Privacy Policy

Privacy

The EU Regulation No. 679/2016 (GDPR) provides for the protection of individuals and other subjects concerning the processing of personal data. The processing must follow principles of fairness, lawfulness, and transparency to protect the confidentiality and rights of individuals.

Data Controller

The data controller is Crocco Emanuele srl
Headquarters: Via Bobbio 14, 16137 Genoa
VAT No.: 00241830108
Legal representative: Luciano Trebbi
Email contact: info@croccoimpianti.it – PEC: croccoemanuelesrl@cgn.legalmail.it
Tel. +39 010 8392141

Data Processor

The data processor is GGallery srl
Headquarters: Piazza Manin 2b/r, 16121 Genoa
VAT No.: 00241830108
Legal representative: Paolo Macrì
Email contact: info@ggallery.it – PEC: ggallery@legalmail.it
Tel. +39 010 888871

Purpose

The personal data provided will be processed for purposes related to:

  • Activities connected to the services requested by the user, specifically the completion of contact forms, tracking of activities performed to monitor content views;

  • Compliance with legal, accounting/administrative obligations, and contract management purposes (supply of products, support services, customer management and administration, orders, shipments, invoices, creditworthiness checks, and dispute management);

  • Sending communications, information, or newsletters, including those related to new initiatives and/or products and services of the Data Controller, affiliated companies, partners, or clients.

Data will be processed, including through the creation and management of a central archive, using paper, IT, or telematic supports accessible to specialized and authorized personnel.

Mandatory Data Provision

Providing personal data essential for the supply of requested products/services, legal obligations, and the establishment/continuation of the contractual relationship is mandatory. Failure to provide such data will make it impossible to establish and/or continue the relationship. These data are specifically indicated in registration forms (e.g., marked with an asterisk).

The provision of other personal data is optional and generally serves to provide better customer service (e.g., entering a phone number can be useful for assistance or contacting the user if email communication is not possible). Refusal to provide such data will not negatively affect the customer.

Processing Methods

Personal data are processed (including by automated means) for the time necessary to achieve the purposes for which they were collected.

Specific physical and IT security measures are observed to prevent data loss, unlawful or improper use, and unauthorized access.

Data Transfer

The customer’s personal data may be disclosed to affiliated companies, entities, or third-party companies for the same purposes mentioned above (e.g., institutions, regulatory authorities) or external entities for specialized services in software, hardware, telematic, and IT system management (e.g., web service and hosting providers such as Aruba S.p.A. and Netalia S.r.l.).

Data is not transferred or disclosed to other private entities (except for legal obligations or transfers instrumental to providing the product/service itself).

Data is not transferred abroad, particularly to non-EU countries.

Analytics, Social Plugins, and Cookies

For web services in general and data provision in such environments, the data controller and processor may use services to analyze visits and online user behavior for statistical purposes and to improve offered content/products/services.

Social plugins may also be used to connect with social media channels such as Facebook or Instagram through specific user actions (e.g., clicking on “like” or “share” buttons). In such cases, data processing is managed by the respective social platform.

Regarding cookie management, please refer to the specific policy, accessible via the dedicated link on the website’s homepage.

User Rights

Users may exercise the rights provided by the Regulation, particularly:

  • Right to be informed: Users have the right to know how their data is collected, processed, stored, and for what purpose, even before collection;

  • Right of access to data: After data collection, users have the right to access and know how it is processed, stored, and for what purpose;

  • Right to rectification: Users have the right to correct inaccurate or incomplete data;

  • Right to erasure (right to be forgotten): Users have the right to delete their personal data permanently (except for legal obligations, especially regarding reporting to institutions or regulatory authorities);

  • Right to restriction: Users can limit or block the use of their data;

  • Right to data portability: Users have the right to move, copy, or transfer their personal data;

  • Right to object: Users have the right to prohibit their data from being reprocessed without explicit consent;

  • Right to restriction of automated processing: Users have the right not to be subject to decisions based solely on algorithms or automation.

To exercise these rights, users can contact the Data Controller at the provided contact details.

Forms and Email Submission

The voluntary, explicit, and optional sending of emails to addresses indicated on this site through contact forms or independent services entails the subsequent acquisition of the sender’s address (necessary to respond to requests) and any other personal data included in the message.