PRIVACY POLICY FOR PERSONAL DATA PROCESSING

1: INTRODUCTION

This policy aims to explain who processes the User’s data, how it is processed, what data is collected, the User’s rights, and how they can be exercised. For specific clarifications, if the User does not understand or deems the information insufficient, they are encouraged to write to the following address: amministrazione@asgspa.it

2: IMPORTANT CONCEPTS REGARDING PERSONAL DATA

What is meant by personal data? Personal data refers to any information that identifies an individual. An email address is considered personal data.

What does data processing mean? Legally, processing includes any operation or set of operations related to the collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, deletion, and destruction of data. Essentially, any action performed on the User’s data is considered processing, including merely collecting or consulting it.

Why is personal data important to the User? Personal data identifies the User and their activities. Since the data belongs to them, it is important that they retain the right to decide whether to allow third parties to process it and to understand how this is done.

Why is personal data important to ASG and its related services? It allows ASG to effectively communicate updates to its customers.

3: WHO PROCESSES THE DATA

The data controller decides how to process the data, including security measures, storage location (e.g., servers or cloud), data requests, processing purposes, sharing policies, and collaboration guidelines. The data controller is:

ASG S.p.A.
Headquarters: SULBIATE (MB), Via delle Industrie No. 50.
VAT and Tax Code: IT05427400964
Tel: 039 6095019
Fax: 039 6822357
Email: amministrazione@asgspa.it
PEC: asgspa@legalmail.it
Website: www.asgspa.it

ASG may rely on authorized internal personnel (employees) or external entities for specific processing functions.

3/a: WHO HAS ACCESS TO THE DATA

Data is shared with internal employees managing administrative functions. Additionally, data may be disclosed to public authorities upon request (e.g., courts, tax authorities). ASG can only control the data it processes within its own system; any data transferred to third parties is subject to their respective privacy policies. If ASG ceases data processing, it will inform any third parties involved but cannot guarantee they will also cease processing.

4: DATA PROCESSING LOCATION

ASG processes User data at its headquarters.

5: TYPES OF DATA PROCESSED

The following types of data are processed:

• Contact data: Email

• Identification data: First name, last name

• Content data: Content of the communication submitted via the website form (https://asgspa.it/contact-us/)

  
  

6: PURPOSE, LEGAL BASIS, AND DATA RETENTION PERIOD

ASG processes User data for the following purposes:

• Responding to User inquiries
  Legal basis: Execution of service
  Retention period: Data is stored as long as needed for its intended purpose. If data is collected for a quotation request, it is retained until the quote is rejected. If accepted, it remains as part of the contractual execution. Communications with contractual or pre-contractual relevance may be stored for up to 10 years.

7: HOW DATA IS COLLECTED

Data is provided directly by the User through the website form.

8: MANDATORY AND OPTIONAL DATA (AND CONSEQUENCES OF REFUSAL)

Contact and identification data are mandatory. If not provided, ASG cannot fulfill the requested service (response to the form submission). Other data included in communications is considered physiological and cannot be categorized as optional.

9: PROCESSING METHODS

Data is collected and processed electronically and stored on EU-based servers. Only authorized individuals with unique authentication credentials can access and process the data.

10: DATA RETENTION PERIOD

Refer to Section 6 for specific retention periods.

11: LEGAL BASIS FOR PROCESSING

Data is processed based on contractual obligations. See Section 6 for detailed explanations.

12: HOW USERS WILL BE CONTACTED

Users may receive emails, phone calls, messages, or other communications from ASG in response to their inquiries. These communications are essential for managing User requests.

13: USER RIGHTS

Users have the following rights:

• Right to information regarding:

• Categories of processed data (see Sections 2 and 5)

• Data sources (see Section 7)

• Processing purposes (see Section 6)

• Processing methods (see Section 9)

• Data controller and any data processors (see Section 3)

• Data recipients (see Section 3/a)

• Data retention and processing duration (see Sections 10 and 6)

• Right to file complaints with the privacy authority: http://www.garanteprivacy.it/home/diritti/come-agire-per-tutelare-i-nostri-dati-personali

• Existence of profiling processes

• Legal basis for processing (see Sections 11 and 6)

Users also have operational rights:

• Right to access personal data and receive a copy

• Right to data portability

• Right to rectify inaccurate or incomplete data

• Right to erasure (except when retention is required by law)

• Right to restrict processing (e.g., during accuracy verification or if processing is unlawful)

• Right to object to processing for direct marketing

• Right to lodge complaints with the data protection authority

  
  

14: HOW TO EXERCISE RIGHTS

To exercise their rights, Users can email amministrazione@asgspa.it. ASG will respond within 30 days (extendable by 2 months if necessary).