PRIVACY E COOKIE POLICY

DATA PROCESSING INFORMATION NOTICE

This Privacy Notice defines which data are collected and how they are used, disclosed, transferred and/or stored by the company.

This notice is provided, pursuant to Articles 13-14 of Regulation (EU) 2016/679 – hereinafter, GDPR – to those who interact with the web services accessible online from the address: www.marval.it

This notice is subject to updates that will be published promptly on the website.

  1. DATA CONTROLLER

The Data Controller of the data collected by this site is MARVAL SpA, Via Ing. Camillo Olivetti 14, Castellamonte 10081 (TO) ITALY – VAT 04904780014 – e-mail: privacy@marval.it

  1. CATEGORIES OF DATA PROCESSED

The processing concerns the following Data:

– common identifying data (First name, Surname)
– contact data (telephone number, e-mail address)
– IP address
– browsing data (see the Cookie Policy for more information)
– additional data provided by the Data Subject in relation to the submitted request

Further Personal Data may be indicated in other sections of this Privacy Policy or in information notices shown at the time of collection. Personal Data may be entered voluntarily by the User (e.g. via contact e-mail) or collected automatically while using this website.

  1. METHODS OF PROCESSING PERSONAL DATA

Personal Data provided or acquired are processed in keeping with the principles of correctness, lawfulness, transparency, relevance, minimisation and confidentiality protection under current legislation.

The Controller processes Users’ Personal Data by adopting suitable security measures to prevent unauthorised access, disclosure, alteration or destruction of Personal Data.

Processing is carried out by computer and/or telematic tools with organisational methods strictly related to the purposes indicated.

  1. DISCLOSURE AND DISSEMINATION OF DATA

In addition to the Controller, Data may be accessible to:

  1. a) authorised staff, suitably trained, involved in the organisation and management of the website (administrative, commercial, marketing, HR, legal staff, system administrators);
    b) external parties (e.g. third-party technical service providers, hosting providers, IT companies, communication agencies) and/or internal parties appointed as Data Processors under Art. 28 GDPR; c) public or private bodies entitled to access Data by law;
    d) parties carrying out ancillary and instrumental tasks for the Controller;
    e) external parties such as partners organising initiatives and events promoted and/or sponsored by the Controller, where communication of the Data is necessary for organisational reasons;
    f) parties referred to in point 8) g) of this Privacy Policy, with any consent of the Data Subject where required.
  1. DATA VOLUNTARILY PROVIDED BY THE USER

The optional, explicit and voluntary sending of e-mails—also via the Contact Form or to the addresses on this site—entails acquisition of the sender’s address, needed to reply, as well as any other Personal Data in the message. Explicit consent to inclusion of Data in the Controller’s databases is not required for provision of what the Controller offers Users, for fulfilment of single requested activities (e.g. contract completion, proper handling of the sender’s requests) and/or the Controller’s legitimate interest. The User is responsible for Personal Data of third parties shared and guarantees the right to communicate or disseminate them, releasing the Controller from any liability.

  1. PLACE OF PROCESSING

Data are processed at the Controller’s operational headquarters. For further details, contact the Controller.

  1. DURATION OF PROCESSING

Per Art. 5 §1 e) GDPR, Data are kept in a form that allows identification of Data Subjects no longer than necessary for the purposes for which they are processed, i.e. to perform the requested service or as described in this document.

Specifically:
– Data collected to execute a contract between Controller and User are kept until that contract is fulfilled;
– Data collected for the Controller’s legitimate interest are kept until that interest is satisfied; Users may request details;
– Data collected by consent are kept until consent is withdrawn;
– Data kept for fiscal/administrative obligations are stored as required by law and not beyond civil-law limits;
– Data may be retained longer to comply with legal obligations or authority orders.

Users may always request interruption of Processing or deletion of Data not linked to contract execution.

When the retention period ends, Personal Data will be erased and rights to access, delete, rectify or port Data can no longer be exercised.

  1. PURPOSES OF DATA PROCESSING

Data are collected so the Website and Organisation can provide their services and for: contacting the User, managing addresses and e-mails, interaction with external platforms, statistics, namely:

  1. a) to fulfil obligations laid down by laws, regulations or commercial practices, especially tax/fiscal;
    b) to meet specific requests made to the Controller via the Website;
    c) for informative messages on Controller services following e-mail enquiries;
  2. d) for other purposes connected to those above and falling within the Website’s activities;
    e) to send promotional and commercial information and offers;
    f) for profiling for marketing purposes;
    g) to transfer Data to companies/third parties with which the Controller cooperates or has agreements, who may use the Data Subject’s Data for communications or information on events or services they provide;

The types of Personal Data for each purpose are indicated in the specific sections.

For purpose a) processing is necessary to perform a contract or comply with a legal obligation.

For purposes b), c), d) processing is optional; failure to provide data means the User’s request cannot be fulfilled.

For purposes e), f), g) processing is based on freely given consent.

  1. FURTHER INFORMATION ON PROCESSING

DEFENCE IN COURT
User Data may be used by the Controller in court or preparatory stages against misuse of the site or connected services. The User knows the Controller may be asked to reveal Data to public authorities.

  1. NATURE OF DATA AND CONSEQUENCES OF REFUSAL

Providing browsing Data depends on privacy settings enabled in the browser; disabling may impair navigation. For some site forms, providing browsing Data and/or technical cookies is mandatory for proper operation.

Otherwise the procedure cannot be completed.

Any request for other optional Data will be preceded by specific approval.EXERCISING DATA SUBJECT RIGHTS
Under Arts. 7, 15-22 GDPR, Data Subjects may withdraw consent at any time and can request access, port, update, restrict, rectify or erase Data processed unlawfully. They may object to processing for legitimate reasons or for direct marketing. They may lodge complaints with the Data Protection Authority. Requests go to the internal Privacy Officer at privacy@marval.it; responses within 30 days.

  1. AMENDMENTS TO THIS PRIVACY POLICY

The Controller may amend this Policy at any time, posting on this page. Check frequently and refer to the last-modified date. If changes are not accepted, stop using the site and ask the Controller to remove Data. Unless otherwise specified, the previous Policy applies to Data already collected.

The Data Controller is responsible for this Privacy Policy.

Privacy Notice updated January 2025

COOKIE POLICY

This cookie policy concerns the use of Cookies by www.marval.it

The Data Controller is MARVAL SpA, Via Ing. Camillo Olivetti 14, Castellamonte 10081 (TO) ITALY – VAT 04904780014 – e-mail: privacy@marval.it

Cookies are small text files used to improve browsing efficiency; they are stored by the browser for reuse on later visits.

Cookies have different functions. Some improve site functionality and navigation (so-called technical or necessary Cookies). Others monitor Users, recording interests to customise ads (so-called profiling Cookies). Cookies personalise content, provide social-media features and analyse traffic.

Users can set browser preferences to avoid storing Cookies, delete them after each visit or on closing the browser, or accept only cookies from www.marval.it and not third-party cookies.

By duration, Cookies are:

Session Cookies: temporary, erased when the User leaves the site.
Persistent Cookies: remain until deleted.

This site uses various Cookies.

Technical Cookies
Technical Cookies do not require consent. They transmit communications over an electronic network or are strictly necessary for an information-society service requested by the User. This site uses technical Cookies to remember the User’s Cookie preferences. They last for the browsing session.

DELETE OR DISABLE COOKIES
Apart from strictly necessary technical cookies, Data provision is voluntary. Users can avoid installing Cookies by keeping the banner open, unticking categories, or via browser settings.

Users can manage Cookie preferences in the browser and block third-party installation.

Disabling all Cookies may impair the site. Each browser has different settings.

Third-party cookies can also be disabled via Your Online Choices (http://www.youronlinechoices.com/it/le-tue-scelte), managed by EDAA, offering opt-out options. Deleting Cookies via browser or such services inhibits third-party cookies generally, not just on this site.

FURTHER INFORMATION ON PROCESSING

Specific notices
On request, the site may provide additional contextual information on specific services or Data collection.

System logs and maintenance
For operation and maintenance, this Site and any third-party services couldro collect system logs, i.e. files recording interactions that may contain Personal Data (e.g. IP address).

Information not in this Policy
Further details on Personal Data processing can be requested from the Controller.

EXERCISING DATA SUBJECT RIGHTS
Under Arts. 15-22 GDPR, Data Subjects have the right to obtain confirmation of the existence of their personal data, even if not yet registered, and receive them intelligibly.

They are entitled to be informed of:

  1. a) the origin of the personal data;
    b) purposes and methods of processing;
    c) logic applied with electronic processing;
    d) identification details of the Controller and Processors;
    e) entities to whom Data may be disclosed or who may learn of them as appointed representatives, processors or authorised staff.

They are entitled to obtain:

  1. a) updates, rectification or, when interested, integration of Data;
    b) erasure, anonymisation or blocking of unlawfully processed Data, including Data whose retention is unnecessary.

They have the right to object, in whole or in part:

  1. a) for legitimate reasons to processing of Personal Data, even if relevant to collection purposes;
    b) to processing for sending advertising material, direct sales, market research or commercial communication.

NOTE: The Controller is not responsible for updating all third-party links in this Cookie Policy; if a link is broken or outdated, Users must refer to the relevant documents on those sites.

Cookie Policy updated January 2025