Privacy Policy
Gattinoni & Co S.r.l. has adopted corporate procedures and policies in compliance with the General Data Protection Regulation of the European Union on the protection of natural persons with regard to the processing of personal data (“GDPR”, Regulation (EU) 2016/679), in order to ensure high security standards and rules aimed at enabling the proper processing of personal data.
Authorised data processors
The data are processed by internal and external resources of the Company’s offices, duly identified and instructed, who act as personnel authorized to process personal data.
Data Protection Officer
The Data Controller has appointed, pursuant to Article 37 GDPR, a Data Protection Officer (DPO).
The DPO is Jaera S.r.l., represented by Avv. Michele Monti (Piazza della Repubblica, 32, 20124 Milan (MI), VAT no. 10557200960).
If you wish to exercise your rights, submit a complaint, or obtain information regarding the processing of your personal data, you may contact the Data Protection Officer at the following address: dpo@gattinoni.it
Contacts
The Data Controller may be contacted at the following addresses: e-mail privacy@gattinoni.it – dpo@gattinoni.it.
Data retention period
The data are retained for the period strictly necessary to achieve the purposes of the processing. Further details are provided below:
| Categories | Retention period | Main legal references |
|---|---|---|
| Applicant for a job | Up to a maximum of 24 months. | Article 5(1)(e) GDPR. |
| Customers, Contributors, Consultants, Suppliers, Members of the Board of Directors | 5–10 years; 20 years; for a period not exceeding that necessary to achieve the purposes for which the data are collected and processed in connection with the performance and execution of contractual obligations and the provision of services; for a period not exceeding that required to comply with legal obligations and for the establishment, exercise or defence of legal claims. | Administrative management: 5–10 years: Article 2948 of the Italian Civil Code, which provides for a 5-year limitation period for periodic payments; Article 2220 of the Italian Civil Code, which requires the retention of accounting records for 10 years; Article 22 of DPR No. 600 of 29 September 1973; 20 years: pursuant to Article 57(1)(b) of the DPCM of 22 February 2013. |
| Data subjects captured in video and photographic recordings | In compliance with the time limits prescribed by law for the relevant type of activity and, in any event, until consent is withdrawn or the right to object is exercised. | Article 21 GDPR. |
| Data subjects receiving commercial communications | In compliance with the time limits prescribed by law for the relevant type of activity and, in any event, until consent is withdrawn or the right to object is exercised. In any case, for a period not exceeding 24 months, unless renewed upon confirmation by the data subject. | Article 21 GDPR. |
| Users of the website www.gattinoni.it | 182 days: privacylab; 730 days: google analytics. | Article 5 GPDR. |
| Prospective Cusotmers, Companies’ Contacts | For a period not exceeding that necessary to achieve the purposes for which the data are collected and processed for the performance and execution of contractual purposes | Article 5 GDPR. |
| Whistleblowing | For a period not exceeding that necessary to achieve the purposes for which the data are collected and processed, in compliance with the mandatory retention periods prescribed by law and, in any event, not exceeding five years from the date of communication of the final outcome of the reporting procedure. | Article 12 of Legislative Decree No. 24/2023. |
Informative Privacy
Applicant for a job
Customers
Contributors
Consultants
Employees and para-subordinate staff
Suppliers
Data subjects in video-photographic shooting
Data subjects receiving commercial communications
Members of the Board of Directors
Users of the website www.gattinoni.it
Prospective Customers
Companies Contacts
Suppliers Contacts
Whistleblower
Whistleblowing
Cookies
Cookies are small text strings exchanged between a website and the user’s browser each time a website is accessed. These strings, which do not contain any executable code, are used for various purposes, such as performing automatic authentication, tracking sessions, and storing information to improve the usability of the website or the user’s browsing experience.
Each domain visited through a browser may set one or more cookies. A web page may contain elements originating from multiple domains, each of which may set cookies (in this case referred to as “third-party cookies”).
The use of cookies allows the browsing experience on the website to be enhanced and may preserve the settings selected during the user’s subsequent visits.
The General Provision of the Italian Data Protection Authority (Official Gazette No. 126 of 3 June 2014) defines two types of cookies:
- Technical cookies: used solely for the purpose of enabling the transmission of a communication, completing a service requested by the user, or carrying out statistical analyses.
- Profiling cookies: used to track a user’s behavior and preferences in order to send advertising messages consistent with the user’s profile.
How can cookies be disabled?