We process personal data in compliance with the provisions of the General Data Protection Regulation (GDPR) of the European Union, the Italian laws and the provisions of the Italian Data Protection Authority:
4.1 In performance of contractual obligations (Article 6 para. 1 (b) GDPR)
Data are processed in order to perform contracted services or to carry out pre-contract measures in the procurement or sales process. The purposes depend primarily on the specific product or service concerned.
4.2 In the context of legitimate interests (Article 6 para. 1 (f) GDPR)
We process personal data where required for the performance of the contract to protect our legitimate interests or those of third parties. Examples:
- Consultation of and exchange of information with credit agencies (e.g. Cerved Lince) to determine credit and default risks
- Advertising or market research or opinion polls, unless you have objected to the use of your data
- Assertion of legal claims and defense in the context of legal disputes
- Guaranteeing the IT security and IT operation of the company
- Preventing and enlightenment of criminal acts
- Video surveillance to ensure adherence to site rules and to prevent actual damage and criminal activities
- Measures to enforce the security of build-ings and plant (e.g. access controls)
4.3 With your consent (Article 6 para. 1 (a) GDPR)
If you have consented to us processing your personal data for specific purposes (e.g. newsletter, access to our plants), your consent forms the lawful basis for this processing. Consent may be withdrawn at any time. When consent is withdrawn this does not affect the lawful basis for the processing of data up to the point at which consent is withdrawn.
4.4 For compliance with a legal obligation (Article 6 para. 1 (c) GDPR)
We are subject to various legal obligations (e.g. tax and customs duty legislation). These involve the transmission of personal data to responsible authorities and offices (e.g. tax office, customs authorities).
The purposes of processing include age and identity verification, screening against anti-terror lists, compliance with tax-lawand communications required by law (e.g. antimafia), monitoring and reporting obligations and the evaluation and management of risks in the context of safety and environmental protection policy.