Privacy Policy

Privacy Notice pursuant to Article 13 of GDPR 2016/679
Information on the processing of personal data collected drom the data subject

In compliance with Regulation (EU) 2016/679 (European General Data Protection Regulation), we provide you with the necessary information regarding the processing of personal data you have provided. This notice is issued pursuant to Article 13 of Regulation (EU) 2016/679.
TYPES OF DATA PROCESSED / PROCESSABLE DATA
Personal data
For the purposes of Article 4 of GDPR 2016/679, “personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity (Recitals 26, 27, 30).
User data
Browsing data
The IT systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. These are information not collected to be associated with identified data subjects, but which, by their nature, could allow users to be identified through processing and association with data held by third parties. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the server’s response (success, error, etc.), and other parameters related to the user’s operating system and IT environment.
Data voluntarily provided
The optional, explicit, and voluntary sending of messages to the contact addresses provided on this website and/or the completion of data collection forms involves the subsequent acquisition of the data necessary to respond to the requests.
COOKIES
For cookies and similar technologies, please refer to the cookies policy in the website footer. For non-technical cookies and equivalent technologies, the legal basis is consent pursuant to Article 6(1)(a) of the GDPR..

DATA CONTROLLER, pursuant to Article 4 of Regulation (EU) 2016/679, the Data Controller is SIFIM SRL, headquartered at Via Ignazio Silone 3, 60035 Jesi (AN), Italy, Tel. +39 0731 60401, email: claudia.sanchioni@sifim.it, represented by its pro tempore legal representative.

DATA PROTECTION OFFICER (DPO) A Data Protection Officer has not been appointed, as the processing activities do not fall within those requiring designation under Article 37 of the GDPR.

PURPOSE OF PROCESSING
A) Browsing the present website

• Legal basis: Pursuant to Article 6(1)(f) of GDPR 2016/679, the legal basis is legitimate interest: “processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by third parties, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, particularly where the data subject is a minor.”
  In this case, the legitimate interest consists of activities strictly necessary for the proper functioning of the website and the provision of the browsing service.
• Retention period: Duration of the browsing session (subject to any need for investigation of offenses by judicial authorities).
• Provision of data: Provision of data is necessary for browsing the website.

B) Completion of the contact form
Following the completion of the contact form by the data subject on the website, the company will process the data in order to respond to your requests.
Please note that the form is prohibited for users under 14 years of age (or considered minors under the jurisdiction of their country of residence). Users who do not meet the required age criteria must not enter personal data in the form.

• Legal basis: Pursuant to Article 6(1)(b) of the GDPR, processing is necessary for the performance of pre-contractual measures at the request of the data subject.
• Retention period: The data will be retained until the request is fulfilled, and for a maximum of 1 year.
• Provision of data: Provision of data is optional; however, failure to provide or incomplete provision of data indicated as necessary will prevent the foundation from responding to the request.

RECIPIENTS OR CATEGORIES OF DATA RECIPIENTS
The personal data provided will be communicated to recipients who will process the data as data processors (pursuant to Article 28 of Regulation (EU) 2016/679) and/or as natural persons acting under the authority of the Data Controller or the Data Processor (pursuant to Article 29 of Regulation (EU) 2016/679), or who operate fully independently as separate Data Controllers for the purposes described above.The list of Data Processors is continuously updated and is available at the Data Controller’s registered office and via the contact details provided above.

TRANSFER OF DATA TO A THIRD COUNTRY
Your personal data will not be transferred outside the European Union.

DATA SUBJECT RIGHTS
You may exercise your rights as provided by Regulation (EU) 2016/679, Articles 15 et seq., by contacting the Data Controller. You have the right, at any time, to request access to your personal data, rectification, or deletion of such data. Additionally, you have the right to data portability.Without prejudice to any other administrative or judicial remedies, if you believe that the processing of your personal data violates the provisions of Regulation (EU) 2016/679, pursuant to Article 15(f) of the aforementioned Regulation, you have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali – www.garanteprivacy.it

CHANGES TO THE PRIVACY NOTICE
The Data Controller reserves the right, at its sole discretion, to change, modify, add, or remove any part of this privacy notice at any time. To facilitate verification of any changes, the notice will indicate the date it was last updated.

Last update: 09/02/2026

Data Controller: SIFIM SRL