Privacy Policy

Privacy Policy on the Usage of Personal Data
In accordance with Article 13 of Regulation (EU) 2016/679 (“Privacy Policy”)
This privacy policy is pursuant to Regulation (EU) 2016/679 (hereafter “Regulation” or “GDPR”) and lays out the methods
for the usage and processing of personal data of users that consult and utilize this website, accessible at the following link (hereafter “website”) or that utilize the services offered through the website. On
the basis of the current European Regulation regarding the protection of personal data n. 679/2016 (“GDPR”), the
collection and usage of said data will always follow principles of lawfulness, fairness, and transparency.
Personal data of the users who browse the website (referred to as “the interested party”, in that they are identified or
identifiable individuals) may be processed following use of the website.
The Controller of said personal data is the company Ossidazione Anodica Srl Unipersonale, in the person of its legal
representative pro tem, PI: 04507140962, CF: 04507140962, with legal headquarters in Bergamo (BG) Via Sant’orsola n.
9 cap 24122, e-mail (hereafter “Controller”).
The Data protection officer (DPO) is lawyer Francesca Fumana.
For all matters relating to the handling of personal data, including the exercising of rights of the interested party
acknowledged by the current legislation, the Data protection officer can be contacted at: or
1. Navigation Data
Personal data can be collected autonomously by the Controller or through third parties.
In these cases, the systems and software procedures utilized for the proper functioning of this website gather user’s
technical data (for example: IP address, browser used, operating system, domain name, and websites on which users
may have signed in or out of an account, etc.), whose transmission is inherent to normal internet usage.
Purpose: this data can only be used anonymously and for statistical purposes related to the usage of this site and/or to
control its proper functioning.
Retention: this data will be immediately deleted after processing.
Legal basis: the usage of this data is carried out on the basis of the legitimate interest of the Controller to improve the
site’s accessibility and security (art. 6, par. 1 lett.f). Consent will be requested from the interested party exclusively for
profiling purposes (art. 6, par. 1 lett.a).
2. User’s Contacts via email and cell phone
Any communication, whether optional, explicit or voluntary, by email to the email addresses indicated on this website, will
result in the acquisition of data provided by the user, including their email address, and the consent to receive messages
in response to any requests made.
In these cases, providing an email address or other personal data is optional, but necessary in order to use this service
and receive a reply to any requests made. Without this data, it is not possible to process the user’s request.
Purpose: The personal data provided are utilized exclusively to satisfy or respond to the requests made and are
communicated to third parties only if necessary.
Retention: The personal data is saved for the period of time necessary to respond to the request made and in accordance
with current legislation.
Legal Basis: the use and processing of this data is carried out in order to fulfill a contractual and pre-contractual obligation
taken on by the Controller through this service (art. 6, par. 1 lett.b).
3. Link to other website
The Website may include hyperlinks to other websites. By clicking on one of these links, the user may be redirected to
another website or another Internet source that may collect information about the user through cookies or other
technologies. The Owner assumes no responsibility or control authority over these other websites or Internet resources,
nor their collection, use, and disclosure of user’s personal data. It is necessary to check the privacy statements of these
other websites and Internet sources in order to judge whether they act in accordance with privacy legislation.
This site uses cookies as specified in the Cookie Policy.
4. This site uses technical, tracking, and profiling cookies. For more details, consult our cookie policy.
The personal data gathered are handled by the Controller’s staff, which acts with previous consent and following the
specific instructions given, based on the purposes and modality of the processing of said data.
In addition, the processors or sub-processors responsible for data processing under art. 28 of GDPR, whom the
Controller employs in order to provide certain services or to carry out activities under his jurisdiction, may be recipients of
the data gathered after visiting the site or using its services, within the limits of the activity assigned.
You can request the associated list from the Controller using the contact information indicated in section A.
If and when a data processor or sub-processor becomes responsible for any personal data through the site’s services in
accordance with art. 28 of GDPR, this data will be communicated to the Controller and/or other responsible parties.
There shall be no international transfer of the personal data gathered.
The interested parties- the identified or identifiable individuals that the data refers to- are entitled to specific rights
regarding data protection, as listed below:
a) Right to access: the right to obtain from the Controller confirmation that their data is being utilized, and if so, to
obtain access to the personal data and detailed information regarding the origin, the purposes, the category of data being
processed, the recipients of communication or transfer of data, and more;
b) Right to rectification: the right to obtain from the Controller the correction of any incorrect personal data without
unjustified delay, as well as the integration of any incomplete personal data, supplying a supplementary statement if
c) Right to elimination (“obscurity”): the right to obtain from the Controller the elimination of any personal data
without unjustified delay in the following cases: i. the data that was necessary to process certain requests is no longer
necessary; ii. the agreement that the data usage was based on has been revoked and there is no other legal basis for the
processing of said data; iii. the personal data has been unlawfully utilized; iv. the personal data must be eliminated for a
legal obligation;
d) Right to object to data usage: the right to object at any time to the usage of personal data that is, in a legal
sense, of legitimate interest to the Controller;
e) Right to restriction: the right to obtain from the Controller the restriction of data usage, in the case that the
accuracy of the personal data becomes disputable (for the period of time necessary for the Controller to verify the
accuracy of said data), or that the usage is unlawful and/or if the interested party objects to the usage of their data;
f) Right to data portability: the right to receive in a structured format, easily legible and machine-readable, one’s
personal data and to send said data to another data controller, if technically feasible, only in the case that the data
processing is based on an agreement or contract, and only for the specific data being electronically utilized;
g) Right to lodge a complaint to a supervising authority: notwithstanding any other administrative or legal appeals,
if the interested party believes that the usage of their data violates the Regulation, they have the right to lodge a formal
complaint to the supervising authority of the government in which they reside or regularly work, that is, the country in
which the violation has taken place.
These rights can be exercised by contacting the Controller using the contact information indicated in sections A and B,
repeated here:
– Data Controller
This privacy policy has been updated on 03/04/2024.