1. Introduction

In accordance with European Regulation no. 679/2016 (hereinafter “GDPR“), this Privacy Policy explains how Fiorentini S.p.A. collects, uses, transfers, and protects personal information transmitted by its business partners, customers or potential customers and, finally, by users of the services offered, including through its web pages (Fiorentinispa.com).

Personal data means any information relating to an identified or identifiable natural person (hereinafter “Data Subject“) with particular reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more characteristic elements of their physical, physiological, genetic, mental, economic, cultural, or social identity.

Processing means any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, restriction, erasure, or destruction.

Data controller means the natural or legal person, public authority, service, or other body which, individually or together with others, determines the purposes and means of the processing of personal data.

2. Who is the data controller for the data collected under this policy?

The data controller of the personal data collected is Fiorentini S.p.A., (hereinafter “Fiorentini” or “Data Controller“).

3. What types of data are processed by Fiorentini?
  • Data of customers, potential customers, and suppliers, including their consultants and other representatives, provided voluntarily.
    Any contact with Fiorentini, including through services provided on its web pages, or the optional, explicit, and spontaneous sending of e-mail or traditional mail to Fiorentini addresses, or upon the conclusion of contractual relationships, involves the subsequent acquisition of the personal data sent, for the sole purpose of performing the requested service or responding to requests or entering into and managing the contractual relationship. Fiorentini collects and processes the following personal data: IP addresses, email addresses, telephone numbers, place of residence, date of birth, tax code/VAT number, names, qualifications, duties, bank details, as well as other personal data entered in the relevant service forms and/or communications.
  • Browsing data.
    The computer systems and software programs used for the operation of Fiorentini websites collect some personal data whose transmission is implicit in the use of Internet communication protocols (e.g., IP addresses or domain names of the computers used by users connecting to the site, information on visits, browser software, and other parameters relating to the user’s operating system and computer environment). This data is used for the sole purpose of obtaining statistical information not associated with any user identification data on the use of the site and to check its correct functioning; it is, therefore, deleted immediately after processing.
  • Cookies
    Cookies are small text files that are installed by a website on the user’s browser and that record certain information relating to the user’s browsing activity. For information regarding the use of cookies through this site, please read the cookie policy.
4. For what purposes is the personal data collected by Fiorentini processed?

Personal data will be processed for the purposes indicated below:

  • administrative-accounting purposes as well as to fulfill obligations provided for by applicable laws or regulations as well as by provisions issued by the competent authorities/supervisory and control bodies;
  • purposes strictly connected and/or necessary for the fulfillment of its contractual obligations and to exercise its contractual rights, including after-sales activities;
  • purposes related to registration on the site to use the services offered by Fiorentini, including the possibility of making an online purchase;
  • purposes related to the fulfillment of any other request received by Fiorentini;
  • subject to prior consent, purposes of an informative and promotional nature regarding the activities carried out by Fiorentini and/or the products marketed. The sending of communications for the aforementioned purposes by Fimap may take place both through traditional methods (e.g., paper mail, phone calls with an operator) and through automated communication methods such as e-mail (e.g., newsletter) and SMS. Limited to the e-mail coordinates provided in the context of the purchase of a product or service offered and sold by Fiorentini, the latter may use them for sending informative and promotional communications (including the newsletter) of similar products or services without the need for the express and prior consent of the data subject and provided that the Data Subject does not exercise the right to object (so-called soft spamming);
  • subject to prior consent, purposes of processing preferences through detection of the type and frequency of purchases for sending informative and/or advertising material of specific interest to the Data Subject by email and for the improvement of commercial proposals sent by Fiorentini (so-called profiling).
5. What is the legal basis for the processing of the personal data collected? Can consent be withdrawn?

Legal basis for data processing according to the GDPR.
The legal basis for the processing of personal data for the purposes above is as follows:

  • for the purposes referred to in point 4 letter (a), compliance with a legal obligation;
  • for the purposes referred to in point 4 letter (b), the fulfillment of Fimap’s contractual obligations;
  • for the purposes referred to in point 4 letter (c), the provision of the requested service;
  • for the purposes referred to in point 4 letter (d), the response to any other request received by Fimap;
  • for the purposes referred to in point 4 letter (e) and (f), the user’s consent.

Withdrawal of consent
For the purposes referred to in point 4 letter (e) and (f), the data subject may withdraw their consent at any time by writing to marketing@fiorentinispa.com
The Data Subject’s right to object to the processing of their personal data for marketing purposes through automated contact methods (e-mail, SMS) also extends to traditional ones (mail).
Limited to the sending of the newsletter, the Data Subject may object to the processing of data concerning them also through the specific link at the bottom of any promotional e-mail sent by Fiorentini which allows for automatic unsubscription from the newsletter.
The withdrawal of the data subject’s consent will not affect in any way Fiorentini’s right to process the user’s data if such processing is necessary in order to fulfill Fiorentini’s contractual obligations and/or to the extent that Fiorentini is required to process the data subject’s personal data to comply with a legal obligation or to defend its right in a dispute with the data subject, to prevent fraud or abuse.

6. How is the personal data collected by Fimap processed? With whom might Fimap share such data?

Processing methods
The processing of personal data takes place mainly with the aid of electronic or otherwise automated tools, according to methods and with means suitable to guarantee the security and confidentiality of the data themselves, in compliance with the provisions of the legislation on personal data protection. In particular, Fiorentini uses technical, IT, organizational, logistical, and procedural security measures in order to guarantee the minimum level of data protection required by law, allowing access only to authorized persons.

Scope of data disclosure
The personal data of the data subjects may be communicated to the following subjects:

  • employees and/or collaborators of Fiorentini, for the performance of administration, accounting, after-sales, IT support, and logistical activities;
  • subjects who perform customer assistance activities and who provide centralized services also for the benefit of Fiorentini itself, including marketing services, as well as after-sales services;
  • companies or consultants in charge of the installation, maintenance, and management of Fiorentini’s hardware and software (including Fimap’s web pages);
  • external companies or consultants who perform banking, financial, insurance, legal, recruitment, and personnel selection services;
  • companies of the group controlled by Fiorentini S.p.A. to which Fiorentini belongs;
  • authorities and supervisory and control bodies and, in general, public or private subjects, acting as Public Officials or persons in charge of a public service;
  • subjects who perform document archiving and data entry activities.

With reference to the personal data communicated to them, the subjects belonging to the categories listed above may operate, depending on the case, as data processors or persons in charge of processing or as separate data controllers.
Personal data will not be disseminated or communicated to other external subjects in any way, except in cases where communication is mandatory by law or necessary.

7. How long will the personal data collected by Fiorentini be stored?

Personal data will be stored for the time necessary from an operational and/or legal point of view as follows:

  • for the purposes referred to in the previous point 4, letters (a), (b), (c), and (d) for a period not exceeding ten (10) years, without prejudice to any specific legal obligations on the storage of accounting documentation and, in any case, according to the limitation periods provided for by law;
  • for the purposes referred to in the previous point 4, letter (e), until consent has been withdrawn;
  • for the purposes referred to in the previous point 4, letter (f), for a maximum period of 12 months.

In any case, Fiorentini may store the personal data collected for a period of time longer than indicated above in the event of potential or actual legal disputes or to prevent fraud or abuse.

In any case, at the end of the storage period, the data will be deleted or aggregated or anonymized.

8. Will the personal data collected by Fiorentini be transferred abroad?

It may happen that Fimap shares the personal data collected with selected subjects who may process such data in countries both within and outside the EU/EEA. In the case of transfer to countries where laws do not offer the same level of data protection ensured by the GDPR, Fiorentini will use various legal mechanisms, including EU standard contractual clauses, to ensure that the rights and protections guaranteed by Fiorentini travel together with the transferred data.
Further information regarding the international transfer of data can be sent to the contacts available at the end of this policy.

9. What are the rights of the Data Subject?

This section lists the rights of the Data Subject which can be exercised at any time by writing to marketing@fiorentinispa.com.
The Data Subject shall have the right to:

  • obtain from Fimap confirmation as to whether or not personal data concerning them is being processed and, if so, access the information referred to in Art. 15 of the GDPR;
  • obtain the rectification of personal data concerning them, or, taking into account the purposes of the processing, the integration of incomplete personal data;
  • obtain the erasure of their personal data, in the presence of one of the reasons referred to in Article 17 of the GDPR;
  • obtain the restriction of the processing of their personal data in the cases provided for by applicable law;
  • object to the processing of their personal data for reasons related to their particular situation;
  • receive in a structured, commonly used, and machine-readable format the personal data concerning them, as well as to transmit such data to another data controller without hindrance from the data controller if technically possible, in the cases and within the limits referred to in Art. 20 of the GDPR.

Depending on the amount or complexity of the information requested, an appropriate fee may be required.
The Data Subject shall also have the right to lodge a complaint with a Supervisory Authority (for Italy: the Garante per la protezione dei dati personali), if they believe that the processing concerning them is carried out in violation of the GDPR.
In any case, the Data Subject is invited to contact Fimap, which undertakes to handle the matter with the utmost courtesy, seriousness, and discretion.

10. Minors

Our products and services are primarily intended for an adult audience. Fiorentini does not intentionally request or collect personal data from or relating to minors under 16 years of age without the consent of a parent or legal guardian. Should Fiorentini learn that personal data relating to minors has been sent without the consent of a parent or legal guardian, Fiorentini will make every reasonable effort to:

  • delete such personal data from its files as soon as possible; and
  • ensure that this personal data is not further used for any purpose, nor further disclosed to third parties.
11. Changes and updates to this Policy

Fimap reserves the right to modify, update, or change this Privacy Policy, with effect from its publication on this site.

12. Information

For any information regarding this Privacy Policy or our products, you can write to the e-mail address marketing@fiorentinispa.com

Date of last update: March 7, 2025.