Privacy Policy

DATA CONTROLLER

Defim Orsogril S.p.A., with registered office at Via Carlo Nicola Pasini, 11, 25017 Lonato del

Garda (Brescia), Italy

Email address of the Controller: info@defimorsogril.com 

DATA PROTECTION OFFICER (DPO)

The Controller has appointed MASTER KONSULT S.R.L. as the Data Protection Officer, who can

be contacted for any matters regarding the processing of personal data and to exercise the rights

under the GDPR at the following email address: dpo@it.feralpigroup.com 

TYPES OF DATA COLLECTED

Among the types of Personal Data collected by this Application, either independently or through third parties, there are: Cookies; Usage Data; first name; last name; gender; date of birth; phone number; company name; profession; address; country; province; email; postal code; various types

of Data; city; state; username; website; geographical location; password; tax code; VAT number; place of work.

Full details on each type of data collected are provided in the dedicated sections of this privacy policy or by specific information texts displayed prior to data collection. Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using this Application. Unless otherwise specified, all Data requested by this Application is mandatory. If the User refuses to provide it, it may be impossible for this Application to provide the Service. Where this Application indicates certain Data as optional, Users are free to refrain from communicating such Data without affecting the availability or operation of the Service. Users who are uncertain about which Data is mandatory are encouraged to contact the Controller.

Any use of Cookies – or other tracking tools – by this Application or by the owners of third-party services used by this Application is for the purpose of providing the Service requested by the User, in addition to any other purposes described in this document and in the Cookie Policy, if available. The User assumes responsibility for third-party Personal Data obtained, published, or shared through this Application and declares to have the right to communicate or disseminate it, thus releasing the Controller from any liability to third parties.

METHOD AND LOCATION OF DATA PROCESSING

Processing Methods

The Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data. Processing is carried out using IT and/or telematics tools, with organizational methods and logic strictly related to the purposes indicated.

In addition to the Controller, in some cases, the Data may be accessible to other parties involved in the operation of this Application (administrative, sales, marketing, legal staff, system administrators) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) appointed, if necessary, as Data Processors by the Controller. The updated list of these parties may be requested from the Controller at any time.

Legal Basis for Processing

The Controller processes Personal Data relating to the User when one of the following conditions applies:

  • The User has given consent for one or more specific purposes;
  • Processing is necessary for the performance of a contract with the User and/or for pre-contractual measures;
  • Processing is necessary to comply with a legal obligation to which the Controller is subject;
  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;
  • Processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party.

In any case, the Controller will gladly help clarify the specific legal basis that applies to the processing and whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

Location

The Data is processed at the Controller’s operating offices and in any other places where the parties involved in the processing are located. The User’s Personal Data may be transferred to a country other than the one in which the User is located. 

To find out more about the place of processing, Users can refer to the section detailing the processing of Personal Data.  The User is entitled to obtain information regarding the legal basis for data transfers outside the European Union or to an international organization governed by public international law or established by two or more countries, such as the UN, and about the security measures adopted by the Controller to safeguard their data. 

Users can find out more by checking the relevant sections of this document or by contacting the Controller at the details provided above.

Data Retention Period

Data is processed and stored for as long as required for the purpose for which it has been collected. Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Controller and the User will be retained until such contract has been fully performed.
  • Personal Data collected for the purposes of the Controller’s legitimate interests will be retained as long as needed to fulfill those purposes.

When processing is based on User consent, the Controller may retain Personal Data longer until such consent is withdrawn. Furthermore, the Controller may be obliged to retain Personal Data for a longer period to comply with a legal obligation or by order of an authority.

Once the retention period expires, Personal Data will be deleted. Therefore, the right to access, erase, rectify, and data portability can no longer be exercised after that period.

PURPOSES OF DATA COLLECTION

User Data is collected to allow the Controller to provide the Service, comply with legal obligations, respond to enforcement requests, protect its rights and interests (or those of Users or third parties), detect malicious or fraudulent activity, as well as for the following purposes: Statistics, Tag Management, Contacting the User, Content Commenting, Managing contacts and sending messages, Interaction with social networks and external platforms, Location-based interactions, Remarketing and behavioural targeting, Displaying content from external platforms, and Registration and authentication.

DATA SUBJECT RIGHTS

With respect to the processing of the above data, the data subject is entitled, within the limits of the current legislation, to:

  • Receive confirmation as to whether or not personal data concerning them exists, be informed of its content and origin, verify its accuracy, or request its integration, update, or correction;
  • Request the erasure, anonymization, or blocking of data processed unlawfully;
  • Request confirmation that such actions have been communicated to third parties to whom the data was disclosed, unless this proves impossible or involves a disproportionate effort;
  • Request restriction of processing or object to it for legitimate reasons;
  • Revoke consent for optional processing not related to the execution of a contract;
  • Request data portability or exercise the right to be forgotten.

COMPLAINTS

In case of a lack of or unsatisfactory response, the data subject has the right to lodge a complaint

with the competent data protection authority for any violations they believe they have suffered

(Garante per la protezione dei dati personali: www.garanteprivacy.it )  

Email: garante@gpdp.it  – Certified email: protocollo@pec.gpdp.it 

Last update: 09/05/2025

To top