, unlawful or improper use, and unauthorized access, in accordance with applicable data protection legislation.

For brevity, the detailed list of such parties is available at the Controller’s headquarters and is available upon request.

Your personal data will not be disseminated, will not be transferred to third countries or international organizations, and will not be disclosed to third parties unless required by legal or contractual obligations.

In accordance with Art. 13(2)(f) and Art. 14(2)(g) of the EU Regulation, please note that the Data Controller does not currently use any automated decision-making systems or processes.

4. Data Retention Periods

Your personal data will be retained for no longer than is necessary for the purposes for which they are processed, in accordance with the data minimization and storage limitation principles of the EU Regulation and/or for the time required by legal and contractual obligations or until the specific consent of the data subject is withdrawn, specifically:

• With reference to the purposes set out in points 2A–2B, the data will be stored for no longer than is necessary to achieve the purposes for which they are processed and/or for the time strictly necessary to fulfill legal and contractual obligations;

• With reference to the purposes set out in point 2C, data processed for marketing purposes will be retained no longer than 24 months from the date of collection;

• With reference to the purposes set out in point 2D, data processed for profiling purposes will be retained no longer than 12 months from the date of collection.

To ensure compliance with the declared retention periods, a periodic annual review will be conducted on the data processed to assess the possibility of deleting data no longer necessary for the specified purposes.

5. Access to Data (Categories of Recipients to Whom Data May Be Disclosed)

We also inform you that the data collected will never be disseminated and will not be communicated without your explicit consent, except for necessary communications that may involve the transfer of data to public authorities, consultants, or other entities for the fulfillment of fiscal and legal obligations or for the fulfillment of the purposes (where authorized), subject to our formal letter of appointment requiring them to maintain confidentiality and data security in the processing of personal data.

Pursuant to Article 13, paragraph 1, letter (e) of the EU Regulation, we provide below a list of the entities or categories of entities (duly identified and instructed) who may become aware of the user’s personal data in their capacity as data processors or persons in charge of the processing:

• Shareholders, employees, collaborators, and suppliers of the Data Controller in Italy and abroad, in their capacity as persons in charge/authorized and/or data processors (e.g., departments: commercial, technical, administrative, legal, press; system administrators, external professionals, service providers, etc.)

• Partner companies and/or companies directly affiliated with the undersigned, whose activities are essential to the completion/execution of your request.

Your personal data may also be communicated to external subjects handling procedures concerning you, while carrying out the activities, and to external subjects interacting with us, always and exclusively for purposes connected to the above-mentioned activities. These external subjects are appointed to perform specific tasks on behalf of the Data Controller, as Data Processors pursuant to Article 28 of the EU Regulation.

For brevity, the detailed list of such parties is available at our headquarters and is at your disposal.

6. and 7. Disclosure and Transfer of Data

Without the need for express consent (Art. 6, par. 1, letters (b), (c), and (f) of the EU Regulation), the Data Controller may disclose your data for the purposes referred to in points 2A through 2F to supervisory bodies, judicial authorities, and to those entities to whom disclosure is mandatory by law for the fulfillment of the above purposes.

These entities will process the data in their capacity as independent data controllers.

Personal data is stored on devices located at the premises of the Data Controller or with providers, within the European Union.

Your data will not be disseminated.

To ensure the security of such transfers, we only use entities that provide the necessary guarantees to implement appropriate technical and organizational measures so that the processing complies with Regulation (EU) 679/2016.

For both the data on its own devices and any data stored by providers, the Data Controller has implemented appropriate technical and organizational measures to ensure an adequate level of security, in full compliance with the provisions of the EU Regulation.

8. Consequences of Failing to Provide Data

The personal data referred to in points 2A–2B of this policy are necessary. Without such data, it would be impossible to proceed with your registration (creation of your personal account) or to fulfill contractual and legal obligations.

The personal data referred to in points 2C–2D, on the other hand, are optional. Refusal to provide them will have no consequence and will not prejudice your request to register or fulfill contractual and legal obligations. You may therefore choose not to provide any data or to subsequently deny the processing of data you have already provided at any time.

9. Data Subject Rights

As a data subject, you have the rights set forth in Articles 15 to 22 of the EU Regulation, including the right to:

• Obtain confirmation of the existence and processing of personal data concerning you and, if so, to access your data (so-called right of access);

• Obtain information on the purposes of processing, the categories of data concerned, the recipients or categories of recipients to whom the data has been or will be disclosed—particularly if to recipients in third countries or international organizations—the period for which the data will be stored, or the criteria used to determine that period; and if the data was not collected from you, to obtain all available information about its origin;

• Obtain the rectification of data concerning you (so-called right to rectification);

• Obtain the erasure of data concerning you (so-called right to erasure or right to be forgotten);

• Obtain restriction of processing (so-called right to restriction of processing);

• Obtain data portability, i.e., to receive the data from a data controller in a structured, commonly used, machine-readable format and to transmit it to another data controller without hindrance (so-called right to data portability);

• Object to processing at any time (so-called right to object). Specifically, as required by Article 21 of the EU Regulation, if personal data is processed for direct marketing purposes (including profiling), the data subject has the right to object at any time to the processing of personal data concerning them for such purposes. If the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes;

• Be informed (with the right to object) of the existence of automated decision-making, including profiling, concerning natural persons;

• Withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal;

• Lodge a complaint with a supervisory authority (Data Protection Authority).

Please note that there may be conditions or limitations to the data subject’s rights. For example, the right to data portability may not apply in all cases; this depends on the specific circumstances of the data processing.

Another example: if you object to the processing of your data, the Data Controller may evaluate your request, which could be denied if there are compelling legitimate grounds for processing that override your interests, rights, and freedoms.

10. How to Exercise Your Rights

You may exercise your rights clearly and explicitly at any time and without any formalities by:

• Sending a registered letter with return receipt to the undersigned;

• Sending an email to: ufficio.personale@facem.com;

• Or by contacting the Data Controller directly at: +39 0124 707711

11. Minors

The services offered by the Data Controller and subject to the current agreement do not include the intentional collection of personal data concerning minors. Should any information regarding minors be inadvertently recorded, the Data Controller will promptly delete it upon request or notification by the data subject.

12. Data Processors and Authorized/Designated Persons

Below, we provide some information that must be brought to your attention, not only to comply with legal obligations but also because transparency and fairness toward data subjects is a cornerstone of our operations.

Data Processor. The Data Controller has appointed CALICANTUS SRL as Data Processor. This company is also responsible toward you for the lawful and proper use of your personal data and may be contacted for any information or request at the following contacts:
Phone: +39 0422 782890,
Email: privacy@calicant.us

Authorized/Designated Persons. The updated list of persons authorized to process the data is kept at the headquarters of the Data Controller.

 

 

Mod.: ICV – Data Update 05/2024
                                                            Privacy Notice for the Processing of Personal Data
                                        Pursuant to Article 13 of the European Regulation No. 679/2016 (GDPR)                                                                                  Legislative Decree No. 196/2003 amended by Legislative Decree No. 101/2018

1. Data Controller

The Data Controller is FACEM S.P.A., with registered office at Via Bricherasio 7, Turin (TO), Italy, VAT No. IT00517250015 (hereinafter, the “Controller”).

Notice to Candidates – “Work with Us”

This privacy notice is provided to individuals who, following a personnel search, a spontaneous application, a response to one of our job advertisements, or a job interview, send their résumé (curriculum vitae) to the Data Controller through its website.

For any other information regarding the processing of personal data while browsing the website, users are advised to consult the privacy policy available on the site.

2. Categories of Personal Data Subject to Processing

Data voluntarily provided by the user, including:

• Ordinary personal data (such as personal details; contact information; education and work experience; and other data typically included in a résumé)

• Special categories of data (Art. 9 GDPR) — only in exceptional cases

• Criminal data (Art. 10 GDPR) — only in exceptional cases

The data collected by the Controller through the submission of résumés, evaluation interviews, or third-party referrals—such as name, surname, place and date of birth, tax identification number, phone number, mailing address, academic qualifications, and other personal identification elements—submitted in relation to job openings or spontaneous applications, fall under the category of “personal data” as defined in Article 4(1) and (15) of the GDPR and will be processed exclusively to assess candidates’ professional aptitude and capabilities in connection with a current job opening or for future workforce expansion needs.

Except in cases of job positions reserved for protected categories, it is not necessary to include in the résumé any special categories of personal data (i.e., data revealing racial or ethnic origin, religious, philosophical, or other beliefs, political opinions, union membership, or data concerning health or sexual orientation).

3. Purpose and Legal Basis for Processing

The personal data of individuals who send their résumé, whether spontaneously or following a personnel search, will be processed in the manner and forms prescribed by the GDPR:

• For purposes of recruitment and personnel selection, or to propose other job opportunities aligned with the candidate’s professional profile (legal basis: pre-contractual obligations);

• To comply with specific legal obligations or perform tasks required by laws, regulations, or EU legislation (legal basis: legal obligation).

The collection and processing of data is conducted to allow the Controller to carry out personnel search, selection, and evaluation activities. Processing for this purpose does not require the candidate’s consent, as it is necessary for the performance of pre-contractual measures taken at the request of the data subject (Art. 6(1)(b) GDPR), except for the processing of special categories of personal data which, if provided, may only be processed by the Controller with the candidate’s explicit consent.

Data will be processed by personnel authorized pursuant to Article 29 of the GDPR. The processing will be carried out using both computerized and manual methods, according to logic compatible with and functional to the purposes for which the data was collected, and in compliance with confidentiality and security measures required by law and internal company regulations.

4. Obligation to Provide Data

Providing personal data for the purposes indicated above is optional and voluntary.

However, it is necessary in order to complete the specific website functionality for correctly submitting one’s application and participating in recruitment processes. In order to correctly submit an application, the candidate must provide consent to the processing of their data. Without such consent, it will not be possible to send data for recruitment purposes.

In any case, even where consent has been provided for the above-listed purposes, the data subject remains free to revoke that consent at any time.

In accordance with Article 21 of the GDPR, the data subject is specifically and separately informed of the right to object at any time to the processing of personal data for the purposes stated above. Should the data subject object, their personal data may no longer be processed for those purposes.

5. Recipients of Personal Data

The personal data processed will not be disclosed but may be communicated to specific parties, such as personnel of the Controller expressly authorized to process the data. Based on their roles and job duties, personnel are authorized to process data within the scope of their responsibilities and in accordance with instructions provided by the Controller.

The data may also be communicated to parties authorized by law, regulations, or orders from competent authorities.

Specifically, the data may be used by third parties or companies that perform services on behalf of the Controller, such as:

• External consultants for recruitment, selection, and personnel evaluation;

• Parties legally entitled to access the data under applicable laws, regulations, or decisions by competent authorities.

These recipients will process the data as data controllers, processors, or authorized persons, depending on the case. Outside of the scenarios described above, the data will not be disclosed in any way.

6. Data Storage Methods

Data processing is carried out using manual, electronic, and IT tools, with methods strictly related to the purposes for which the data is processed, and in compliance with Article 32 GDPR concerning security measures.

7. Data Retention Period

Personal data is retained for the time necessary to achieve the specific purposes for which it was collected, and in any event, for no longer than six months from the receipt of the résumé. After this period, the data will be automatically deleted, and no copies will be retained.

Exceptions may be made where it is necessary to retain the data longer in order to establish, exercise, or defend legal claims or to comply with legal obligations or orders from authorities.

8. Transfer of Personal Data

The Controller does not transfer personal data to third countries or international organizations.

9. Data Subject’s Rights

Each data subject has the right of access, rectification, erasure (right to be forgotten), restriction of processing, notification in the event of rectification or erasure or restriction, data portability, objection, and not to be subject to a decision based solely on automated processing, including profiling, pursuant to Articles 15 to 22 of the GDPR.

These rights may be exercised in the manner and within the terms provided under Article 12 of the GDPR, by sending a written request to the Controller (see Section 10).

The Controller will respond appropriately as soon as possible upon receiving the request.

10. Right to Withdraw Consent (How to Exercise Rights)

Consent, where required, may be withdrawn at any time, and rights may be exercised by sending either:

• A registered letter with return receipt to the Controller with an explicit request;

• An email to: ufficio.personale@facem.com

11. Complaints

Each data subject has the right to lodge a complaint pursuant to Articles 77 and following of the GDPR with a supervisory authority. In Italy, this is the Garante per la Protezione dei Dati Personali. Procedures, methods, and deadlines for filing complaints are governed by national legislation. Complaints do not preclude other administrative or judicial remedies, which in Italy may be brought before the Garante or the competent court.

12. Data Controller, Processor, and Authorized Personnel

Below is information that must be brought to your attention, not only to comply with legal obligations but also as a matter of transparency and fairness, which are core values of our operations.

Data Controller:
The Data Controller of your personal data is FACEM S.P.A., responsible for the lawful and proper use of your personal data. You may contact the Controller for any information or request at:
Phone: +39 0124 707711
Email: facem@facem.com

Data Processor:
The Controller has appointed CALICANTUS SRL as Data Processor. CALICANTUS SRL is also responsible for the lawful and proper use of your data and can be contacted at:
Phone: +39 0422 782890
Email: privacy@calicant.us

Authorized Personnel:
An up-to-date list of persons authorized to process personal data is available at the Controller’s registered office.

 

 

Mod. ICHECKOUT – Data Updated: 05/2024

Privacy Notice for the Processing of Personal Data
Pursuant to Article 13 of Regulation (EU) No. 679/2016 (General Data Protection Regulation – “GDPR”)

Dear Data Subject,

FACEM S.P.A., in its capacity as the Data Controller pursuant to Article 13 of Regulation (EU) 2016/679 (hereinafter, the “EU Regulation” or “GDPR”), which governs the processing of personal data, hereby informs you about the processing of your personal data.

Pursuant to the GDPR, any entity processing personal data is required to inform the data subject regarding the nature of the data collected and the essential elements of the processing, which must always be conducted lawfully, fairly, and transparently, ensuring confidentiality and the rights of the data subject.

“Processing of personal data” means any operation or set of operations performed on personal data, whether or not by automated means, including collection, recording, organization, storage, consultation, processing, modification, selection, retrieval, comparison, use, interconnection, blocking, disclosure, dissemination, or destruction.

1. Data Controller

The Data Controller is FACEM S.P.A., with registered office at Via Bricherasio 7, Turin (TO), Italy, VAT No. IT00517250015. You may contact the Data Controller at:
Phone: +39 0124 707711
Email: facem@facem.com

2. Nature of the Data Processed, Purpose, and Legal Basis of the Processing

Nature of the data processed
Only “ordinary personal data” will be processed, such as:

• Identifying information necessary to fulfill your order

• etc.

Purpose of the processing. Your personal data will be processed for the following purposes:

1. To register you on our website so you may place an order via the designated form on this page and to facilitate invoicing based on the order placed;
2. To manage pre-contractual and contractual relations;
3. To comply with legal obligations;
4. Marketing: to send you advertising materials, direct sales communications, market research, and promotional/commercial content;
5. Profiling: to analyze your preferences and send you personalized informational and/or commercial content.

Legal basis of the processing
The processing of your data under points 2A–2C is lawful on the following bases:

• For the pursuit of the Data Controller’s legitimate interests (Art. 6(1)(f) GDPR);

• For the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (Art. 6(1)(b) GDPR);

• To comply with a legal obligation to which the Data Controller is subject (Art. 6(1)(c) GDPR).

The processing of your data for the purposes under points 2D and 2E will only be lawful with your prior, specific, separate, explicit, documented, informed, and freely given consent (Art. 6(1)(a) GDPR).

You may withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal (Art. 7(3) GDPR).

Furthermore, pursuant to Article 21 of the GDPR, you are entitled to object at any time to the processing of your personal data for direct marketing purposes (including profiling). If you object, your personal data will no longer be processed for such purposes.

Important Notice Regarding Marketing Consent:
In the interest of transparency, we inform you that if you consent to processing for marketing purposes (point 2D), such processing has a commercial, promotional, and marketing nature. Activities may include:

• Sending promotional and informational material (e.g., newsletters);

• Sending commercial information via paper or electronic means (e.g., mail, email, phone, WhatsApp, SMS, MMS, fax, websites, mobile apps);

• Inviting you to events, exhibitions, or promotional/informational meetings;

• Communicating updates on promotional initiatives, technical news, services, training, support, or satisfaction surveys.

3. Data Recipients and Processing Methods – Existence of Automated Decision-Making, Including Profiling

Your personal data will be processed in accordance with the principles of lawfulness, fairness, and transparency, using both paper and electronic means, by authorized employees of the Data Controller and by external entities engaged for specific purposes as Data Processors pursuant to Article 28 of the GDPR, under a written agreement requiring confidentiality and implementation of appropriate security measures.

The complete list of such parties is available at the registered office of the Data Controller and may be provided upon request.

Your data will not be disclosed to the public, transferred to non-EU countries or international organizations, nor shared with third parties unless required by legal or contractual obligations.

Pursuant to Articles 13(2)(f) and 14(2)(g) GDPR, the Data Controller hereby states that no automated decision-making processes, including profiling, are currently in use.

4. Data Retention Period

Personal data will be retained no longer than necessary for the purposes for which it was collected, in compliance with the storage limitation principle under the GDPR and/or for as long as required by legal or contractual obligations, or until the withdrawal of consent by the data subject.

• For purposes under points 2A–2C, data will be stored only as long as necessary to fulfill those purposes and/or legal obligations.

• For marketing purposes under point 2D, data will be retained no longer than 24 months from collection.

• For profiling under point 2E, data will be retained no longer than 12 months from collection.

An annual review will be conducted to assess whether data remains necessary and may be deleted if no longer required.

5. Data Access (Categories of Recipients)

Your data will never be publicly disclosed or shared without your explicit consent, except as required to fulfill legal or tax obligations. In such cases, data may be shared with:

• Shareholders, employees, contractors, and vendors (both domestic and foreign) of the Data Controller, in their capacity as authorized personnel and/or data processors (e.g., commercial, technical, administrative, legal departments, system administrators, external professionals, service providers, etc.);

• Partner companies essential to the execution of the services you requested;

• Other external parties engaged to perform tasks on behalf of the Data Controller, in compliance with Article 28 GDPR.

The full list of such parties is available at the registered office of the Data Controller upon request.

6 & 7. Communication and Data Transfers

Without requiring your consent (pursuant to Art. 6(1)(b), (c), and (f) GDPR), your data may be communicated to regulatory bodies, judicial authorities, or other parties when legally required for the purposes outlined above. These entities will process the data in their capacity as independent data controllers.

Data is stored on devices located at the Data Controller’s facilities or on servers of providers located within the European Union.

No data will be publicly disseminated.

All processors and storage providers are selected based on their capacity to implement technical and organizational measures that comply with GDPR standards.

8. Consequences of Failure to Provide Data

The provision of data for purposes listed in points 2A–2C is mandatory, and failure to provide such data will make it impossible to proceed with registration and fulfill contractual and legal obligations.

The provision of data for points 2D–2E is optional and refusal will have no consequence on your ability to register or to receive contracted services. You may also later withdraw any previously given consent.

9. Data Subject Rights

As a data subject, you have the rights set forth in Articles 15–22 of the GDPR, including:

• Right of access: to obtain confirmation of whether your personal data is being processed and access to such data;

• Right to rectification: to request correction of inaccurate or incomplete data;

• Right to erasure (“right to be forgotten”): to request deletion of data under certain circumstances;

• Right to restriction of processing;

• Right to data portability: to receive your data in a structured, commonly used, machine-readable format and transmit it to another controller;

• Right to object: to object to processing at any time, especially for direct marketing (including profiling);

• Right not to be subject to automated decision-making, including profiling;

• Right to withdraw consent at any time;

• Right to lodge a complaint with a supervisory authority (in Italy: Garante per la Protezione dei Dati Personali).

Please note: The exercise of certain rights may be subject to conditions or limitations based on the specific circumstances of the processing.

For instance, in the event you object to processing, the Controller may assess whether there are compelling legitimate grounds to continue processing, which may override your interests, rights, and freedoms.

10. Exercising Your Rights

You may exercise your rights at any time, without formalities, by clearly and explicitly contacting us via:

• Registered mail: [address of the Controller]

• Email: facem@facem.com

• Phone: +39 0124 707711

11. Minors

The services and offerings of the Data Controller are not intended for individuals under the age of majority. Should data pertaining to minors be inadvertently collected, such data will be promptly deleted upon request or notification by the data subject.

12. Data Processors and Authorized Persons

Below is information provided not only to comply with legal obligations but also to uphold our commitment to transparency.

Data Processor:
The Data Controller has appointed CALICANTUS SRL as Data Processor. CALICANTUS SRL is responsible for the lawful and correct use of your personal data and may be contacted at:
Phone: +39 0422 782890
Email: privacy@calicant.us

Authorized personnel:
An up-to-date list of authorized personnel involved in processing is maintained at the Data Controller’s registered office.

 

 

Mod. IREG – Date Updated: 05/2024
Privacy Notice for the Processing of Personal Data
Pursuant to Article 13 of EU Regulation No. 679/2016 (General Data Protection Regulation – GDPR)

Dear Data Subject,

FACEM S.P.A., in its capacity as Data Controller pursuant to Article 13 of EU Regulation No. 679/2016 (hereinafter, the “EU Regulation”), which contains provisions concerning the processing of personal data, hereby provides you with the following information regarding the processing of your personal data.

The law requires that any entity processing personal data must inform the data subject about the data being processed and the essential characteristics of such processing, which must in any case be carried out lawfully, fairly, and transparently, while safeguarding confidentiality and guaranteeing the data subject’s rights.

Please note that the term "processing" refers to any operation or set of operations carried out on personal data, whether or not by automated means, including collection, recording, organization, storage, consultation, alteration, retrieval, comparison, use, interconnection, restriction, disclosure, dissemination, or erasure of the data.

1. Data Controller

The Data Controller is FACEM S.P.A., with registered office at Via Bricherasio 7, Turin (TO), Italy, VAT No. IT00517250015. Contact information:
Phone: +39 0124 707711
Email: facem@facem.com

2. Nature of Data Processed, Purpose, and Legal Basis of Processing

Nature of the data processed: Only "common personal data" will be processed, including, by way of example:

• Company identification data (company name, VAT number, tax code, type, address, phone number, email, etc.);

• Personal identification data of the company representative and legal representative (first name, last name, etc.);

• Etc.

Purpose of processing: Your personal data will be processed for the following purposes:

• To fulfill your request to register on our website and create a personal account through the appropriate form;

• To manage pre-contractual and contractual relationships;

• To fulfill legal obligations;

• Marketing purposes: To send you advertising materials, direct sales, conduct market research, and send commercial and promotional communications;

• Profiling purposes: To analyze your preferences and provide you with customized information and/or commercial communications.

Legal basis for processing:
Processing of personal data for purposes under sections 2A–2C is based on:

• The legitimate interest of the Data Controller (Art. 6(1)(f) of the EU Regulation);

• The performance of a contract to which the data subject is party or the execution of pre-contractual measures (Art. 6(1)(b) of the EU Regulation);

• Compliance with a legal obligation (Art. 6(1)(c) of the EU Regulation).

Processing of personal data for purposes under sections 2D–2E shall be lawful only with your prior consent (Art. 6(1)(a) of the EU Regulation), which must be specific, separate, express, documented, informed, and entirely voluntary.

You may withdraw the consent given at any time without affecting the lawfulness of processing based on consent before its withdrawal (Art. 7(3) of the EU Regulation).

Additionally, under Art. 21 of the EU Regulation, the data subject has the right to object at any time to the processing of their personal data for direct marketing purposes (including profiling). If the data subject objects to processing for such purposes, the personal data may no longer be used for them.

Clarification: In line with our commitment to full transparency, if you choose to provide consent for section 2D (marketing), you must be fully informed that the purposes pursued include commercial, advertising, promotional, and marketing activities in the broad sense, such as:

• Sending advertising and informational material (e.g., newsletters) for promotional purposes;

• Sending commercial information via print, electronic or automated means (e.g., postal mail, email, phone calls, WhatsApp messages, SMS, MMS, fax, and other digital channels such as websites or mobile apps);

• Inviting you to events, exhibitions, and informational/promotional meetings;

• Providing updates on promotions or technical news, services, training, assistance, or satisfaction surveys.

3. Data Recipients and Processing Methods – Automated Decision-Making and Profiling

The processing of your personal data will be conducted lawfully, fairly, and transparently using both paper and electronic means. Data may be processed by authorized personnel of the Data Controller or by external parties acting as Data Processors under Art. 28 of the EU Regulation, who are contractually bound to confidentiality and to implementing appropriate security measures to prevent data loss, unlawful use, or unauthorized access.

A complete list of such parties is available at the Data Controller’s registered office.

Your data will not be disseminated, nor transferred to third countries or international organizations, and will not be shared with third parties unless required by legal or contractual obligations.

4. Data Retention Period

Your personal data will be retained for no longer than necessary to fulfill the purposes for which they were collected, in accordance with the data minimization and storage limitation principles under the EU Regulation, and/or as long as required by legal or contractual obligations or until you revoke your consent:

• For purposes listed in sections 2A–2C: data will be stored only for as long as needed to achieve the specified purposes and/or to meet legal and contractual obligations.

• For purposes in section 2D (Marketing): data will be retained for no more than 24 months from the date of collection.

• For purposes in section 2E (Profiling): data will be retained for no more than 12 months from the date of collection.

An annual review will be conducted to assess whether the data are still necessary and should be deleted.

5. Data Access (Categories of Authorized Recipients)

The data collected will never be disseminated or communicated without your explicit consent, except where necessary to fulfill legal or tax obligations.

Pursuant to Art. 13(1)(e) of the EU Regulation, we inform you that the following categories of individuals may have access to your personal data, having been properly identified and trained:

• Shareholders, employees, collaborators, and suppliers of the Data Controller, both in Italy and abroad, as authorized personnel or Data Processors (e.g., departments such as sales, technical, legal, administration, press office, system administrators, external professionals, service providers, etc.);

• Partner companies and/or affiliates of the Data Controller, when essential to fulfill your requests;

• External parties handling your files or interacting with the Data Controller exclusively for the purposes mentioned, acting as Data Processors under Art. 28 of the EU Regulation.

A full list of these parties is available at the Data Controller’s office.

6 & 7. Data Disclosure and Transfer

Without requiring your express consent (under Art. 6(1)(b), (c), and (f) of the EU Regulation), the Data Controller may disclose your data for the purposes listed in sections 2A–2F to regulatory authorities, judicial bodies, or other parties where disclosure is required by law.

These recipients will act as independent data controllers.

Personal data are stored on devices located at the Data Controller’s premises or hosted by providers within the European Union.

Your data will not be disseminated.

To ensure the security of such transfers, we rely exclusively on entities that provide the necessary guarantees to implement appropriate technical and organizational measures so that the processing complies with the provisions of EU Regulation 679/2016.

With regard both to data stored on its own devices and to any data held by providers, the Data Controller has implemented appropriate technical and organizational measures to ensure an adequate level of security, in full compliance with the requirements set forth by the EU Regulation.

8. Consequences of Failure to Provide Data

The personal data specified in sections 2A–2C are mandatory; failure to provide such data would prevent registration (i.e., account creation) and compliance with contractual or legal obligations.

Conversely, providing data for purposes outlined in sections 2D–2E is optional. Refusing to provide them will have no consequences on your registration or ability to meet legal and contractual obligations. You may choose not to provide such data or to revoke your consent at any time.

9. Data Subject Rights

As a data subject, you are entitled to exercise the rights provided under Articles 15 to 22 of the EU Regulation, including the right to:

• Confirm whether personal data concerning you are being processed and access such data (right of access);

• Obtain information on the purposes of processing, categories of personal data involved, recipients, or categories of recipients to whom the data are or will be disclosed, especially if recipients are in third countries or international organizations, data retention period, and the source of the data (if not collected from the data subject);

• Request rectification of your personal data (right to rectification);

• Request erasure of your data (right to be forgotten);

• Request restriction of processing (right to restriction);

• Receive the data in a structured, commonly used, machine-readable format and transmit it to another controller (right to data portability);

• Object to processing at any time (right to object). In particular, under Art. 21 of the Regulation, if your data are used for direct marketing purposes (including profiling), you may object at any time and your data will no longer be processed for such purposes;

• Be informed of any automated decision-making processes, including profiling, and opt out of such processes;

• Withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal;

• Lodge a complaint with a supervisory authority (e.g., the Italian Data Protection Authority).

Please note that certain rights may be subject to limitations based on specific circumstances. For instance, the right to data portability may not always apply.

Similarly, if you object to processing, the Data Controller may assess whether legitimate grounds override your interests, rights, and freedoms.

10. Exercising Your Rights

You may exercise your rights at any time, clearly and explicitly, without any formal requirements, by:

• Sending a registered letter with return receipt to the address above;

• Sending an email to: ufficio.contabile@facem.com

• Or by calling the Data Controller directly at: +39 0124 707711

11. Minors

The services provided by the Data Controller are not intended for minors, and personal data of minors are not knowingly collected. If such data is inadvertently collected, it will be promptly deleted upon request or notification from the data subject.

12. Data Processors and Authorized Personnel

We provide the following information not only to comply with legal obligations but also as part of our commitment to transparency and fairness toward data subjects.

Data Processor: The Data Controller has appointed CALICANTUS SRL as its Data Processor, which is also responsible to you for the lawful and proper handling of your personal data. You may contact them at:
Phone: +39 0422 782890
Email: privacy@calicant.us

Authorized Personnel. An up-to-date list of individuals authorized to process personal data is kept at the Data Controller’s registered office and is available upon request.

 

 

Mod. ICHECKOUT – Data Updated 05/2024

Notice Regarding the Processing of Personal Data
Pursuant to Article 13 of EU REGULATION No. 679/2016

Dear Data Subject,

FACEM S.P.A., in its capacity as Data Controller pursuant to Article 13 of the European Regulation No. 679/2016 “General Data Protection Regulation (GDPR)” (hereinafter, EU Regulation), which contains provisions on the processing of personal data, hereby informs you regarding the processing of your personal data.

The Regulation provides that any entity processing personal data must inform the data subject about the data being processed and the qualifying elements of the processing, which must in any case be lawful, fair, and transparent, as well as protect confidentiality and ensure the rights of the data subject.

Please note that "processing of data" means any operation or set of operations concerning the collection, recording, organization, storage, consultation, processing, modification, selection, retrieval, comparison, use, interconnection, blocking, communication, dissemination, destruction of the data.

1. Data Controller

The Data Controller is FACEM S.P.A., with registered office at Via Bricherasio 7, Torino (TO), Italy, VAT No.: IT00517250015, and can be contacted at the following:
Phone: +39 0124 707711
Email: facem@facem.com

2. Nature of Data Processed, Purposes and Legal Basis of Processing

Nature of Data Processed. In relation to the purposes outlined below, please be advised that only “common personal data” will be processed, such as:

• identification data necessary to fulfill your order

Purpose of Processing. Your personal data will be processed for the following purposes:

• to fulfill your request to register on our website in order to place your order by completing the appropriate form found on this page and to follow up on the invoicing of the order contents;

• to manage pre-contractual and contractual relationships;

• to comply with legal obligations;

• marketing: to send you advertising material, direct sales offers, conduct market research, and issue commercial and promotional communications;

• profiling: to analyze your preferences and send personalized information and/or commercial communications.

Legal Basis of Processing. Personal data for the purposes set out in points 2A-2B and 2C will be processed respectively for the pursuit of the legitimate interest of the Controller (Art. 6(1)(f) EU Regulation), for the performance of a contract to which the data subject is party or to take pre-contractual steps at the data subject's request (Art. 6(1)(b) EU Regulation), and to comply with a legal obligation to which the Controller is subject (Art. 6(1)(c) EU Regulation).

Your personal data for the purposes outlined in points 2D-2E of this notice may only be lawfully processed upon your explicit consent (Art. 6(1)(a) EU Regulation), which must be specific, separate, expressed, documented, prior, and entirely optional.

Consent you provide may be withdrawn at any time, without affecting the lawfulness of the processing based on consent before its withdrawal (Art. 7(3) EU Regulation).

Additionally, pursuant to Art. 21 of the EU Regulation, the data subject is informed of their right to object at any time to the processing of personal data concerning them for direct marketing purposes (including profiling). If the data subject objects to processing for such purposes, personal data may no longer be processed for these purposes.

Clarification: In line with our company's principle of maximum transparency toward the data subject, we inform you that if you decide to give consent to point 2D (marketing), you must be previously informed and fully aware that the purposes pursued involve activities of a commercial, advertising, promotional, and general marketing nature, such as:

• sending advertising and informational materials (e.g., newsletters) of a promotional nature;

• sending commercial information by paper-based, automated, or electronic means, including via postal mail or email, phone (e.g., calls, WhatsApp messages, SMS, MMS), fax, or any other IT channel (e.g., websites, mobile apps);

• forwarding invitations to events, exhibitions, and information/promotional meetings;

• sending updates on promotional initiatives or technical news regarding services, training, or support and/or collecting satisfaction feedback on quality.

3. Data Recipients and Processing Methods – Existence of Automated Decision-Making, Including Profiling

Your personal data will be processed in a lawful, fair, and transparent manner, using both paper and electronic tools, by the Company’s personnel authorized to process such data, as well as by external entities appointed to perform specific tasks on behalf of the Data Controller, acting as Data Processors pursuant to Art. 28 of the EU Regulation, under a formal assignment that binds them to confidentiality and requires appropriate security measures to prevent data loss, unlawful or incorrect use, and unauthorized access, in compliance with current data protection laws.

For brevity, the detailed list of such entities is available at the Data Controller's office and is available upon request.

Your personal data will not be disseminated or transferred to third countries or international organizations and will not be disclosed to third parties except where required by law or contract.

In accordance with Article 13(2)(f) and Article 14(2)(g) of the EU Regulation, we inform you that, as of now, the Data Controller does not use any automated decision-making systems or processes.

4. Data Retention Period

Your personal data will be retained for no longer than is necessary to fulfill the purposes for which they are processed, in compliance with the principle of storage limitation under the EU Regulation and/or for the time required by legal and contractual obligations or until specific consent is revoked by the data subject.

• With reference to purposes under points 2A-2B-2C, data will be retained no longer than is necessary to achieve the stated purposes and/or for the time strictly necessary to comply with legal and contractual obligations.

• For purposes under point 2D, data processed for marketing will be retained for no more than 24 months from collection.

• For purposes under point 2E, data processed for profiling will be retained for no more than 12 months from collection.

To ensure compliance with the stated retention periods, a periodic annual review will be carried out to assess whether data can be deleted if no longer necessary for the stated purposes.

5. Data Access (Categories of Recipients to Whom Data May Be Communicated)

Please be informed that the data collected will never be disseminated and will not be communicated without your explicit consent, except where such communication is necessary and may involve data transfer to public authorities, consultants, or other subjects for the fulfillment of fiscal or legal obligations or authorized purposes, under a formal assignment that ensures confidentiality and data security.

Pursuant to Article 13(1)(e) of the EU Regulation, we indicate the entities or categories of entities (duly identified and instructed) who may access personal data as data processors or authorized persons. The following list is provided by category:

• Shareholders, employees, collaborators, and suppliers of the Data Controller in Italy and abroad, in their capacity as authorized personnel and/or data processors (e.g., commercial, technical, administrative, legal, or press departments; system administrators; external professionals; various service providers, etc.)

• Partner companies and/or those directly affiliated with the Controller, whose activities are essential for fulfilling/executing your request.

Your personal data may also be disclosed to external parties handling your cases and to external parties interacting with the Company, exclusively for functional activities related to the above-mentioned purposes. These external parties are appointed Data Processors pursuant to Art. 28 of the EU Regulation.

For brevity, the detailed list of such parties is available at our office and is at your disposal.

6 & 7. Communication and Transfer of Data

Without requiring express consent (pursuant to Art. 6(1)(b), (c), and (f) of the EU Regulation), the Data Controller may communicate your data for the purposes outlined in points 2A to 2F to supervisory bodies, judicial authorities, and entities to whom communication is legally required to achieve the stated purposes.

These entities will process the data as independent data controllers.

Personal data is stored on devices located at the Data Controller's premises or with providers located within the European Union.

Your data will not be disseminated.

To ensure secure data transfers, we use only entities that provide adequate guarantees and implement appropriate technical and organizational measures to comply with EU Regulation 679/2016.

The Data Controller has implemented appropriate technical and organizational measures to ensure an adequate level of security for both locally stored and externally hosted data, in full compliance with the EU Regulation.

8. Consequences of Failure to Provide Data

The personal data referred to in points 2A-2B-2C of this notice are necessary. Without them, we cannot proceed with registration or fulfill contractual and legal obligations.

Personal data referred to in points 2D-2E are optional. Refusal to provide them will have no consequences and will not affect your registration or fulfillment of contractual and legal obligations. You may choose not to provide such data or to deny consent at any time.

9. Rights of the Data Subject

As a data subject, you have the rights set forth in Articles 15 to 22 of the EU Regulation, specifically the right to:

• obtain confirmation as to whether or not personal data concerning you are being processed and, if so, access such data (“right of access”);

• obtain information on the processing purposes, categories of data processed, recipients or categories of recipients, particularly in third countries or international organizations, expected data retention periods, or criteria for determining such periods, and, if data are not collected from the data subject, available information on their source;

• obtain the rectification of inaccurate data (“right to rectification”);

• obtain the erasure of data (“right to be forgotten”);

• obtain restriction of processing (“right to restriction”);

• obtain data portability (“right to data portability”);

• object at any time to processing (“right to object”), including for direct marketing or profiling purposes, pursuant to Article 21 of the EU Regulation;

• be informed of and object to the existence of automated decision-making, including profiling;

• withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal;

• lodge a complaint with a supervisory authority (Data Protection Authority).

Please note: there may be conditions or limitations to the exercise of your rights. For example, the right to data portability does not apply in all situations—it depends on the specific context.

Another example: if you object to processing, the Controller may evaluate your request and may deny it if overriding legitimate grounds for processing exist.

10. Exercising Your Rights

You may exercise your rights at any time clearly and explicitly by sending:

• a registered letter with return receipt to the Company

• an email to: facem@facem.com

• or by contacting the Data Controller directly at: +39 0124 707711

11. Minors

The services offered by the Data Controller and the current relationship with you do not involve the intentional collection of personal data related to minors. If such data are inadvertently collected, the Data Controller will promptly delete them upon request or notification by the data subject.

12. Data Processors and Authorized Persons

Below is information you should be aware of, both to comply with legal obligations and because transparency and fairness are foundational principles of our work.

Data Processor. The Data Controller has appointed CALICANTUS SRL as Data Processor, which is also responsible to you for the lawful and correct use of your personal data. You may contact them for any request or information at:
Phone: +39 0422 782890
Email: privacy@calicant.us

Authorized Persons. The updated list of persons authorized to process data is kept at the Data Controller’s office.

 

 

Mod. IREG – Data Updated: 05/2024

Notice Regarding the Processing of Personal Data
Pursuant to Article 13 of the EUROPEAN REGULATION NO. 679/2016

Dear Data Subject,

FACEM S.P.A., in its capacity as Data Controller pursuant to Article 13 of the European Regulation No. 679/2016 “General Data Protection Regulation (GDPR)” (hereinafter referred to as the “EU Regulation”), which provides for provisions regarding the processing of personal data, hereby informs you about the processing of your personal data.

The Regulation requires that any person who processes personal data must inform the data subject regarding the data being processed and the elements qualifying the processing, which must in any case be carried out lawfully, fairly, and transparently, and must also protect the confidentiality and guarantee the rights of the data subject.

It is specified that “processing of data” means any operation or set of operations concerning the collection, recording, organization, storage, consultation, processing, alteration, selection, retrieval, comparison, use, interconnection, restriction, communication, dissemination, or destruction of the data.

1. Data Controller

The Data Controller is FACEM S.P.A., with registered office at Via Bricherasio 7, Turin (TO), Italy, VAT No.: IT00517250015, reachable at the following contacts:
Phone: +39 0124 707711
E-mail: facem@facem.com

2. Nature of Data Processed, Purpose, and Legal Basis for Processing

Nature of the data processed. In relation to the purposes of processing listed below, you are informed that only "ordinary personal data" will be processed, such as, for example:

• Company identification data (company name, VAT number, Tax ID, type, address, phone number, e-mail, etc.);

• Personal details of the company contact person and legal representative (first name, last name, etc.);

• etc.

Purpose of processing. Your personal data will be processed for the following purposes:

• to fulfill your registration request on our website and, therefore, to create your personal account by completing the specific form provided on this page;

• to manage pre-contractual and contractual relationships;

• to fulfill legal obligations;

• marketing: to send you advertising materials, direct sales, conduct market research, and commercial and promotional communications;

• profiling: to analyze your preferences and receive personalized informational and/or commercial communications.

Legal basis of processing. Personal data will be processed:

• for the purposes referred to in points 2A-2B and 2C: for the pursuit of a legitimate interest of the Data Controller (Art. 6 para. 1 letter f of the EU Regulation), for the execution of a contract to which the data subject is a party or to perform pre-contractual measures taken at the request of the same (Art. 6 para. 1 letter b of the EU Regulation), and to comply with a legal obligation to which the Data Controller is subject (Art. 6 para. 1 letter c of the EU Regulation);

• for the purposes referred to in points 2D-2E of this notice: only lawfully with your prior consent (Art. 6 para. 1 letter a of the EU Regulation), which must be specific, separate, express, documented, given in advance, and entirely optional.

The consent you provide may be revoked at any time, without prejudice to the lawfulness of processing based on consent before its withdrawal (Art. 7 para. 3 of the EU Regulation).

Furthermore, the data subject is informed that, pursuant to Article 21 of the EU Regulation, the data subject has the right to object at any time to the processing of their personal data for direct marketing purposes (including profiling) and that, if the data subject objects to such processing, the personal data shall no longer be processed for those purposes.

Clarification: In line with the principle of maximum transparency characteristic of our Company, we wish to inform you that should you choose to provide consent for point 2D (marketing), you must first be informed and aware that the processing purposes pursued are specifically of a commercial, advertising, promotional, and marketing nature in the broadest sense, such as:

3. Data Recipients and Methods of Processing

Existence of Automated Decision-Making Processes, Including Profiling

The processing of your personal data will be conducted lawfully, fairly, and transparently and may be performed using both paper and electronic tools by the personnel of the Data Controller authorized/delegated to process personal data, and by external parties appointed to perform specific tasks on behalf of the Data Controller, as Data Processors pursuant to Article 28 of the EU Regulation, by means of an appointment letter requiring them to maintain confidentiality and data security, and to adopt appropriate security measures to prevent data loss, unlawful or improper use, and unauthorized access, in accordance with current personal data protection legislation.

For brevity, the detailed list of such figures is available at the Data Controller’s registered office and can be consulted upon request.

Your personal data will not be disseminated or transferred to third countries or international organizations, nor will they be communicated to third parties unless required by law or contractual obligation.

4. Data Retention Period

Your personal data will be retained for no longer than necessary to achieve the purposes for which they were collected, in accordance with the principle of storage limitation provided by the EU Regulation and/or for the time necessary to comply with legal and contractual obligations or until the specific consent given by the data subject is withdrawn, and thus:

• for the purposes referred to in points 2A-2B-2C: the data will be retained for no longer than necessary to achieve the purposes and/or to comply with legal and contractual obligations;

• for the purposes referred to in point 2D: marketing data will be retained for no more than 24 months from collection;

• for the purposes referred to in point 2E: profiling data will be retained for no more than 12 months from collection.

To guarantee the declared retention periods, a periodic annual review of the data processed and the possibility of deleting data no longer necessary will be conducted.

5. Access to Data (Categories of Recipients to Whom Data May Be Communicated)

We also inform you that the collected data will never be disseminated or communicated without your explicit consent, except for necessary communications that may involve the transfer of data to public authorities, consultants, or other entities for the fulfillment of legal and fiscal obligations or authorized purposes, by means of an appointment letter requiring them to maintain confidentiality and security.

Pursuant to Art. 13, para. 1, letter e) of the EU Regulation, the following categories of persons may access the user’s personal data as data processors or persons in charge (duly identified and instructed), and are listed below:

• Shareholders, employees, collaborators, and suppliers of the Data Controller in Italy and abroad, in their capacity as authorized persons and/or data processors (e.g., commercial, technical, administrative, legal, press offices; system administrators, external professionals, service providers, etc.);

• Partner companies and/or affiliates essential to fulfill/execute your request.

Your personal data may also be communicated to external entities involved in the processes relating to your case, or entities interacting with the Data Controller, always and only for functions essential to the purposes described above, as Data Processors pursuant to Article 28 of the EU Regulation.

A detailed list of such entities is available at our office upon request.

6 & 7. Communication and Transfer of Data

Without the need for express consent (Art. 6 para. 1, letters b), c), and f) of the EU Regulation), the Data Controller may communicate your data for the purposes outlined in sections 2A to 2F to supervisory bodies, judicial authorities, and to parties where communication is required by law for the aforementioned purposes.

Such entities will process the data as independent data controllers.

Personal data are stored on devices located at the Data Controller’s premises or with providers within the European Union.

Your data will not be disseminated.

To ensure the security of these transfers, we only rely on parties who offer sufficient guarantees to implement appropriate technical and organizational measures to ensure that processing complies with the provisions of EU Regulation 679/2016.

Both for data stored on internal devices and those with providers, the Data Controller has adopted appropriate technical and organizational measures to guarantee a suitable level of security, in full compliance with the EU Regulation.

8. Consequences of Failure to Provide Data

The personal data referred to in sections 2A-2B-2C are mandatory. Without them, it will be impossible to register (create your personal account), or fulfill legal and contractual obligations.

Personal data referred to in sections 2D-2E are optional. Refusing to provide them will not result in any consequences and will not affect your registration request or fulfillment of legal and contractual obligations. You may therefore decide not to provide any data or may deny, at any time, the possibility to process already provided data.

9. Rights of the Data Subject

As a data subject, you are entitled to the rights set out in Articles 15 to 22 of the EU Regulation, including the right to:

• obtain confirmation of whether personal data concerning you is being processed and, if so, access your data (so-called “right of access”);

• obtain information about the purposes of processing, the categories of data concerned, the recipients or categories of recipients to whom the data has been or will be disclosed (especially if recipients are in third countries or international organizations), the anticipated retention period or criteria used to determine that period; and where data is not collected from you, all available information about the source;

• obtain rectification of data concerning you (so-called “right to rectification”);

• obtain deletion of data concerning you (so-called “right to be forgotten”);

• obtain restriction of processing (so-called “right to restriction of processing”);

• receive your data in a structured, commonly used, and machine-readable format and transmit it to another data controller without hindrance (so-called “right to data portability”);

• object at any time to the processing (so-called “right to object”). In particular, as required by Article 21 of the EU Regulation, where personal data is processed for direct marketing purposes (including profiling), you have the right to object at any time, and if you do so, your data will no longer be processed for such purposes;

• be informed (with the possibility to object) of the existence of automated decision-making, including profiling;

• withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;

• lodge a complaint with a supervisory authority (Data Protection Authority).

Please note that certain conditions or limitations may apply to your rights. For example, the right to data portability does not apply in all cases and depends on the specific processing circumstances.

Another example: if you object to data processing, the Data Controller has the right to evaluate your request, which may be denied if compelling legitimate grounds for processing exist that override your interests, rights, and freedoms.

10. Exercising Your Rights

You may exercise your rights at any time and without formalities, clearly and explicitly, by sending:

• a registered letter with return receipt to the undersigned;

• an e-mail to ufficio.contabile@facem.com;

• or by directly contacting the Data Controller at +39 0124 707711.

11. Minors

The services offered by the Data Controller and the related relationship with you do not include the intentional collection of personal data relating to minors. Should any such data be unintentionally collected, the Data Controller will delete it promptly upon request or notification by the data subject.

12. Data Processors, Persons in Charge/Authorized

Below we provide some additional information that is necessary for you to know, not only to fulfill legal obligations but also because transparency and fairness towards data subjects are a foundational part of our business.

Data Processor. The Data Controller has appointed CALICANTUS SRL as the Data Processor, which is also responsible to you for the lawful and proper use of your personal data and can be contacted at:
Phone: +39 0422 782890
E-mail: privacy@calicant.us

Authorized Persons. The updated list of persons in charge/authorized for data processing is kept at the Data Controller’s premises.