Privacy Policy (Articles 12–14 EU Regulation 2016/679)
Last update: November 6, 2025
Vetrimolati S.r.l.
Registered office: Via Gamenario 18, 10026 Santena (TO), Italy
VAT/Tax ID: 12233060016
Contact email for privacy matters: info@vetrimolati.com
Certified email (PEC): not available
DPO: not appointed
This Privacy Policy describes the processing of personal data carried out through the website www.vetrimolati.com (hereinafter, the “Website”). It does not apply to any third-party websites, pages, or services that can be accessed via hyperlinks contained within the Website.
Website visitors
Leads / business contacts
Clients and suppliers
The Website is not intended for minors. Should Vetrimolati S.r.l. become aware of the unintentional collection of data from minors, it will promptly delete such data.
Collected fields: first name, last name, email, phone number, message, and the log of optional marketing consent (if granted).
Source: data voluntarily provided by the data subject through the Website.
Phone, WhatsApp, direct email: any data voluntarily provided by the user are processed for the purpose of handling requests and business/operational communications.
Note on cookies and similar technologies: information on cookies and tracking tools is provided separately in the Cookie Policy, managed via the Complianz platform.
| Purpose | Legal basis (Art. 6 GDPR) | Nature of data provision |
|---|---|---|
| a) Managing and responding to information or quotation requests sent via form, phone, WhatsApp, or email | Performance of pre-contractual measures requested by the data subject (Art. 6.1.b) | Necessary; without it, the request cannot be processed |
| b) Managing contractual relationships with clients/suppliers, including administrative, accounting, and tax obligations | Performance of a contract (Art. 6.1.b) and legal obligation (Art. 6.1.c) | Necessary; without it, the relationship cannot be managed |
| c) Sending newsletters/promotional communications via company email systems only when consent is given | Consent of the data subject (Art. 6.1.a), which may be withdrawn at any time | Optional; refusal does not affect other site functions |
| d) Soft-spam toward existing clients: sending emails about products/services similar to those already purchased, with an opt-out in every message | Legitimate interest of the Controller (Art. 6.1.f) in conjunction with Art. 130(4) of the Italian Privacy Code | Optional; the data subject may object at any time |
| e) Anonymous/aggregate statistical analysis of Website traffic without individual user tracking | Legitimate interest of the Controller (Art. 6.1.f) | Optional; performed without identifying users |
For any additional or specific purposes (e.g., dedicated services, custom initiatives, activities agreed upon during commercial negotiations), a separate notice will be provided and consent collected where required.
Data are processed using manual and digital tools, in accordance with the principles of lawfulness, fairness, transparency, data minimization, and storage limitation (Art. 5 GDPR). Appropriate technical and organizational measures are implemented to ensure data security (Art. 32 GDPR).
Data may be processed only by personnel expressly authorized by the Controller and/or by entities acting as Data Processors (Art. 28 GDPR), including for example:
Hosting and infrastructure providers for the Website (Vhosting – servers located in Italy);
Corporate email service provider managing communications with users;
Consultants or external providers offering administrative, legal, accounting, or IT services, strictly limited to the stated purposes.
An updated list of Data Processors can be obtained by writing to info@vetrimolati.com.
No transfers of personal data outside the European Economic Area (EEA) are currently foreseen. Should the use of non-EU service providers become necessary for technical or organizational reasons, the Controller will ensure that any transfer complies with Chapter V of the GDPR (e.g., through Standard Contractual Clauses and adequate supplementary measures) and will update this Policy accordingly.
Contacts/leads: retained for up to 12 months after the last relevant interaction, unless needed longer to protect the Controller’s rights;
Contractual, administrative, and tax data (clients/suppliers): 10 years (legal obligation);
Newsletter/marketing: until consent withdrawal or objection; consent logs and preferences: retained for up to 24 months after last interaction or until otherwise required by law;
Technical security logs: retained for the period strictly necessary for system security (approximately 6–12 months).
Once the retention period has expired, data will be deleted or irreversibly anonymized, except where legal obligations or orders from authorities require otherwise.
The Controller applies appropriate measures, including:
HTTPS/TLS site encryption;
Regular backups;
Periodic CMS/plugin updates;
Access control and role management;
Two-factor authentication for critical panels.
Data subjects may exercise their rights under Articles 15–22 GDPR, including:
access, rectification, erasure, restriction, portability, and objection to processing;
withdrawal of consent at any time, without affecting the lawfulness of processing based on consent before withdrawal;
objection to direct marketing (including soft-spam) at any time.
Requests may be sent to info@vetrimolati.com. The Controller will respond within 30 days, extendable under Article 12 GDPR.
Without prejudice to any other administrative or judicial remedy, the data subject has the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it) under Article 77 GDPR if they believe their data have been processed in violation of applicable law.
Newsletter/marketing based on consent: each message includes a simple and free mechanism to withdraw consent.
Soft-spam (Art. 130(4) Italian Privacy Code): the Controller may use the client’s email address obtained in the context of a sale to send information about similar products or services. The user can object at any time by clicking the unsubscribe link or writing to info@vetrimolati.com.
Personal data are not publicly disclosed. They may be communicated to entities entitled by law or by request of authorities, as well as to consultants within the limits strictly necessary for the stated purposes.
The Controller does not carry out processing activities that involve automated decision-making or profiling that produce legal or similarly significant effects on individuals, as defined in Article 22 GDPR.
The Controller reserves the right to update this Policy to reflect legal, technical, or organizational changes. In case of substantial modifications, notice will be provided on the Website. The current version is identified by the last update date indicated above.
For any inquiries or to exercise privacy rights, please contact info@vetrimolati.com specifying “Privacy rights request” in the subject line.
