Per leggere questo testo in italiano:
informativa sulla privacy

Dear User,

Pursuant to art. 13 of the Regulation (EU) 2016/679 (hereinafter also referred to as GDPR) and in accordance with the national legislation about personal data protection, by this policy we provide you the information about the methods and the purposes of the processing of your personal data, collected through our website.

1. Data Controller and Data Protection Officer

The Data Controller is Italdesign-Giugiaro S.p.A., with registered office in Torino, via San Quintino 28 and with headquarters in Moncalieri (TO), via Achille Grandi 25, which can be contacted by writing to privacy@italdesign.it.

The Data Protection Officer (DPO) can be contacted by writing an e-mail to dpo@italdesign.it.

2. Categories of personal data processing

The Data Controller processes personal data (name, surname, email) you provided by filling in the online form available within the “Contacts” section on our website.

Furthermore, the acquisition of further personal data is necessary, due to our website’s normal mode of operation.

This concerns information that is not collected to be associated with identified individuals, but that could allow identification through processing and connection with data held by third parties. This category of data includes cookies, small text files that websites visited by users send to the user’s terminal, in which data is stored and later retransmitted to the same sites during subsequent visits.

For further information about cookies used on our website, please visit: Cookie Policy.

3. Purposes of the processing

Your personal data is processed only for the purpose of receiving and possibly responding to your request for a business contact or evaluating the use of the website.

Please note that any requests without commercial purposes will be ignored, and the personal data contained therein will be immediately deleted.

4. Processing method and retention of data

Personal data is processed by the Data Controller according to lawfulness, fairness, and transparency principles.

The processing of your personal data is carried out through the following operations: collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of data.

The Data Controller will process personal data for the time necessary to fulfill the purposes mentioned above and, in any case, no longer than 2 years from the data collection.

5. Data access

For the purposes stated in paragraph 3, your data may be disclosed to the following subjects:

• Companies or other third parties (e.g., those providing services to manage the computer system and telecommunications network, as well as the website) that handle personal data outsourced on behalf of the Data Processor;
• Subjects appointed as external Data Processors and persons authorized by the Data Controller who need to process personal data to perform their duties and assigned functions;
• Public entities, to comply with legal obligations, and judicial authorities, if officially required.

6. Transfers of personal data to extra-EU countries

Your personal data is not transferred to countries outside the European Union and is stored on servers located within the EU. However, the Data Controller reserves the right to transfer data even outside the EU, if necessary.

In such cases, the Data Controller ensures that the transfer of data to non-EU countries will occur only if one of the conditions set out in Chapter V of the GDPR is met.

7. Legal basis of the processing

The basis for the provision of personal data and its processing for the purposes described in paragraph 3 relies on Article 6, paragraph 1, letter f) GDPR (legitimate interests pursued by the Data Controller), as processing is necessary to respond to business-related requests you may send us.

In case of refusal, you will not be able to send requests or receive any responses from the Data Controller.

8. Data subjects’ rights

As a data subject, you have the following rights under the GDPR. You may request the Data Processor, addressing the Data Protection Officer, to access personal data, indicate the modalities, purposes, and logic of processing, request restriction, objection, or data portability, and request rectification or erasure, in accordance with restrictions and conditions specified by the European Regulation. Lastly, you have the right to lodge a complaint with the supervisory authority pursuant to art. 77 of the GDPR.

You can exercise your rights, as described above, by writing to privacy@italdesign.it.