Mod.: IS – Updated Date 03/2025

Information on the processing of personal data.

Articles 13 and 14 of European Regulation No. 679/2016

Legislative Decree 196/2003 amended by Legislative Decree 101/2018

Dear Interested Party,

This policy describes the website's management procedures with regard to the processing of personal data of users who visit it, as well as the data processing practices through this site. Pursuant to Articles 13 (for data collected from the data subject) and 14 (for data not collected from the data subject) of Regulation (EU) 2016/679 (hereinafter GDPR), the following information is provided to Users of this Website. This information refers exclusively to the processing performed through this Website and not through other websites that may be visited via links from this one. Users are advised to read the relevant policies provided by their respective Data Controllers. This Website and any services offered through it are reserved for individuals who are at least eighteen years of age. The Data Controller therefore does not process personal data relating to individuals under the age of 18. Upon request from such Users, the Data Controller will promptly delete any personal data inadvertently collected.

1. Data controller

The Data Controller is EDG Srl – a single-member company, with registered office at Via Gaffarello, 75 – 35010 Borgoricco (PD) and operational headquarters at Via Grandi, 12 - 30036 Santa Maria di Sala (VE) , Tax Code and VAT number: 05252830285 (hereinafter, the "Controller"). The Controller reserves the right to appoint a web agency or consultant as Data Processor for the personal data processed for the purposes of technical assistance, maintenance, technical management, and similar purposes of this Site. The contact details of these consultants may be provided upon request to the addresses indicated above. The Controller and the Data Processor process User data also through their own internal Data Processors, specifically designated with instructions and authorized to process data.

The Data Protection Officer (DPO) can be contacted at the following numbers: telephone +39 348 3165267, email: nicola.ghinello@dpo-rpd.com.

2. Category of data processed and sources of origin

• Browsing data (the computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes: IP addresses, browser type, operating system, domain name and website addresses from which access or exit was made, information on the pages visited by users within the website, access time, time spent on each page, internal navigation analysis, and other parameters relating to the user's operating system and IT environment. This technical/IT data is collected and used exclusively in an aggregate and anonymous manner. This data is processed for the purpose of enabling and monitoring the correct use of this website as well as to obtain anonymous statistical information on its use, and is deleted immediately after processing.)
• Cookies, about which we invite you to read our Cookie Policy
• Data provided voluntarily by the user, including:
• Common data (identification, personal, billing and similar data)
• Special data only in exceptional cases (Article 9 GDPR)
• Criminal data only in exceptional cases (Article 10 GDPR)

Sources: navigation, other sites, cookies, and the like; user; public sources.

We may process browsing data, as well as cookies, first and foremost.

We may also process data voluntarily provided by the user, for example through the contact form or by sending an email, including common personal data (identification, personal details, billing information, and similar) and, exceptionally, sensitive data pursuant to Art. 9 of the GDPR or criminal data pursuant to Art. 10 of the GDPR, strictly to the extent necessary for the request for information received and with the data subject's prior consent.

The data may come from automatic or voluntary sources, including public sources. For example, it may come from the user's browsing history, which may include information relating to previous visits to other sites, including cookies and other similar technologies. The data may also be provided voluntarily by the user or by parties related to them. Other data may come from public sources, such as data processed in the context of research and from searches, public databases, and the like.

3. Purpose of the processing

The personal data of Website Users, as described above, will be processed in the manner and form prescribed by the GDPR, for the performance of the Website's specific functions, with particular, but not limited, to page navigation and the data collection procedures described therein, contact forms, any registration/access to the reserved area, newsletter subscription, and the like. Specifically, the personal data provided to the Data Controller will be processed for the following purposes:

• to follow up on specific requests made to the Data Controller by the User via the Website and its communication tools (contact forms, information request forms and similar);
• for informative communications relating to the services of the same Data Controller, following a request for information via email or by completing the contact form and other communication tools;
• for any registration to events organized by the Data Controller and other related activities (for example, verification of participation, notifications regarding any updates or changes to the event, etc.);
• for other purposes that are ancillary or connected to those indicated above and in any case falling within the scope of the Website's activities;

The processing of data provided in general terms will be carried out, including through automatic collection during navigation, for the sole purpose of verifying and controlling access to the Website. This also applies to technical cookies, such as session, functionality, or analytics cookies that meet the requirements specified by the Italian Data Protection Authority. Specifically, regarding the latter, it is clarified that they can be assimilated to technical cookies when created and used directly by the Website. In any case, for these analytics cookies , the Website, also in compliance with the clarifications of the Italian Data Protection Authority, has provided for the anonymization of IP addresses and the amendment of data processing; the collection and use of the aforementioned browsing data (without prejudice to the anonymization of IP addresses) allows the Website's performance to be monitored and allows us to improve the service offered, providing the User with a better browsing experience. Please refer to the dedicated Cookie Policy for further information.

4. Legal basis for processing

The processing of personal data is based on the fulfillment of contractual or pre-contractual obligations relating to the request made by the User (for example, requests for information about the services provided by the Data Controller, requests for quotes, etc.), as well as, where necessary, on consent through the free and informed completion of the appropriate information fields in the form dedicated to the collection and provision of data and by checking the appropriate checkbox where applicable.

Please note that completing the fields provided in the information request form is inherent to the request itself and therefore entails the fulfillment of a pre-contractual or contractual obligation, depending on the context. Consent may be requested subsequently for the processing of additional data.

In any case, the processing is also based on legitimate interest , including the right to information, for which please refer to the next paragraph.

5. Legitimate interest of the Data Controller

The processing of personal data is also based on the legitimate interests of the Data Controller, such as the exercise of its rights in the context of the information society, the performance of contractual obligations, and the implementation of direct marketing operations.

6. Mandatory nature of the provision

The provision of browsing data by Users for the purposes described above depends on the level of privacy the User has enabled or disabled via their browser. In some cases, disabling this setting may affect navigation on this Website. For certain modules on this Website, the provision of browsing data and/or the use of technical cookies is mandatory for the proper functioning of the Website.

Providing some personal data is, in any case, necessary for the very structure of the Website and its procedures. Any request for other optional data will be preceded by a specific approval checkbox. Providing all other data is optional, in accordance with the type of information the User wishes to provide to the Website.

Without prejudice to the above, for example, providing your email account is necessary to respond to requests made via the contact form, as is providing other mandatory information indicated with an asterisk. The other information is optional.

Failure to provide the data necessary for the requested action (for example, the email account via the information request form) will make it impossible for the Data Controller to process the request.

PROVISIONS APPLICABLE TO ALL TREATMENTS

In any case, even if the interested party has given consent to authorize the Data Controller to pursue all the purposes mentioned above, he or she will still be free to revoke it at any time.

We specifically and separately inform you, as required by Article 21 of the Regulation, that the data subject has the right to object at any time to the processing of personal data concerning him or her for the purposes set out above, and that, if the data subject objects to the processing, the personal data will no longer be processed for these purposes.

7. Possible recipients of personal data

The data may be disclosed to companies connected, affiliated, or controlled by the Data Controller, as well as to consultants, or even to third parties who operate, including on behalf of the Data Controller, to perform services related to the purposes indicated in this policy, both within the EU and outside the EU (in the latter case, these will be exclusively entities adhering to the Privacy Shield protocol).

Browsing data and similar data (for which reference is made to the above), as well as profiling cookies, including third-party cookies (for which reference is made to the Cookie Policy of this Website), will be communicated to the respective third parties involved, where they do not manage them directly as Data Controllers.

In any case, the data may be communicated to Data Processors, as well as to persons authorized to process data and duly trained, always within the scope of the processing purposes.

8. Retention period

Data voluntarily provided by the Data Subject will be retained until the Data Subject expressly revokes consent, including by changing their browser settings, clearing cookies, expressly requesting it, or otherwise. Browsing data will be retained, in compliance with the principle of proportionality, in a form that allows the Data Subject to be identified for a period of time no longer than is necessary for the purposes for which it was collected or subsequently processed.

The above terms do not apply to cases where it is necessary to retain the data for a further period of time to defend or assert a right or to comply with any legal obligations or orders from the Authorities.

9. Rights of the interested party

Each data subject has the right to access, rectification, erasure (right to be forgotten), restriction of processing, notification of rectification, erasure, or restriction of processing, portability, objection, and not to be subject to an automated individual decision, including profiling, pursuant to Articles 15 to 22 of the GDPR. These rights may be exercised in the manner and within the timeframe set forth in Article 12 of the GDPR by written communication to the Data Controller (see point 10).

The Data Controller will provide an adequate response as soon as possible and in any case within 1 month of receiving the request.

10. Right to withdraw consent ( How to exercise your rights)

You may withdraw your consent, where applicable, at any time and/or exercise your rights by sending:

- a registered letter with return receipt to the undersigned with an express request (see the address indicated on the letterhead);

- an email to info@edg.it

11. Complaints

Each data subject has the right to lodge a complaint pursuant to Articles 77 et seq. of the GDPR with a supervisory authority, which in Italy is the Italian Data Protection Authority (Garante per la protezione dei dati personali). The forms, methods, and time limits for filing complaints are provided for and governed by applicable national legislation. The complaint is without prejudice to administrative and judicial actions, which in Italy may be filed either with the same Authority or with the competent court.

12. Profiling

Personal data provided through browsing this website and completing the forms published therein may be profiled by third-party providers using third-party cookies.

Profiling allows these third-party providers, independent Data Controllers of the respective personal data processing for profiling purposes, other than the Data Controller of this website, to evaluate certain personal aspects of the Data Subject, particularly their preferences, interests, and tastes with reference to the pages visited and the activities performed, in order to allow these independent and different Data Controllers to offer the Data Subject a more specific and targeted service to their needs.

For further information, the User is invited to read the cookie policy.

13. Owner, DPO (DPO), Authorized Persons, Data Processors

Below, we provide you with some information that you need to know, not only to comply with legal obligations, but also because transparency and fairness towards interested parties are fundamental to our business.

Data Controller . The Data Controller of your personal data is EDG Srl, on whose behalf Mr. Luigi Enzo De Gaspari signs. He is responsible for the legitimate and correct use of your personal data and can be contacted for any information or request at the following numbers: telephone +39 041 5739911, email: info@edg.it .

DPO (Data Protection Officer) – RPD (Data Protection Officer) . You may also contact the Data Protection Officer for information and requests regarding your data or to report any service disruptions or problems you may encounter.

The Data Controller has appointed Mr. Nicola Ghinello as Data Protection Officer, who can be contacted at the following numbers: telephone +39 348 3165267, email: nicola.ghinello@dpo-rpd.com.

Authorized Persons. The updated list of authorized persons is kept at the Data Controller's headquarters.

Data controllers.

For the sake of brevity, a detailed list of these figures is available at our office.

14. Social media plug-ins

This site may contain social media plug-ins (e.g., Facebook). Social media plug-ins are special tools that allow you to incorporate social media features directly into the site (e.g., the Facebook "Like" function) and are identified by the logo of the respective social media platform. When you visit a page on this site and interact with the plug-in (e.g., by clicking the "Like" button) or decide to leave a comment, the corresponding information is transmitted from your browser directly to the social media platform (in this case, Facebook) and stored there. For information on the purposes, types, and methods of collection, processing, use, and storage of personal data by the social media platform, as well as how to exercise your rights, please consult the social media platform's privacy policy.

15. Links to third-party sites

This site provides links to third-party websites. The Data Controller declines any responsibility for the handling of personal data by third-party sites or for the management of authentication credentials provided by third parties.

16. Cookie

Cookies are packets of information sent by a web server (e.g., a website) to the user's internet browser, which automatically stores them on the computer and automatically sends them back to the server each time the site is accessed. For further information on the characteristics, types, methods of use, and options for removing, deleting, or disabling cookies on the website, please read the specific Cookie Policy.

The Data Controller

EDG SRL – single-member company

To contact us

EDG Srl – società unipersonale welcomes your comments regarding this privacy policy.

Please contact us at the following address: info@edg.it