Privacy Policy


(ART. 13 EU REGULATION 679/2016)


  1. Definitions

From Articles 4, 37-39 of Regulation (EU) 679/2016 (hereinafter also referred to as Regulation)

Personal data” shall mean any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as name, identification number, location data, online identifier, or to one or more factors specific to his physical, physiological, genetic, mental, economic, cultural or social identity.

Usage Data“: are the information collected automatically by this Application (or by third party applications that this Application uses), including: IP addresses or domain names of the computers used by the user connecting with this application, URI (Uniform Resource Identifier) addresses, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply from the server (successful, error, etc.), the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (for example, the time spent on each page) and the details of the itinerary followed within the application, with particular reference to the sequence of the pages consulted, the parameters relating to the operating system and the User’s IT environment.

Processing” means any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction

Profilation” means any form of automated processing of personal data using such personal data to evaluate specific personal aspects relating to a natural person, in particular to analyse or predict aspects of that natural person’s professional performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or travel.

User” means the individual who uses this application, who must be the same as or authorized by the Interested Party and whose personal data are subject to any processing.

Controller of the processing” shall mean the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for designation of the controller may be determined by Union or Member State law.

Controller” means any natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

Data Protection Officer (also Data Protection Officer – DPO)“: mandatory in certain cases provided for by art. 37 of the Regulation. It advises, monitors, coordinates and manages relations with the Supervisory Authority regarding the processing of personal data.

This Application“: the hardware or software tool through which your personal data is collected.

Contacts“: service provided to Users interested in receiving information about the services provided by the Data Controller.


  1. Data controller

The “Data Controller” of any personal data processed as a result of the use of the website is Ceramica Gazzini S.p.a., with registered office in Rubiera (Reggio Emilia), Via Milano n. 2, Italy.


  1. Purpose and lawfulness of data processing

Users who access this site and use the “Contact” service, will voluntarily provide some information necessary to access the service. This includes, in particular, First Name, Last Name, and E-Mail.

The data of the users are used only to perform the service or the service / information requested and will not be disseminated to third parties.

The Data Controller has determined the purposes of the treatment identified in carrying out the activities of the Data Controller.


  1. Legal basis for processing

By using the “Contact” service, the interested party expresses his/her consent to the processing of his/her personal data for the purposes described in article 2 above; the legal basis of the processing is, therefore, that provided for by article 6, paragraph 1, letter a) of Regulation (EU) 679/2016.


  1. Communication and recipients of personal data

The communication of personal data will be made only and exclusively to employees and direct collaborators of the Data Controller for the sole purpose of performing the service requested by the user, unless such communication is required by law.

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on the site implies the subsequent acquisition of the sender’s address, to which the reply to the requests made will be sent, as well as any other personal data included in the message.

We invite users, in requests for services or in questions, not to send names and / or other personal data of third parties that are not strictly necessary or “special” data as per Articles. 9 and 10 of Regulation (EU) 679/2016.


  1. Modalities and means of treatment

Personal data are processed by automated means, for the time necessary to achieve the purposes for which they were collected.

Specific security measures are observed to prevent loss of data, illicit or incorrect use and unauthorised access in compliance with the obligations to adapt to adequate security measures. All data will be acquired and stored in accordance with articles 32, 33 and following of EU Regulation 679/2016.

The Owner is not responsible for errors, content, cookies, publication of illegal immoral content, advertising, banners or files that do not comply with current legislation by sites not managed by him.


  1. Transfer of data to a third country

No transfer of data to a third country is foreseen.


  1. Automated decision making

There is no automated decision-making process.

  1. Duration of treatment

The personal data acquired, also through the “Contact” service, will be kept for the duration necessary to carry out the activities requested by the User and in any case for a period not exceeding 24 months from the insertion. The storage time may be extended and involve the acquisition of further data subsequently, in the event that the user requests services or purchases goods, in which case the duration of treatment for administrative, accounting, tax and contractual purposes may be extended up to 10 years from the end of the relationship, as required by current regulations (Article 2220 of the Civil Code, Article 22 of Decree of the President of the Republic of 29 September 1973 No. 600 and Article 2200 of the Civil Code). The technical navigation cookies (described below), will be stored for the sole purpose of allowing the correct technical functioning of the site itself and will expire automatically when the browser is closed.


  1. Type of data processed browsing

The computer systems and software procedures used to operate this website automatically acquire, during their normal operation, some personal data whose transmission is implicit in the communication protocols of the Internet. This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow the identification of users. This category of data includes internet protocol (IP) addresses or domain names of computers used by users connecting to the site, URL (Uniform Resource Locator) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment. These data are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data in question could be used to ascertain liability in the event of any computer crimes against our site. Hosting and infrastructure backend. This type of service has the function of hosting data and files that allow this Application to work, allow its distribution and provide a ready-to-use infrastructure to provide specific functions of this application. Some of these services operate through servers located geographically in different locations, making it difficult to determine where your Personal Information is stored exactly. The domain is activated on Aruba, a hosting service provided by Aruba Business s.r.l.


  1. Rights of data subjects

The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of such data and to know its content and origin, verify its accuracy or request it to be integrated, updated, or corrected. The subjects whose personal data also have the right to request cancellation, transmission of data to other holders, transformation into anonymous form or blocking of data processed in violation of the law, and to oppose in any case, for legitimate reasons, to their treatment. Data subjects also have the right to lodge a complaint with the supervisory authority (Garante Privacy). Below is art. 13 of European regulation 679/2016 which lists these rights.

  Article 13 Information to be provided where personal data are collected from the data subject

  1. Where personal data relating to a data subject are collected from the data subject, the controller shall, at the time when personal data are obtained, provide the data subject with all of the following information:

a. the identity and the contact details of the controller and, where applicable, of the controller’s representative;

b. the contact details of the data protection officer, where applicable;

c. the purposes of the processing for which the personal data are intended as well as the legal basis for the processing;

d. where the processing is based on point (f) of Article 6(1), the legitimate interests pursued by the controller or by a third party;

e. the recipients or categories of recipients of the personal data, if any;

f. where applicable, the fact that the controller intends to transfer personal data to a third country or international organisation and the existence or absence of an adequacy decision by the Commission, or in the case of transfers referred to in Article 46 or 47, or the second subparagraph of Article49(1), reference to the appropriate or suitable safeguards and the means by which to obtain a copy of them or where they have been made available.

  1. In addition to the information referred to in paragraph 1, the controller shall, at the time when personal data are obtained, provide the data subject with the following further information necessary to ensure fair and transparent processing:

a. the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;

b. the existence of the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability;

c. where the processing is based on point (a) of Article 6(1) or point (a) of Article 9(2), the existence of the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;

d. the right to lodge a complaint with a supervisory authority;

e. whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data and of the possible consequences of failure to provide such data;

f. the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

  1. Where the controller intends to further process the personal data for a purpose other than that for which the personal data were collected, the controller shall provide the data subject prior to that further processing with information on that other purpose and with any relevant further information as referred to in paragraph 2.
  1. Paragraphs 1, 2 and 3 shall not apply where and insofar as the data subject already has the information.


  1. Contact details

Requests relating to art. 13 of EU Regulation 679/2016 must be addressed to the Data Controller by email to .