Privacy Policy of www.naratiezzi.it
This privacy notice describes how we process the personal data of Users who interact with the website www.naratiezzi.it (hereinafter, the “Site”), in compliance with Regulation (EU) 2016/679 (“GDPR”) and applicable national legislation.
1. Data Controller
CENTROTTICA S.R.L.
Via di Sinalunga, 41 – 52045 Foiano della Chiana (AR), Italy
📩 Email: privacy@naratiezzi.it
2. Types of Data Collected
The Personal Data collected by the Site, independently or through third parties, includes:
- first name, last name, email, city, province, country, state;
- company name, business sector;
- usage data (anonymized IP addresses, browser and device information, system logs, session statistics, city latitude and longitude);
- data voluntarily provided through contact forms or newsletter subscriptions;
- cookies and tracking tools (refer to the Cookie Policy).
| Data Category | Details / Examples | Source |
|---|---|---|
| Personal identification | First name, last name, email, city, province, country, state | Provided by User (form) |
| Business data | Company name, business sector | Provided by User |
| Usage data (anonymized) | Anonymized IP, browser/device info, system logs, session statistics, city lat/long | Automatically collected |
| Communications | Data entered in contact forms / newsletter | Provided by User |
| Cookie / tracking | Technical cookies, preferences, analytics, marketing | Automatic / third parties |
Unless otherwise specified, all requested Data is mandatory: failure to provide it may make it impossible to provide the requested services.
The User assumes responsibility for any Personal Data of third parties shared through the Site.
3. Purposes and legal basis for processing
| Purpose | Legal basis | Ref. art. 6 GDPR |
|---|---|---|
| Managing contact requests | Execution of pre-contractual measures or contract | art. 6(1)(b) |
| Newsletter subscription / commercial communications | User consent | art. 6(1)(a) |
| Statistics and traffic analysis (Google Analytics with anonymized IP) | Consent | art. 6(1)(a) |
| Tag management (Google Tag Manager) | Legitimate interest of the Controller (technical management) | art. 6(1)(f) |
| Display of content from external platforms (Google Fonts, Google Maps, YouTube) | Consent | art. 6(1)(a) |
| Compliance with legal obligations | Legal obligation | art. 6(1)(c) |
| Protection of rights in legal proceedings or in case of abuse | Legitimate interest of the Controller | art. 6(1)(f) |
4. Methods and place of processing
Processing is carried out using IT and telematic tools, according to principles of lawfulness, fairness, transparency, and security.
Data is processed at the Controller’s operational headquarters and possibly by suppliers and partners appointed as Data Processors (hosting providers, IT companies, communication agencies, etc.).
👉 The “updated list of Data Processors can be requested by writing to the Controller.
Some data may be transferred outside the” European Union (e.g., USA, through Google or Meta services), with adequate measures compliant with GDPR Articles 44 et seq. (e.g., Standard Contractual Clauses).
5. Retention period
| Type / Purpose | Retention duration |
|---|---|
| Data collected for contractual purposes | Until the end of the relationship |
| Data processed for legitimate interest | Until the interest is satisfied |
| Data processed based on consent (e.g., newsletter) | Until consent withdrawal and max 24 months from last interaction |
| Data collected through contact forms | Max 12 months after request closure |
| Navigation data / technical logs | Max 12 months |
| Legal obligations | As required by applicable law |
At the end, Data is deleted or anonymized.
6. User Rights (art. 15-22 GDPR)
The User has the right to:
- withdraw consent at any time;
- object to the processing of their Data;
- access their Data and obtain a copy;
- request rectification or updating;
- request deletion (“right to be forgotten”);
- restrict processing;
- receive their Data in a portable format (portability);
- file a complaint with the Data Protection Authority: www.garanteprivacy.it.
Requests can be sent free of charge to privacy@naratiezzi.it.
7. Minors
The Site does not intentionally collect data relating to individuals under 14 years of age.
If such data is inadvertently collected, it will be deleted without delay.
8. Legal Defense
Personal Data may be used by the Controller in legal proceedings or for defense against Site abuse, based on the Controller’s legitimate interest (art. 6(1)(f) GDPR).
9. Changes to this Privacy Policy
The Controller reserves the right to make changes to this notice at any time, informing Users on this page and, where possible, via email.
Last updated: August 2024
