La Pietra Società Semplice – VAT No. 96723680011, Data Controller, informs you that your data will be processed in the manner and for the purposes outlined below.

The Controller undertakes to protect the privacy and confidentiality of Personal Data in compliance with the principles of fairness, lawfulness, transparency, and safeguarding of your rights.

1) TYPES OF DATA PROCESSED

We process personal data provided by you (name, email, company name, telephone, etc.) when you send spontaneous requests, as well as data collected automatically by the website.

Data you provide: personal, identifying, and non-sensitive data you share to make requests via email, through the contact form, or by phone regarding our products/services.

Data we collect automatically: anonymous data collected by means of cookies or similar technologies; for further information, please see the Cookie Policy below.

Note: Users under 16 years of age cannot provide any personal data without parental or guardian consent.

2) PURPOSES AND LEGAL BASES OF PROCESSING

We will process your personal data:

A) to fulfill our contractual obligations; respond to your information requests; prepare quotations you requested; execute sales contracts for products or service agreements; and provide support for purchased products and services.

B) to perform aggregated and anonymous statistical analyses to improve our services;

C) for administrative purposes and to comply with legal obligations such as accounting, tax, or judicial authority requirements.

D) in the case of sending a résumé, exclusively for recruitment purposes.

3) IS PROVIDING DATA MANDATORY?

Providing your data is always optional; however, failure to provide certain data may make it impossible to carry out some processing, such as those strictly related to fulfilling a contract or providing the services you requested.

4) LOCATION, METHODS OF PROCESSING, AND RETENTION PERIODS

Your personal data will be processed through the operations described in Art. 4 of the Privacy Code and Art. 4 no. 2 GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion, and destruction.

Your personal data is stored at the Controller’s premises and processed in both paper and electronic and/or automated form, with procedures strictly related to the aforementioned purposes and in any case guaranteeing data security and confidentiality. Data you submit is not stored on our website.

The Controller will process your data for as long as necessary to fulfill the purposes mentioned above, in any case not exceeding 10 years from the end of the relationship for the purpose in letter C, and not more than 38 months from data collection for the purpose in letter B.

5) DATA ACCESS

Your data may be accessed for the purposes indicated in point 2 by:

employees and collaborators of the Controller, in their role as internal processors and/or system administrators;

third party companies or other entities (website providers, cloud providers, e‑payment service providers, suppliers, hardware and software support technicians, couriers and carriers, credit institutions, professional firms, etc.) performing outsourced activities on behalf of the Controller, in their capacity as processors.

6) DATA SHARING

Your data will not be disclosed, sold, or shared with parties other than the Controller, processors, and appointed assignees without your explicit and informed consent.

7) YOUR RIGHTS

You have the right to know which personal data of yours are being processed. Specifically, you are entitled to the rights of access, rectification, deletion, data portability, restriction of processing, and objection to processing, where applicable.

Below is a summary of your recognized rights with respect to the processing of your personal data:

Right of access: obtain confirmation of whether your personal data are being processed and access to such data and related information;

Right of rectification: obtain correction of inaccurate personal data without undue delay and, taking into account the purposes of processing, the completion of incomplete data;

Right to deletion (“right to be forgotten”): obtain the erasure of data concerning you without undue delay when the data are no longer necessary for the purposes for which they were collected, subject to legal exceptions (e.g., when data retention is necessary to comply with a legal obligation). Deletion will be carried out within the applicable timeframes;

Right to data portability: in certain circumstances, receive your personal data in a structured, commonly used, machine‑readable format and transmit those data to another controller, insofar as this does not adversely affect the rights and freedoms of others;

Right to restriction of processing: in certain circumstances, obtain limitation of the processing of your personal data. In such cases, the Controller may continue to process your data only for specific reasons, such as the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person;

Right to object: in certain circumstances, object to the processing of your personal data unless there are compelling legitimate grounds for processing which override your interests, rights, and freedoms.

To obtain more information about the processing of your personal data or to exercise your rights, please contact us.

8) CHANGES TO THIS NOTICE

This Notice may be subject to updates. Therefore, please review it regularly and refer to the most current version.

Last update: May 2025

Cookie list