Privacy Policy

Customers information for the processing of personal data pursuant to art. 13 of Regulation (EU) 2016/679

Esteemed Company,
as required by art. 13 of EU Regulation 2016/679 – General Data Protection Regulation (GDPR), we report below the information related to the processing of your personal data.


  1. Identity and Contact details of the Data Controller

The Data Controller is Ciemmecalabria Srl., tax code and VAT number 02671670988, with registered office in Via S. Pertini, 86, 25064, Cazzago San Martino (BS).
To contact the Data Controller, you can write to the following e-mail address or by calling the number: 030-7254118.


  1. Purpose and legal basis of the processing

The collection and processing of your common data respond to the purpose of providing:

  • the execution of the contractual or pre-contractual relationship and the execution of the obligations deriving from it (legal basis / legitimacy of the processing: execution of a contract or pre-contractual measures);
  • the fulfilment of legal obligations related to civil, tax and accounting provisions (legal basis / legitimacy of processing: execution of a contract or pre-contractual measures);
  • determine the credit line / overdraft, also for the purpose of stipulating credit insurance policies (legal basis / legitimacy of the processing: pursuit of the legitimate interest of the Data Controller);
  • the exercise of judicial and extrajudicial rights related to the contractual relationship (eg, management of any litigation) (legal basis / legitimacy of processing: pursuit of the legitimate interest of the Data Controller);
  • the drafting of the budget and the creation of statistics (legal basis / legitimacy of the processing: to pursuit of the legitimate interest of the Data Controller)


  1. Mandatory nature of the provision of data / of data provision

The provision of personal data is mandatory for the execution of the contract, in order to follow up the related obligations, as well as for the fulfilment of legal obligations. Therefore, failure to provide it implies the impossibility of stipulating and executing the contract.


  1. Object of data processing

The common data that will be processed are the following, for example: names (charge / responsibility role held within the organization / institution / customer), personal data (addresses, tax code and VAT number, registration number to the Chamber of Commerce), telematic and telephone references, economic-financial data, bank references.

These data will be, in any case, processed according to principles of correctness, lawfulness, transparency, exclusively for the purposes indicated.


  1. Data processing methods

Our organization has adopted strict security procedures for the storage and disclosure of personal data, in order to protect them against accidental events (loss, destruction or damage, etc.).

The processing of your data may be conducted by collecting, registering, organizing, storing, consulting, processing, modifying, selecting, extracting, comparing, using, interlocking, blocking, communicating, deleting, destruction of data in electronic and / or paper format, with hardware, software and / or manually, in compliance with the provisions of art. 32 of the GDPR 2016/679.

The Data Controller in no way uses automated decision-making processes concerning your personal data.


  1. Personal data recipients

The personal data in question may be communicated to the following recipients or categories of recipients:

  • Public Administration, Public Bodies and Institutions, for obligations imposed by current legislation;
  • supervisory and control authorities;
  • internal resources that have received specific instructions exclusively for the performance of their duties;
  • suppliers of products or services connected or necessary for the execution of the contractual relationship or for obligations deriving therefrom;
  • external carriers, carriers, couriers of shipping companies, for the delivery and / or collection of goods or correspondence;
  • external consultancy companies or bodies that operate on behalf of the Company in various areas and have been appointed as external Data Processors (tax, administrative, organizational, legal, financial, insurance, IT, health and safety at work, company management consultants, etc.);
  • Accountant, for bookkeeping activities (with appointment to external Data Processors);
  • Auditing companies, financial statements certification’s companies, auditors / sindaci (with appointment to external Data Processors);
  • Supervisory Body
  • credit institutions
  • insurance companies, for the purpose of paying the premium related to the credit insurance policy;
  • companies in charge for debt collection, if necessary;
  • professionals practicing as a lawyer, for legal assistance in case of disputes regarding contract execution.


  1. Transfer of personal data to third countries

The Data Controller is NOT willing to transfer your personal data to a third country outside the European Union.


  1. Duration of retention of personal data

Your data will be processed for the period of time allowed, or imposed, by the regulations applicable to the management of the contractual relationship and for the time necessary to ensure legal protection, to you and to the Data Controller, under the contractual and extra-contractual profile.


  1. Rights of the interested party

Regulation (EU) 2016/679 recognizes to the interested parties the exert of specific rights, including those to request from the Data Controller:

  • the confirmation that personal data processing is being processed and, in this case, to obtain access (access right);
  • the correction of personal data (if inaccurate) or the integration of incomplete personal data (rectification right);
  • the cancellation of the data themselves, if one of the reasons provided for by the Regulation is subsisting (right to be forgotten);
  • the limitation of data processing, when one of the hypotheses provided for by the Regulation occurs (limitation right);
  • to receive, in a structured format, in common use and legible / readable by an electronic device, the personal data you have provided to the Data Controller and to transmit this data to another Data Controller (portability right);
  • you are also entitled to object, for reasons connected with your particular situation, to the processing of data on the basis of the legitimate interest of the Data Controller (object right).

With regard to the processing of data made on the basis of consent, you are entitled to revoke the consent granted at any time, without prejudice to the lawfulness of the processing prior to the revocation.

The revocation of the authorization to treatment must be communicated in writing to the e-mail address: