SABI GROUP PRIVACY POLICY

L.A.F. Spa

INFORMATION ART. 13 OF THE EUROPEAN REGULATION n. 2016/679

(General Data Protection Regulation)

  1. Data controller

The Data Controller is Laf Spa (VAT no.00071690937), in the person of the legal representative pro tempore, with registered office in Polcenigo, via delle Industrie, 12 www.sabigroup.it, hereinafter “the Data Controller”.

The Data Controller provides the interested party with complete information on the purposes and methods of processing personal data.

  1. Methods of processing personal data

Personal data (e.g. personal data, telephone number, email, etc.) are processed on computer media or in any case with the aid of computerized or automated tools and entered into the relevant banks, which can be accessed by those in charge of data processing, in compliance with security measures and, in any case, in such a way as to guarantee the integrity, security and confidentiality of the data themselves. The processing may also be carried out by third parties who provide specific processing, administrative or instrumental services necessary to achieve the purposes set out below.

  1. Purpose of the processing

The Data Controller will process your personal data for the following purposes:

  • carrying out contractual and pre-contractual activities
  • fulfillment of tax or legal obligations
  • sending communications and information for commercial purposes

Furthermore, personal data will be processed exclusively for purposes strictly connected and instrumental to the fulfillment of the obligations relating to the aforementioned points.

The consent expressed by you is the legal basis of the processing pursuant to art. 13, paragraph 1), letter c) of the GDPR.

  1. Nature of the provision

The provision of your data for the purposes referred to in points 1) and 2) of article 3 does not require any formal consent as it is preparatory and essential to any contractual or pre-contractual relationship.

The provision of your data for the purposes referred to in points 3) of the art. 3 is optional and requires your express consent. Failure to consent will exclusively imply the consequences described below: the impossibility of sending communications and information for commercial purposes.

In any case, if you have given express consent to authorize the Data Controller to pursue the purposes referred to in points 3) of the art. 3, you will however remain free to revoke it at any time by sending a communication without any formalities to the email address privacy@sabigroup.it. Following receipt of this opt-out request, the Data Controller will promptly remove and delete the data from the databases used for processing for the purpose of sending communications and information for commercial purposes. The mere receipt of the cancellation request will automatically constitute confirmation of cancellation.

  1. Recipients or category of recipients of personal data

The personal data provided by you, for the purposes described above, may be brought to the attention of employees and/or collaborators of the Data Controller and communicated to the following subjects:

  1. third-party companies possibly appointed by the Data Controller to carry out the obligations assumed by the latter for the implementation of the processing envisaged by the purposes referred to in points 1) and 2) of article 3;
  2. all subjects (including Public Authorities) who have the right to access data pursuant to regulatory or administrative provisions;
  3. third-party companies that provide essential support services for processing and have direct or indirect access to your data;
  4. third-party companies appointed by the Data Controller for the processing of data envisaged for the purposes referred to in points 3) of article 3;

All collaborators or suppliers used by the Data Controller for the processing of your personal data have been appropriately and legally authorized and responsible for the methods and purposes of the processing attributed to them and will act in compliance with and in accordance with this information.

The personal data provided by you and subsequently processed in relation to the management of the service are not subject to disclosure.

For the subjects indicated in points b), d) and e) only the category of recipients is indicated, as it is subject to frequent updates and revisions. Therefore, interested parties may request the updated list of recipients by contacting the Data Controller through the channels indicated in the art. 1 of this information.

  1. Data retention times

Your personal data will be stored for the times defined by the relevant legislation, which are specified below pursuant to art. 13, paragraph 2, letter a) GDPR:

  • for the purposes indicated in points 1), 2) of article 3 for the times prescribed by the laws in force and in any case for a period of no less than 10 (ten) years
  • for the purposes indicated in points 3) of the art. 3 for 2 (two) years from the moment of issuing consent to the treatment
  1. Exercise of rights by the interested party

Pursuant to articles 13, paragraph 2, letters b) and d), 15, 18, 19 and 21 GDPR, the interested party is informed that he has the right to:

  1. Access to personal data: obtain confirmation whether or not data concerning you is being processed and, in this case, access to the following information: the purposes, the categories of data, the recipients, the retention period, the right to lodge a complaint with a supervisory authority, the right to request rectification or cancellation or limitation of processing or opposition to the processing itself as well as the existence of an automated decision-making process;
  2. Request for rectification or cancellation of the same or limitation of processing concerning you; “limitation” means the marking of the data stored with the aim of limiting their processing in the future;
  3. Opposition to processing: object for reasons related to your particular situation to the processing of data for the execution of a task of public interest or for the pursuit of a legitimate interest of the Data Controller;
  4. Data portability: in the case of automated processing carried out on the basis of consent or in execution of a contract, to receive the data concerning you in a structured, commonly used and machine-readable format; in particular, the data will be provided to you by the Data Controller in .xml format;
  5. Revocation of consent to processing for marketing purposes, both direct and indirect, market research and profiling; the exercise of this right does not prejudice in any way the lawfulness of the processing carried out before the revocation;
  6. Propose a complaint pursuant to art. 77 GDPR to the competent supervisory authority based on your habitual residence, place of work or place of violation of your rights; for Italy, the Guarantor for the protection of personal data is responsible and can be contacted via the contact details on the website http://www.garanteprivacy.it.

The aforementioned rights may be exercised by sending a specific request to the Data Controller via the contact channels indicated in the art. 1 of this information.

Requests relating to the exercise of your rights will be processed without unjustified delay and, in any case, within one month of the request; only in cases of particular complexity and the number of requests can this deadline be extended by a further 2 (two) months.

  1. Personal Data Protection Officer (DPO)

The Data Controller has designated the Personal Data Protection Officer – so-called. Personal Data Protection Officer or “RPD” – pursuant to art. 37, GDPR, the company Top Management Consulting Srl, in the person of the legal representative Eng. Maurizio Squaiella, with registered office in 36100 Vicenza, Via dei Cairoli n. 71, tax code 03947550244, who can be contacted for any information and/or requests by sending an e-mail privacy@sabigroup.it.

The exercise of rights is not subject to any formal constraints and is free. The email address for exercising rights is privacy@sabigroup.it

MEC SYSTEM Srl

INFORMATION ART. 13 OF THE EUROPEAN REGULATION n. 2016/679

(General Data Protection Regulation)

  1. Data controller

The Data Controller is Mec System Srl (VAT no.00452250939), in the person of the legal representative pro tempore, with registered office in San Quirino, via Ungaresca, 9/a, www.sabigroup.it, hereinafter “the Data Controller”.

The Data Controller provides the interested party with complete information on the purposes and methods of processing personal data.

  1. Methods of processing personal data

Personal data (e.g. personal data, telephone number, email, etc.) are processed on computer media or in any case with the aid of computerized or automated tools and entered into the relevant banks, which can be accessed by those in charge of data processing, in compliance with security measures and, in any case, in such a way as to guarantee the integrity, security and confidentiality of the data themselves. The processing may also be carried out by third parties who provide specific processing, administrative or instrumental services necessary to achieve the purposes set out below.

  1. Purpose of the processing

The Data Controller will process your personal data for the following purposes:

  • carrying out contractual and pre-contractual activities
  • fulfillment of tax or legal obligations
  • sending communications and information for commercial purposes

Furthermore, personal data will be processed exclusively for purposes strictly connected and instrumental to the fulfillment of the obligations relating to the aforementioned points.

The consent expressed by you is the legal basis of the processing pursuant to art. 13, paragraph 1), letter c) of the GDPR.

  1. Nature of the provision

The provision of your data for the purposes referred to in points 1) and 2) of article 3 does not require any formal consent as it is preparatory and essential to any contractual or pre-contractual relationship.

The provision of your data for the purposes referred to in points 3) of the art. 3 is optional and requires your express consent. Failure to consent will exclusively imply the consequences described below: the impossibility of sending communications and information for commercial purposes.

In any case, if you have given express consent to authorize the Data Controller to pursue the purposes referred to in points 3) of the art. 3, you will however remain free to revoke it at any time by sending a communication without any formalities to the email address privacy@sabigroup.it. Following receipt of this opt-out request, the Data Controller will promptly remove and delete the data from the databases used for processing for the purpose of sending communications and information for commercial purposes. The mere receipt of the cancellation request will automatically constitute confirmation of cancellation.

  1. Recipients or category of recipients of personal data

The personal data provided by you, for the purposes described above, may be brought to the attention of employees and/or collaborators of the Data Controller and communicated to the following subjects:

  1. third-party companies possibly appointed by the Data Controller to carry out the obligations assumed by the latter for the implementation of the processing envisaged by the purposes referred to in points 1) and 2) of article 3;
  2. all subjects (including Public Authorities) who have the right to access data pursuant to regulatory or administrative provisions;
  3. third-party companies that provide essential support services for processing and have direct or indirect access to your data;
  4. third-party companies appointed by the Data Controller for the processing of data envisaged for the purposes referred to in points 3) of article 3;

All collaborators or suppliers used by the Data Controller for the processing of your personal data have been appropriately and legally authorized and responsible for the methods and purposes of the processing attributed to them and will act in compliance with and in accordance with this information.

The personal data provided by you and subsequently processed in relation to the management of the service are not subject to disclosure.

For the subjects indicated in points b), d) and e) only the category of recipients is indicated, as it is subject to frequent updates and revisions. Therefore, interested parties may request the updated list of recipients by contacting the Data Controller through the channels indicated in the art. 1 of this information.

  1. Data retention times

Your personal data will be stored for the times defined by the relevant legislation, which are specified below pursuant to art. 13, paragraph 2, letter a) GDPR:

  • for the purposes indicated in points 1), 2) of article 3 for the times prescribed by the laws in force and in any case for a period of no less than 10 (ten) years
  • for the purposes indicated in points 3) of the art. 3 for 2 (two) years from the moment of issuing consent to the treatment
  1. Exercise of rights by the interested party

Pursuant to articles 13, paragraph 2, letters b) and d), 15, 18, 19 and 21 GDPR, the interested party is informed that he has the right to:

  1. Access to personal data: obtain confirmation whether or not data concerning you is being processed and, in this case, access to the following information: the purposes, the categories of data, the recipients, the retention period, the right to lodge a complaint with a supervisory authority, the right to request rectification or cancellation or limitation of processing or opposition to the processing itself as well as the existence of an automated decision-making process;
  2. Request for rectification or cancellation of the same or limitation of processing concerning you; “limitation” means the marking of the data stored with the aim of limiting their processing in the future;
  3. Opposition to processing: object for reasons related to your particular situation to the processing of data for the execution of a task of public interest or for the pursuit of a legitimate interest of the Data Controller;
  4. Data portability: in the case of automated processing carried out on the basis of consent or in execution of a contract, to receive the data concerning you in a structured, commonly used and machine-readable format; in particular, the data will be provided to you by the Data Controller in .xml format;
  5. Revocation of consent to processing for marketing purposes, both direct and indirect, market research and profiling; the exercise of this right does not prejudice in any way the lawfulness of the processing carried out before the revocation;
  6. Propose a complaint pursuant to art. 77 GDPR to the competent supervisory authority based on your habitual residence, place of work or place of violation of your rights; for Italy, the Guarantor for the protection of personal data is responsible and can be contacted via the contact details on the website http://www.garanteprivacy.it.

The aforementioned rights may be exercised by sending a specific request to the Data Controller via the contact channels indicated in the art. 1 of this information.

Requests relating to the exercise of your rights will be processed without unjustified delay and, in any case, within one month of the request; only in cases of particular complexity and the number of requests can this deadline be extended by a further 2 (two) months.

  1. Personal Data Protection Officer (DPO)

The Data Controller has designated the Personal Data Protection Officer – so-called. Personal Data Protection Officer or “RPD” – pursuant to art. 37, GDPR, the company Top Management Consulting Srl, in the person of the legal representative Eng. Maurizio Squaiella, with registered office in 36100 Vicenza, Via dei Cairoli n. 71, tax code 03947550244, who can be contacted for any information and/or requests by sending an e-mail privacy@sabigroup.it.

The exercise of rights is not subject to any formal constraints and is free. The email address for exercising rights is privacy@sabigroup.it

Fonderia SA.BI. Spa

INFORMATION ART. 13 OF THE EUROPEAN REGULATION n. 2016/679

(General Data Protection Regulation)

  1. Data controller

The Data Controller is Fonderia Sabi Spa (VAT no.00071690937), in the person of the legal representative pro tempore, with registered office in Roveredo in Piano, via Brentella, 38 www.sabigroup.it, hereinafter “the Data Controller”.

The Data Controller provides the interested party with complete information on the purposes and methods of processing personal data.

  1. Methods of processing personal data

Personal data (e.g. personal data, telephone number, email, etc.) are processed on computer media or in any case with the aid of computerized or automated tools and entered into the relevant banks, which can be accessed by those in charge of data processing, in compliance with security measures and, in any case, in such a way as to guarantee the integrity, security and confidentiality of the data themselves. The processing may also be carried out by third parties who provide specific processing, administrative or instrumental services necessary to achieve the purposes set out below.

  1. Purpose of the processing

The Data Controller will process your personal data for the following purposes:

  • carrying out contractual and pre-contractual activities
  • fulfillment of tax or legal obligations
  • sending communications and information for commercial purposes

Furthermore, personal data will be processed exclusively for purposes strictly connected and instrumental to the fulfillment of the obligations relating to the aforementioned points.

The consent expressed by you is the legal basis of the processing pursuant to art. 13, paragraph 1), letter c) of the GDPR.

  1. Nature of the provision

The provision of your data for the purposes referred to in points 1) and 2) of article 3 does not require any formal consent as it is preparatory and essential to any contractual or pre-contractual relationship.

The provision of your data for the purposes referred to in points 3) of the art. 3 is optional and requires your express consent. Failure to consent will exclusively imply the consequences described below: the impossibility of sending communications and information for commercial purposes.

In any case, if you have given express consent to authorize the Data Controller to pursue the purposes referred to in points 3) of the art. 3, you will however remain free to revoke it at any time by sending a communication without any formalities to the email address privacy@sabigroup.it. Following receipt of this opt-out request, the Data Controller will promptly remove and delete the data from the databases used for processing for the purpose of sending communications and information for commercial purposes. The mere receipt of the cancellation request will automatically constitute confirmation of cancellation.

  1. Recipients or category of recipients of personal data

The personal data provided by you, for the purposes described above, may be brought to the attention of employees and/or collaborators of the Data Controller and communicated to the following subjects:

  1. third-party companies possibly appointed by the Data Controller to carry out the obligations assumed by the latter for the implementation of the processing envisaged by the purposes referred to in points 1) and 2) of article 3;
  2. all subjects (including Public Authorities) who have the right to access data pursuant to regulatory or administrative provisions;
  3. third-party companies that provide essential support services for processing and have direct or indirect access to your data;
  4. third-party companies appointed by the Data Controller for the processing of data envisaged for the purposes referred to in points 3) of article 3;

All collaborators or suppliers used by the Data Controller for the processing of your personal data have been appropriately and legally authorized and responsible for the methods and purposes of the processing attributed to them and will act in compliance with and in accordance with this information.

The personal data provided by you and subsequently processed in relation to the management of the service are not subject to disclosure.

For the subjects indicated in points b), d) and e) only the category of recipients is indicated, as it is subject to frequent updates and revisions. Therefore, interested parties may request the updated list of recipients by contacting the Data Controller through the channels indicated in the art. 1 of this information.

  1. Data retention times

Your personal data will be stored for the times defined by the relevant legislation, which are specified below pursuant to art. 13, paragraph 2, letter a) GDPR:

  • for the purposes indicated in points 1), 2) of article 3 for the times prescribed by the laws in force and in any case for a period of no less than 10 (ten) years
  • for the purposes indicated in points 3) of the art. 3 for 2 (two) years from the moment of issuing consent to the treatment
  1. Exercise of rights by the interested party

Pursuant to articles 13, paragraph 2, letters b) and d), 15, 18, 19 and 21 GDPR, the interested party is informed that he has the right to:

  1. Access to personal data: obtain confirmation whether or not data concerning you is being processed and, in this case, access to the following information: the purposes, the categories of data, the recipients, the retention period, the right to lodge a complaint with a supervisory authority, the right to request rectification or cancellation or limitation of processing or opposition to the processing itself as well as the existence of an automated decision-making process;
  2. Request for rectification or cancellation of the same or limitation of processing concerning you; “limitation” means the marking of the data stored with the aim of limiting their processing in the future;
  3. Opposition to processing: object for reasons related to your particular situation to the processing of data for the execution of a task of public interest or for the pursuit of a legitimate interest of the Data Controller;
  4. Data portability: in the case of automated processing carried out on the basis of consent or in execution of a contract, to receive the data concerning you in a structured, commonly used and machine-readable format; in particular, the data will be provided to you by the Data Controller in .xml format;
  5. Revocation of consent to processing for marketing purposes, both direct and indirect, market research and profiling; the exercise of this right does not prejudice in any way the lawfulness of the processing carried out before the revocation;
  6. Propose a complaint pursuant to art. 77 GDPR to the competent supervisory authority based on your habitual residence, place of work or place of violation of your rights; for Italy, the Guarantor for the protection of personal data is responsible and can be contacted via the contact details on the website http://www.garanteprivacy.it.

The aforementioned rights may be exercised by sending a specific request to the Data Controller via the contact channels indicated in the art. 1 of this information.

Requests relating to the exercise of your rights will be processed without unjustified delay and, in any case, within one month of the request; only in cases of particular complexity and the number of requests can this deadline be extended by a further 2 (two) months.

  1. Personal Data Protection Officer (DPO)

The Data Controller has designated the Personal Data Protection Officer – so-called. Personal Data Protection Officer or “RPD” – pursuant to art. 37, GDPR, the company Top Management Consulting Srl, in the person of the legal representative Eng. Maurizio Squaiella, with registered office in 36100 Vicenza, Via dei Cairoli n. 71, tax code 03947550244, who can be contacted for any information and/or requests by sending an e-mail privacy@sabigroup.it.

The exercise of rights is not subject to any formal constraints and is free. The email address for exercising rights is privacy@sabigroup.it