Privacy Policy

According to EU Reg. 2016/679

Website Policy

ALL WEBSITES
FDM GMBH
PIOVAN DO BRASIL LTDA

The following describes the website’s procedures for the processing of the personal data of its users. Please note that this privacy policy is issued to all the people that interact with the web services of the Data Controller and PiovanGroup companies.

In detail, in relation to the processing of personal data provided, we inform you that:

DATA CONTROLLER

Visiting this website may lead to processing of the personal data of identifiable or unidentifiable subjects.

The Data Controller is the company Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, tel. + 39 041 5799111, fax +39 041 5799244, mail: piovanspa@legalmail.it (hereinafter referred to as "the Company").

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

NAVIGATION DATA

During their normal operation, the IT systems and software procedures which operate this website acquire some personal data, the transmission of which is implicit in the use of Internet communications protocols. These data are not gathered for association with identified subjects, but by their very nature, when processed or associated with data held by third parties, they might allow users to be identified.

This category of data includes the IP addresses or domain names of the computers used by users who log onto the website, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used when submitting the request to the server, the size of the file obtained in reply, the numerical code indicating the server’s response status (concluded successfully, error, etc.) and other parameters relating to the user’s operating system and IT environment.

These data are used for the sole purpose of obtaining anonymous statistical information concerning the use of the website and to check that it is operating correctly, and they are deleted immediately after processing. The data might be used in order to identify those responsible in the event of IT crimes against the site: except for this case, data concerning web contacts are not currently held for more than a few months.

Therefore, the legal basis for the processing is the Data Controller's lawful interest in the provision and improvement of the services supplied by the website.

DATA SUPPLIED VOLUNTARILY BY THE USER

If users/visitors who connect to this website send their personal data in order to access specific services (unsolicited job applications, replies to job offers or requests for information/documents) or to submit enquiries by email, this may involve the acquisition by the Data Controller of the sender's address and/or any other personal data, which will be processed solely in order to reply to the request, or for the provision of any services.

The optional, explicit, voluntary dispatch of emails to the addresses provided on this website, or the compilation of specific data input forms in order to obtain services/information or submit enquiries, leads to the subsequent acquisition of the sender’s address, necessary in order to reply to the enquiry, and any other personal data included.

The personal data of users who submit inquiries are processed for the sole purpose of providing the service or function requested unless otherwise envisaged by any additional specific data processing information provided in the specific login or registration pages.

Specific summarised information and any requests for consent, if necessary, will be progressively provided or displayed on the pages of the site relating to individual optional services.

Therefore, the legal basis for the data processing is the fulfilment of contractual obligations (requests) provided by the applicant user/consent.

COOKIES

Cookies are small text files saved on the computer's hard disk, used to supply services and/or information regarding use of the website. This website mainly uses session cookies, which are therefore erased from the hard disk at the end of the session (when the user logs off or shuts down the browser). For statistical purposes the following cookies are used: Google Tag Manager (Google Inc.). Personal data collected: cookies and usage data.

Purpose: these services allow the Data Controller to monitor and analyse traffic data and track user behaviour in the websites navigation (web application).

To display content from external platforms, cookies are used for: YouTube Video Widget (Google Inc.), Google Maps Widget (Google Inc.). Personal data collected: cookies and usage data.

Purpose: these services allow to view content hosted on external platforms directly from the pages of the sites (web application) and to interact with them. It is possible that, even if users do not use the service, it collects traffic data relating to the pages in which it is installed.

No cookies are used for the transmission of information of a personal nature. Users may refuse to use cookies by setting their browser accordingly, but this might prevent them from making full use of the website's functions. Therefore, by using this website, users also consent to the use of their personal data by Google in the manner and for the purposes above mentioned.

Therefore, the legal basis for the use is (i) the Data Controller's lawful interest in the case of technical cookies, and (ii) the consent of the data subject for profiling cookies.

For further information, please refer to the specific Cookie policy statement available at the following link

COMMUNICATION OF DATA TO THIRD PARTIES AND TRANSFER OF DATA TO THIRD COUNTRIES

The processing of data related to this site’s web services takes place at the aforesaid registered office of the Data Controller, at the location specified by the website manager, and are managed by personnel in charge of data processing, or any staff appointed to perform occasional maintenance work.

No data deriving from the web service are disseminated. No navigation data are communicated to third parties.

Personal data supplied by the user (such as name, surname, company, email, telephone and role within the company) are processed by the Company's internal staff in order to reply to enquiries or for newsletter sending.

Subject to the above and always unless otherwise specified in the individual privacy policy statement for the service requested, data are only communicated to third parties if this is necessary for the provision of the service or function requested (e.g. submission of complaints).

Navigation and personal data supplied by the user and the other types of data processed are not transferred to third countries.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Personal data are processed with the aid of IT tools. Personal data supplied by the user are stored for the period necessary for the fulfilment of the specified purposes.

Navigation data are stored for the period necessary for the fulfilment of the specified purposes and for no more than 30 days after collection. Technical cookies expire at the end of the browsing session. No automated decision-making process including profiling is carried out via the website.

Specific security measures are implemented to prevent the loss of data, illegal or improper use, or unauthorised access.

PROVISION OF DATA

Except for what has been specified about navigation data, the user is free to supply or withhold the personal data in the enquiry forms, or in any way indicated in contacts with the Data Controller. Failure to submit these data may make it impossible to provide the service requested.

The Company, owner of the website and Data Controller, reserves the right to cancel the subscription and cease the supply of services if the data supplied to access specific services are found to be inaccurate.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation.

In case of alleged violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

CONTACTS AND REQUESTS 

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com or a communication via fax to: +39 041 5799244.

The following describes the website’s procedures for the processing of the personal data of its users. Please note that this privacy policy is issued to all the people that interact with the web services of the Data Controller and PiovanGroup companies.

In detail, in relation to the processing of personal data provided, we inform you that:

CONTROLLER

Visiting this site may lead to processing of the personal data of identifiable or unidentifiable subjects. Joint controllers are:

Piovan S.p.A., with legal offices based in Venice (VE) - Italy, Santa Maria di Sala, Via delle Industrie n. 16, and certified e-mail: piovanspa@legalmail.it

and

FDM GmbH Maschinen – und Anlagenbau, with registered offices in Junkersring 24, D-53844 Troisdorf

Both are jointly responsible but respectively also fully responsible individually. The aforementioned controllers shall jointly determine the purpose and means of processing. In particular, the respective controllers perform the functions listed as follows.

  • Piovan S.p.A. is responsible for the provision and technical operation of this website, in particular the choice of technical means and newsletter dispatch.
  • FDM GmbH Maschinen- und Anlagenbau is responsible for the processing of applications and contact inquiries sent to FDM via the Website or by e-mail. Piovan S.p.A. might have access to all data processed in this context.

Data subject may exercise his or her rights under this Regulation in respect of and against each of the controllers.

CONTACT, DATA PROTECTION OFFICER FDM GMBH

If you have any questions or comments regarding this policy or data protection in general, please contact us by e-mail at privacy@piovan.com. You can also contact FDM's Data Protection Officer by e-mail at datenschutz@rickert.net or confidentially by post at DSB FDM GmbH, c/o Rickert Rechtsanwaltsgesellschaft mbH, Kaiserplatz 7-9, D-53113 Bonn.

TYPES OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF THE PROCESSING

NAVIGATION DATA

During their normal operation, the IT systems and software procedures which operate this website acquire some personal data the transmission of which is implicit in the use of Internet communications protocols. These data are not gathered for association with identified subjects, but by their very nature, when processed or associated with data held by third parties, they might allow users to be identified.

This category of data includes the IP addresses or domain names of the computers used by users who log onto the site, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used when submitting the request to the server, the size of the file obtained in reply, the numerical code indicating the server’s response status (concluded successfully, error, etc.) and other parameters relating to the user’s operating system and IT environment.

These data are used for the sole purpose of obtaining anonymous statistical information concerning the use of the website and to check that it is operating correctly and are deleted immediately after processing. The data might be used in order to identify those responsible in the event of IT crimes against the site; except in this case, data concerning web contacts are not currently held for more than a few months.

The legal basis for the treatment is therefore the data controller's lawful interest in the provision and improvement of the services supplied by the website.

HOST PROVIDER

Our website is stored and provided with servers of our host provider Telecom Italia, Via Di Val Cannuta, 250, 00166 Roma, Italy. Your data will only be processed in European data centres. Omniaweb Italia S.r.l., Via C. Cavour 32 - 35010 Vigonza (PD), supplies the setup and maintenance of the websites. The host provider processes in particular inventory data, contact data, contract data, usage data, meta and communication data of visitors or customers of the website. The legal basis is Art. 6 (1) 1 lit. f GDPR, based on our legitimate interests in the efficient and secure provision of web services. The host provider was contractually obliged by means of an order processing agreement in accordance with Art. 28 GDPR to process personal data only on our instructions.

DATA SUPPLIED VOLUNTARILY BY THE USER

If users/visitors who connect to this website send their personal data in order to access specific services (unsolicited job applications, replies to job offers or requests for information/documents) or to submit enquiries by e-mail, this may involve the acquisition by the PiovanGroup of the sender's address and/or any other personal data, which will be processed solely in order to reply to the request, or for the provision of any services.

The optional, explicit, voluntary dispatch of e-mails to the addresses provided on this site, or the compilation of specific data input forms in order to obtain services/information or submit enquiries, leads to the subsequent acquisition of the sender’s address, necessary in order to reply to the enquiry, and any other personal data included.

The personal data of users who submit inquiries are processed for the sole purpose of providing the service or function requested unless otherwise envisaged by any additional specific data processing information provided in the specific login or registration pages. Specific summarised information, and any requests for consent, if necessary, will be progressively provided or displayed on the pages of the site relating to individual optional services.

The legal basis for the data processing is, therefore, the fulfilment of contractual obligations (requests) provided by the applicant user/consent.

NEWSLETTER, MAGNEWS, NEWSLETTER ANALYTICS

If you wish to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data will not be collected or will only be collected on a voluntary basis.

The data entered in the newsletter registration form will be processed exclusively on the basis of your consent Art. 6 (1) 1 lit. a) GDPR. You can withdraw your consent to the processing of your e-mail address and its use for sending the newsletter at any time, for example by clicking on the "Unsubscribe" link in the footer of the newsletter.

The data will be stored until you unsubscribe from the newsletter. Nevertheless, we are entitled to store your withdrawal as evidence of your consent.

We use “MagNews” to send newsletters. The provider is Diennea S.r.l., Viale G. Marconi n. 30/14, 48018 Faenza RA. MagNews is a service that can be used to organize and analyse the sending of newsletters. The data you enter for newsletter subscription (e.g. e-mail address) will be stored on MagNews' servers within the European Union.

Our newsletters sent with MagNews enable us to analyse the behaviour of newsletter recipients. This may include analysing the percentage of recipients who have opened the newsletter message or the percentage of clicks or other macro data. For more information on data analysis by MagNews newsletters, please visit: https://www.magnews.com/our-services/.

Data processing is based on your consent Art. 6 (1) 1 lit. a) GDPR.

If you do not want MagNews to analyse your data, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

COOKIES

Cookies are small text files saved on the computer's hard disk, used to supply services and/or information regarding use of the website. The above mentioned websites mainly uses session cookies, which are therefore erased from the hard disk at the end of the session (when the user logs off or shuts down the browser). For statistical purposes the following cookies are used: Google Tag Manager (Google Inc.). Personal data collected: cookies and usage data.

Purpose: these services allow the Data Controller to monitor and analyse traffic data and track user behaviour in the websites navigation (web application).

To display content from external platforms, cookies are used for: YouTube Video Widget (Google Inc.), Google Maps Widget (Google Inc.). Personal data collected: cookies and usage data.

Purpose: these services allow you to view content hosted on external platforms directly from the pages of the sites (web application) and to interact with them. It is possible that, even if users do not use the service, it collects traffic data relating to the pages in which it is installed.

No cookies are used for the transmission of information of a personal nature. Users may refuse to use cookies by setting their browser accordingly, but this might prevent them from making full use of the website's functions. Therefore, by using the above mentioned websites, users also consent to the use of their personal data by Google in the manner and for the purposes set out above.

The legal basis for the use is therefore the data controller's lawful interest in the case of technical cookies and the consent of the data subject for profiling cookies.

For further information, please refer to the specific COOKIE policy statement available at the following link

COMMUNICATION TO THIRD PARTIES AND TRANSFER TO THIRD COUNTRIES

The processing of data related to this site’s web services takes place at the aforesaid registered office of the Data Controller, at the location specified by the website manager, solely by the data processing staff assigned, or any staff appointed to perform occasional maintenance work. No data deriving from the web service are disseminated.

Personal data supplied by the user (such as name, surname, e-mail, telephone and information in messages) are processed by the company's internal staff in order to reply to enquiries or for newsletter sending.

Subject to the above, and always unless otherwise specified in the individual privacy policy statement for the service requested, data are only communicated to third parties if this is necessary for the provision of the service or function requested (e.g. submission of complaints).

Navigation and personal data supplied by the user and the other types of data processed are not transferred to third countries.

VIDEOS

Our website uses plugins from YouTube and Vimeo to show you videos hosted on these portals. When you visit one of our sites equipped with a video plugin, a connection is established to the video provider’s servers. The video provider processes your IP address and the information that you are surfing on our website. This also applies if you are not logged in to Vimeo/YouTube or do not have an account. If you have an account with the video provider and are logged in, you may enable the video provider to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your account.

If we ask the users for their consent to the use of third party providers, the legal basis for the processing of data is art. 6 (1) lit. a GDPR. Otherwise, user data will be processed on the basis of our legitimate interests, i.e. interest in efficient, economical and user-friendly services, art. 6 (1) lit. f GDPR.

VIMEO
Provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. The information collected by Vimeo is transferred to the Vimeo server in the USA.

Vimeo is certified under Privacy Shield and thus offers the guarantee to maintain the European level of data protection, https://www.privacyshield.gov/participant?id=a2zt00000008V77AAE&status=Active. Further information on the handling of user data can be found in Vimeo's data protection declaration at: https://vimeo.com/privacy.

YOUTUBE
Provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. YouTube’s privacy policy can be found at https://policies.google.com/privacy and https://adssettings.google.com/authenticated. Settings for tracking and advertising at http://tools.google.com/dlpage/gaoptout?hl=de. The parent company is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. It is possible that the parent company processes data. Google LLC is certified under Privacy Shield and thus offers the guarantee to maintain the European level of data protection, https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

SOCIAL MEDIA

We maintain appearances in social media in order to communicate with customers and interested parties and to inform them. When calling up the respective networks, the conditions of the network operators apply. For the protection of your data we deliberately do not use social plugins. All displayed buttons are merely static links to our profiles on the platforms.

If you as a member of the linked platforms LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) or YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) should be logged in, these providers can link the access to our profiles with your user profiles there by clicking on the respective buttons. We would like to point out that when calling up the respective pages, the operators of the social networks are responsible within the meaning of art. 4 No. 7 GDPR.

You can find YouTube's data protection declaration at https://policies.google.com/privacy.

You can find LinkedIn's data protection declaration at https://www.linkedin.com/legal/privacy-policy?trk.

The parent companies of both providers are certified under the Privacy Shield Agreement and thus offer a guarantee of compliance with European data protection law.

LinkedIn: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

YouTube: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

STORAGE PERIOD

The data processed by us will be deleted or restricted in its processing in compliance with the statutory provisions, in particular in accordance with Art. 17 and 18 DS-GVO. Unless expressly stated within the scope of this data protection declaration, we delete data stored by us as soon as it is no longer required for its intended purpose. Beyond the point in time when the purpose ceases to exist, data is only retained if it is required for other legally permissible purposes or if the data must continue to be retained due to legal retention obligations. In these cases, processing is restricted, i.e. blocked, and not processed for other purposes. A legal obligation to retain data exists, for example, due to documentation obligations under tax and commercial law. In certain cases, longer retention may be necessary, for example for the purpose of preserving evidence within the framework of the statutory limitation provisions pursuant to Sections 194 et seq. of the German Civil Code (BGB). However, it is also possible that retention is required under Italian law.

Navigation data is stored for the period necessary to fulfil the stated purposes and for no longer than 30 days after collection. Technical cookies expire at the end of the browser session. No automated decision-making process, including profiling, is carried out via the website.

 

DATA SECURITY, AUTOMATED DECISION-MAKING 

The responsible parties use appropriate technical and organisational security measures to protect the data you have provided against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. These security measures are continuously improved in line with technological developments. Furthermore, all employees and vicarious agents are obliged to maintain data secrecy. Our security measures are continuously improved in line with technological developments.

For example, your personal data is transmitted securely by us using encryption. This applies to any input of personal data. We use the TLS (Transport Layer Security) encryption protocol for this purpose.

Automated decision-making does not take place.

PROVISION OF DATA

Except as specified for navigation data, the user is free to supply or withhold the personal data in the enquiry forms, or in any way indicated in contacts with the Data Controller. Failure to submit these data may make it impossible to provide the service requested.

The undersigned company, owner of the website and Data Controller, reserves the right to cancel the subscription and cease the supply of services if the data supplied to access specific services are found to be inaccurate.

YOUR RIGHTS

You may assert the following free rights against any person responsible for the processing of your personal data pursuant to Art. 4 No. 7 DS-GVO in accordance with the statutory provisions:

  • Right to withdraw your consent (Art. 7(3) DS-GVO).
  • Right to information: You can request information in accordance with Art. 15 DS-GVO about your personal data that we process.
  • Right to object: You have a right to object on specific grounds. You have the right to object at any time on grounds relating to your particular situation to the processing of your personal data which is carried out on the basis of Art. 6 (1) p. 1 lit. f) DS-GVO. The controller will then no longer process the personal data unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the assertion, exercise or defence of legal claims. The collection of data for the provision of the website and the storage of log files are absolutely necessary for the operation of the website.
  • Right to rectification: If the information concerning you is not (or is no longer) accurate, you may request a rectification in accordance with Art. 16 DS-GVO. If your data is incomplete, you can request that it be completed;
  • Right to erasure: You can request the erasure of your personal data in accordance with Art. 17 DS-GVO.
  • Right to restriction of processing: You have the right to request restriction of the processing of your personal data in accordance with Art. 18 DS-GVO.
  • Right to data portability: In the event that the requirements of Art. 20 (1) DS-GVO are met, you have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to third parties. The collection of data for the provision of the website and the storage of log files are absolutely necessary for the operation of the website. They are therefore not based on consent according to Art. 6 para. 1 sentence 1 lit. a) DS-GVO or on a contract according to Art. 6 para. 1 sentence 1 lit. b) DS-GVO, but are justified according to Art. 6 para. 1 sentence 1 lit. f) DS-GVO. The requirements of Art. 20 (1) DS-GVO are therefore not fulfilled.

You have the right to assert your rights against all jointly responsible persons.

You also have the right to complain to a data protection supervisory authority pursuant to Art. 77 et seq. DS-GVO to complain to a data protection supervisory authority about the processing of your personal data by the controllers. The supervisory authority responsible for FDM GmbH is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia, P.O. Box 20 04 44, 40102 Düsseldorf, e-mail: poststelle@ldi.nrw.de. An overview of all German supervisory authorities can be found at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Your privacy and the processing of your personal data is a priority for us.
All personal data are processed in accordance with the Brazilian General Data Protection Regulation (LGPD – Federal Law No. 13.709/2018).

The Data Controllers are Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, tel. + 39 041 5799111, fax +39 041 5799244, mail: piovanspa@legalmail.it, and the Brazilian branch, Piovan do Brasil Indústria e Comércio Ltda., with headquarters in Brazil located at Rua Constante Piovan, nº 40, Parque Industrial Água Vermelha, CEP 06276-038, Osasco – SP, and available for contact through the following channels: piovan@piovan.com.br, Telephone: (11) 3693-9500, and Website https://www.piovan.com/pt.

WHAT DO YOU NEED TO KNOW TO UNDERSTAND THIS POLICY?

In order to simplify the reading of this document, we present some useful definitions for its interpretation.

Personal Data
It is information related to a natural person and capable of identifying the person or making it possible for him to be identified. Examples of personal data that may allow your identification are: Name, CPF, telephone, email, company, title, license plate, etc.

Processing
It is any form of use that we may make of your Personal Data, including, but not limited to, the following activities: collection, storage, consultation, use, sharing, transmission, classification, reproduction, deletion and evaluation. This term (and other derivatives of it) will not be used with capital letters in this document.

The Data Subjects
It is You, the natural person to whom the Personal Data refers.

Companies
We are, Piovan S.p.A. and the Brazilian branch, Piovan do Brasil Indústria e Comércio Ltda.

Policy
It is this Privacy Policy.

WHAT TYPES OF DATA DO THE COMPANIES HANDLE?

The types of Personal Data and the way in which the Companies collect them comply with the principles of transparency, purpose and legitimacy. We intend to offer improvements in our legal services, and we use data provided directly by You.
We list below the situations in which we can handle your Personal Data:

Processing Purposes
I. Identify You in order to respond to your requests made through our service channels, in our Contacts tab.
II. Identify You for participation in our selection processes, with your consent.

Personal Data Used
I. Full Name
II. Email
III. Position
IV. Telephone
V. Location (indication of city and country)
VI. Company You work for

It is important to remember that You are responsible for the veracity and accuracy of the data provided and You can always contact us to rectify or keep them updated.
Do not forget that if You choose to unsubscribe from receiving our communications and content, You can do so via e-mail at privacidade@piovan.com.br, at any time. We inform You that the Personal Data collected in this environment is under our care and responsibility, and that its use, access and sharing, when necessary, will be done within the limits and business purposes described in this Policy.
We also carry out indirect processing of Personal Data to make this website work better. This information is obtained through cookies and third-party plugins sent to your browser and is strictly necessary for the functioning of the platform, and it is not possible to identify the user/owner from them.

We also warn You that by choosing to change the language for browsing our website to Portuguese, the traffic and data processing will also cover the terms of the Brazilian data protection legislation.

We point out that we do not collect any Sensitive Data through this platform and our content is not aimed at children and teenagers, so we do not assess, qualify or intentionally collect their Personal Data. If You are under 18 years of age, we ask You not to submit any personal data through our website or platforms without the express consent and participation of a responsible person.

WHO DO WE SHARE YOUR PERSONAL DATA WITH?

Your Personal Data are not commercialized, sold and/or traded with third parties. We only share them to the extent necessary for the purposes indicated above. Hosting the website with Develon S.r.l., in addition to the server Google and with our social media platforms, such as LinkedIn, Google Ads and YouTube.

However, we inform You that your data may be shared, proportionately and to fulfill the aforementioned purposes, with internal and external parties that contribute to the fulfillment of your request, as well as with other companies of the PiovanGroup.

Nevertheless, any international transfer of data will take place in accordance with the rules set out in Brazilian and European data protection regulations.

We remind You that the indicated Companies act as data operators and, therefore, can only process them for the purposes already established and under the terms of this Policy.

WHAT ARE YOUR RIGHTS AS A PERSONAL DATA SUBJECT?

Personal Data are Yours and Brazilian law grants You a series of rights related to them. We are committed to fulfilling these rights, and, in this section, we will explain what those rights are and how You can exercise them.

Confirmation and Access
You can ask the Companies to confirm that your Personal Data has been processed so that, if so, You can access them, including by requesting copies of the records we have about You.

Correction
You may request correction of your Personal Data if it is incomplete, inaccurate or out of date.

Anonymization, Blocking and Deletion
You may request (a) the anonymization of your unnecessary Personal Data so that it can no longer be related to You and therefore is no longer Personal Data; (b) blocking your Personal Data, temporarily suspending our ability to process them for certain purposes; and (c) the deletion of your Personal Data, in which case we must delete all of your Personal Data without the possibility of reversal.

Portability
You may request the Companies to provide your Personal Data in a structured and interoperable format with a view to its transfer to a third party, provided that such transfer does not violate intellectual property or trade secret.

Sharing Information
You have the right to know which public and private entities are sharing your Personal Data. We will keep the subheading “Who do we share your Personal Data with?” of this Policy an indication of our relationships with third parties that may involve the sharing of Personal Data. In any case, if You have any questions or want more details, You have the right to ask us for this information. Depending on the application, we may limit the information provided to You if disclosure would violate intellectual property or trade secrets.

Information about the possibility of not providing consent
You have the right to receive clear and complete information about the possibility and consequences of not providing consent, when requested. Your consent, when necessary, must be free and informed. Therefore, whenever we ask for your consent, You are free to deny it – in these cases, some services may not be able to be provided.

Withdrawal of consent
If You have consented for any purpose of processing your Personal Data, You can always choose to withdraw your consent. However, this will not affect the legality of any Processing carried out prior to revocation. If You withdraw your consent, we may be unable to provide You with certain services, but we will notify You when this occurs.

Opposition
The law authorizes the processing of Personal Data even without your consent or a contract with us. In these situations, we will only process your Personal Data if we have legitimate reasons to do so. If You do not agree with any purpose for the processing of your Personal Data, You may file an opposition, requesting its interruption.

For your security, whenever You submit a request to exercise your rights, the Companies may request some additional information and/or documents so that we can verify your identity, seeking to prevent fraud. We do this to ensure everyone's safety and privacy. In some cases, the Companies may have legitimate reasons for failing to comply with a request to exercise rights. These situations include, for example, cases in which a disclosure of specific information could violate intellectual property rights or business or third-party secrets, as well as cases in which requests to delete data cannot be met due to the existence of an obligation to retention of data, whether to comply with legal or regulatory obligations or to enable the Companies or third parties to defend themselves in disputes of any nature. Also, some requests may not be responded to immediately, but the Companies undertake to respond to all requests within a reasonable time and always in accordance with applicable law.

If You have any questions about these issues or about how You can exercise your rights, please feel free to contact us through the channels provided at the end of this Policy.

HOW LONG IS PERSONAL DATA STORED?

The Companies have a Personal Data retention policy in line with applicable law. Personal Data is stored only for as long as necessary to fulfill the purposes for which it was collected, unless there is any other reason for its maintenance, such as, for example, compliance with any legal, regulatory, contractual, among other obligations allowed under the law. We always carry out a technical analysis to determine the appropriate retention period for each type of Personal Data collected, considering its nature, collection need and purpose for which it will be processed, as well as any retention needs to fulfill obligations or safeguard of rights.

HOW DO WE PROTECT YOUR PERSONAL DATA?

Our responsibility is to take care of your Personal Data and use it only for the purposes described in this Policy. To guarantee your privacy and the protection of your Personal Data, we adopt advanced technological resources to guarantee the security of all processed data. Among the security measures implemented are the implementation of user access control and data processing environments and the installation of barriers against unauthorized access to databases (including firewalls), among other information security controls. We strive to protect the privacy of your Personal Data, but, unfortunately, we cannot guarantee complete security. Unauthorized third-party entries and uses of your information, hardware or software failures that are not under the Companies’ control and other external factors may compromise the security of your Personal Data. Therefore, its performance is essential to maintain a safe environment for everyone. If You identify or become aware of any factor that compromises the security of your data with the Companies, please contact us using the contact information provided below.

HOW TO TALK ABOUT PERSONAL DATA WITH PIOVAN DO BRASIL?

If You believe that your Personal Data has been processed in a way that is incompatible with this Policy or with your choices as the Owner of your Personal Data, or if You have questions, comments or suggestions related to this Policy and the way in which we process your Data, please feel free to contact us. We have a DPO (Data Protection Officer) who is available at the following contact addresses:
E-mail: privacidade@piovan.com.br
Mailing address: Rua Constante Piovan, nº 40, Água Vermelha Industrial Park, CEP 06276-038, Osasco - SP

 

CHANGES IN THE PRIVACY POLICY

As we are always seeking to improve our services and how we operate, this Privacy Policy may be updated to reflect the improvements made. Therefore, we reserve the right to change this Policy whenever necessary, in order to guarantee You more security and convenience and to further improve your experience. Therefore, we recommend You to periodically visit this page so You are aware of the changes made.

 

APPLICABLE LAW

This document is governed by and shall be interpreted in accordance with the laws of the Federative Republic of Brazil, with the Court of the District of Osasco, São Paulo, being elected as competent to settle any issues that may arise from this term, with express waiver of any other, however privileged it may be.

Last update: January 2022.

Cookie

Cookies consist of portions of code installed in the browser that assist the Data Controller in providing the service according to the purposes described. Some of the purposes for which cookies are installed may also require the user's consent. When the installation of Cookies is based on consent, such consent can be freely withdrawn at any time following the instructions provided at this link.
Please note that, following Order No. 244 of 9 June 2022 of the Data Protection Authority, the Google Analytics 3 service has been deactivated, while the Google Analytics 4 service in anonymous mode is currently active.

Privacy statement for business partners

PIOVAN SPA
AQUATECH SRL
DOTECO SPA
ENERGYS SRL
FEA SRL
FDM GMBH
PENTA SRL
PIOVAN CENTRAL EUROPE GMBH
PIOVAN GMBH

In relation to the processing of the personal data provided, we inform you that:

DATA CONTROLLER

Joint Data Controllers are:
Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, PEC: piovanspa@legalmail.it
and
Doteco S.p.A, with registered office in Mirandola (MO), Fraz. San Martino Spino, Via E. Mattei n. 30, PEC: doteco-spa@pec.it
(hereinafter also referred to as the "Data Controllers").

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The following personal data will be collected and processed: personal data of a common nature (name, surname, personal data, position within the company, contact data) referring to: customer and supplier companies/bodies and representatives/employees/collaborators/sub-contractors of customers/suppliers, eventually communicated by these, for: a) pre-contractual purposes and the execution of contractual relations, b) administrative/accounting/fiscal and legal obligations; c) marketing purposes (sending commercial/promotional/advertising/marketing communication via mail, invitations to trade fairs and events via mail and text messages).

Hence, the legal basis of the data processing is: fulfilment of contractual obligations for the purposes referred to in letter a); legal obligations, for the purposes referred to in letter b); consent, for the purposes referred to in letter c).

COMMUNICATION OF DATA TO THIRD PARTIES - RECIPIENTS OF THE DATA

The Data Controllers may communicate the processed data for the above-mentioned purposes to: i) persons in charge of data processing within the Company; ii) external persons belonging to the following categories: external consultants and their appointees/service provider companies (transport and/or shipping companies)/banks, insurance companies and credit institutions/external companies that collaborate on marketing activities/ control bodies and organisations (customs); iii) other companies in Piovan Group.

TRANSFER OF DATA TO THIRD COUNTRIES

The processed data may be transferred by the Data Controllers to Third Countries. In this case, the transfer of data takes place in compliance with the regulations and guarantees applicable from time to time by the country of reference in accordance with Article 44 and subsequent of EU Reg. 2016/679.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Data will be processed in printed or digital format. Data will be processed by the Data Controllers for the period required for the execution of the afore-mentioned purposes, and at the end of these for a further period prescribed by law relating to the storage of contracts and administrative data and/or for defence in legal proceedings (ten years after the last use and/or event interrupting prescription).

PROVISION OF DATA

The provision of data is mandatory for the execution of contractual relations and for legal purposes. For marketing purposes, it is optional and subject to the data subject's consent. Failure to provide such data will make it impossible to fulfil the purposes listed above.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation.

In case of alleged violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

CONTACTS AND REQUESTS

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com or a communication via fax to: +39 041 5799244.

To oppose processing for marketing purposes at a later stage, you will need to unsubscribe from the mailing list as specified in every newsletter received.

In relation to the processing of the personal data provided, we inform you that:

DATA CONTROLLER

Joint Controllers are:

Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, mail: piovanspa@legalmail.it

and

Aquatech S.r.l.società unipersonale with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, mail: aquatech@legalmail.it

(hereinafter also referred to as "the Data Controllers").

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The following personal data will be collected and processed: personal data of a common nature (name, surname, personal data, position within the company, contact data) referring to: customer and supplier companies/bodies and representatives/employees/collaborators/sub-contractors of customers/suppliers, eventually communicated by these, for: a) pre-contractual purposes and the execution of contractual relations, b) administrative/accounting/fiscal and legal obligations; c) marketing purposes (sending commercial/promotional/advertising/marketing communication via mail, invitations to trade fairs and events via mail and text messages).

Hence, the legal basis of the data processing is: fulfilment of contractual obligations for the purposes referred to in letter a); legal obligations, for the purposes referred to in letter b); consent, for the purposes referred to in letter c).

COMMUNICATION OF DATA TO THIRD PARTIES - RECIPIENTS OF THE DATA

The Data Controllers may communicate the processed data for the above-mentioned purposes to: i) persons in charge of data processing within the two companies; ii) external persons belonging to the following categories: external consultants and their appointees/service provider companies (transport and/or shipping companies)/banks, insurance companies and credit institutions/external companies that collaborate on marketing activities/ control bodies and organisations (customs); iii) other companies in PiovanGroup.

TRANSFER OF DATA TO THIRD COUNTRIES

The processed data may be transferred by the Data Controllers to Third Countries. In this case, the transfer of data takes place in compliance with the regulations and guarantees applicable from time to time by the country of reference in accordance with Article 44 and subsequent of EU Reg. 2016/679.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Data will be processed in printed or digital format. Data will be processed by the Data Controllers for the period required for the execution of the afore-mentioned purposes, and at the end of these for a further period prescribed by law relating to the storage of contracts and administrative data and/or for defence in legal proceedings (ten years after the last use and/or event interrupting prescription).

PROVISION OF DATA

The provision of data is mandatory for the execution of contractual relations and for legal purposes. For marketing purposes, it is optional and subject to the data subject's consent. Failure to provide such data will make it impossible to fulfil the purposes listed above.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation.

In case of alleged violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

CONTACTS AND REQUESTS

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com or a communication via fax to: +39 041 5799244.

To oppose processing for marketing purposes at a later stage, you will need to unsubscribe from the mailing list as specified in every newsletter received.

In relation to the processing of the personal data provided, we inform you that:

DATA CONTROLLER

Joint Data Controllers are:
Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, PEC: piovanspa@legalmail.it
and
Doteco S.p.A, with registered office in Mirandola (MO), Fraz. San Martino Spino, Via E. Mattei n. 30, PEC: doteco-spa@pec.it
(hereinafter also referred to as the "Data Controllers").

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The following personal data will be collected and processed: personal data of a common nature (name, surname, personal data, position within the company, contact data) referring to: customer and supplier companies/bodies and representatives/employees/collaborators/sub-contractors of customers/suppliers, eventually communicated by these, for: a) pre-contractual purposes and the execution of contractual relations, b) administrative/accounting/fiscal and legal obligations; c) marketing purposes (sending commercial/promotional/advertising/marketing communication via mail, invitations to trade fairs and events via mail and text messages).

Hence, the legal basis of the data processing is: fulfilment of contractual obligations for the purposes referred to in letter a); legal obligations, for the purposes referred to in letter b); consent, for the purposes referred to in letter c).

COMMUNICATION OF DATA TO THIRD PARTIES - RECIPIENTS OF THE DATA

The Data Controllers may communicate the processed data for the above-mentioned purposes to: i) persons in charge of data processing within the two companies; ii) external persons belonging to the following categories: external consultants and their appointees/service provider companies (transport and/or shipping companies)/banks, insurance companies and credit institutions/external companies that collaborate on marketing activities/ control bodies and organisations (customs); iii) other companies in PiovanGroup.

TRANSFER OF DATA TO THIRD COUNTRIES

The processed data may be transferred by the Data Controllers to Third Countries. In this case, the transfer of data takes place in compliance with the regulations and guarantees applicable from time to time by the country of reference in accordance with Article 44 and subsequent of EU Reg. 2016/679.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Data will be processed in printed or digital format. Data will be processed by the Data Controllers for the period required for the execution of the afore-mentioned purposes, and at the end of these for a further period prescribed by law relating to the storage of contracts and administrative data and/or for defence in legal proceedings (ten years after the last use and/or event interrupting prescription).

PROVISION OF DATA

The provision of data is mandatory for the execution of contractual relations and for legal purposes. For marketing purposes, it is optional and subject to the data subject's consent. Failure to provide such data will make it impossible to fulfil the purposes listed above.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation.

In case of alleged violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

CONTACTS AND REQUESTS

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com or a communication via fax to: +39 041 5799244.

To oppose processing for marketing purposes at a later stage, you will need to unsubscribe from the mailing list as specified in every newsletter received.

In relation to the processing of the personal data provided, we inform you that:

DATA CONTROLLER

Joint Controllers are:

Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, mail: piovanspa@legalmail.it

and

Energys S.r.l., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, mail: energys@pec.net

(hereinafter also referred to as "the Data Controllers").

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The following personal data will be collected and processed: personal data of a common nature (name, surname, personal data, position within the company, contact data) referring to: customer and supplier companies/bodies and representatives/employees/collaborators/sub-contractors of customers/suppliers, eventually communicated by these, for: a) pre-contractual purposes and the execution of contractual relations, b) administrative/accounting/fiscal and legal obligations; c) marketing purposes (sending commercial/promotional/advertising/marketing communication via mail, invitations to trade fairs and events via mail and text messages).

Hence, the legal basis of the data processing is: fulfilment of contractual obligations for the purposes referred to in letter a); legal obligations, for the purposes referred to in letter b); consent, for the purposes referred to in letter c).

COMMUNICATION OF DATA TO THIRD PARTIES - RECIPIENTS OF THE DATA

The Data Controllers may communicate the processed data for the above-mentioned purposes to: i) persons in charge of data processing within the two companies; ii) external persons belonging to the following categories: external consultants and their appointees/service provider companies (transport and/or shipping companies)/banks, insurance companies and credit institutions/external companies that collaborate on marketing activities/ control bodies and organisations (customs); iii) other companies in PiovanGroup.

TRANSFER OF DATA TO THIRD COUNTRIES

The processed data may be transferred by the Data Controllers to Third Countries. In this case, the transfer of data takes place in compliance with the regulations and guarantees applicable from time to time by the country of reference in accordance with Article 44 and subsequent of EU Reg. 2016/679.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Data will be processed in printed or digital format. Data will be processed by the Data Controllers for the period required for the execution of the afore-mentioned purposes, and at the end of these for a further period prescribed by law relating to the storage of contracts and administrative data and/or for defence in legal proceedings (ten years after the last use and/or event interrupting prescription).

PROVISION OF DATA

The provision of data is mandatory for the execution of contractual relations and for legal purposes. For marketing purposes, it is optional and subject to the data subject's consent. Failure to provide such data will make it impossible to fulfil the purposes listed above.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation.

In case of alleged violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

CONTACTS AND REQUESTS

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com or a communication via fax to: +39 041 5799244.

To oppose processing for marketing purposes at a later stage, you will need to unsubscribe from the mailing list as specified in every newsletter received.

In relation to the processing of the personal data provided, we inform you that:

DATA CONTROLLER

The Data Controller is the company FEA PROCESS & TECHNOLOGICAL PLANTS S.r.l., with registered office in Scarnafigi (Cuneo, Italy), Strada Saluzzo no. 49, tel. + 39 0175 74134, registered mail: amministrazione@feaptpcert.it (hereinafter referred to as "the Company" or “Data Controller”).

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The following personal data will be collected and processed: personal data of a common nature (name, surname, personal data, position within the company, contact data) referring to: customer and supplier companies/bodies and representatives/employees/collaborators/sub-contractors of customers/suppliers, eventually communicated by these, for: a) pre-contractual purposes and the execution of contractual relations, b) administrative/accounting/fiscal and legal obligations; c) marketing purposes (sending commercial/promotional/advertising/marketing communication via mail, invitations to trade fairs and events via mail and text messages).
Hence, the legal basis of the data processing is: fulfilment of contractual obligations for the purposes referred to in letter a); legal obligations, for the purposes referred to in letter b); consent, for the purposes referred to in letter c).

COMMUNICATION OF DATA TO THIRD PARTIES - RECIPIENTS OF THE DATA

The Data Controller may communicate the processed data for the above-mentioned purposes to: i) persons in charge of data processing within the Company; ii) external persons belonging to the following categories: external consultants and their appointees/service provider companies (transport and/or shipping companies)/banks, insurance companies and credit institutions/external companies that collaborate on marketing activities/ control bodies and organizations (customs); iii) other companies in PiovanGroup.

TRANSFER OF DATA TO THIRD COUNTRIES

The processed data may be transferred by the Data Controller to Third Countries. In this case, the transfer of data takes place in compliance with the regulations and guarantees applicable from time to time by the country of reference in accordance with Article 44 and subsequent of EU Reg. 2016/679.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Data will be processed in printed or digital format. Data will be processed by the Data Controller for the period required for the execution of the afore-mentioned purposes, and at the end of these for a further period prescribed by law relating to the storage of contracts and administrative data and/or for defense in legal proceedings (ten years after the last use and/or event interrupting prescription).

PROVISION OF DATA

The provision of data is mandatory for the execution of contractual relations and for legal purposes. For marketing purposes, it is optional and subject to the data subject's consent. Failure to provide such data will make it impossible to fulfil the purposes listed above.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation. In case of alleged violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

CONTACTS AND REQUESTS

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com.
To oppose processing for marketing purposes at a later stage, you will need to unsubscribe from the mailing list as specified in every newsletter received.

The protection and security of personal data (hereinafter also referred to as "data") and the privacy of our contact persons (hereinafter referred to as "contact persons") with customers, sales partners, suppliers and other business partners is very important to us. 

Please also note the data protection information provided on our website. 

Please make sure that you also make this data protection declaration available to employees whose data we process when contacting you, for example.

CONTROLLER, CONTACT, DATA PROTECTION OFFICER

Joint controllers pursuant to Art. 4 N° 7, Art. 26 EU Data Protection Regulation ("GDPR") are:

PIOVAN S.p.A.,
Via delle Industrie 16,
30036 S. Maria di Sala VE – Italy,
represented by the Executive President Nicola Piovan

and

FDM GmbH Maschinen – und Anlagenbau,
Junkersring 24,
D-53844 Troisdorf,
represented by the General Manager Guido Faust,

jointly but also individually in full responsibility.

The aforementioned bodies shall jointly determine the purposes of and the methods of processing.

In case of questions or comments concerning this privacy statement or data protection in general, please contact us through the email address privacy@piovan.com, by post or send a fax to + 39 041 5799244.

Alternatively, you can also address your request to the external data protection officer of FDM GmbH. You can reach our DPO by e-mail at datenschutz@fdm-technik.de or by post at:

RA Thomas Rickert
c/o Rickert Rechtsanwaltsgesellschaft mbH
Kaiserplatz 7-9
D-53113 Bonn.

LEGAL BASES FOR PROCESSING OF YOUR DATA

If the legal basis is not listed in the privacy statement, the following applies:

  • Insofar as we obtain the data subject’s consent for processing, Art. 6 (1) Clause 1 lit. a) GDPR is the legal basis.
  • In case of processing of personal data necessary for the fulfilment of a contract, the legal basis is Art. 6 (1) Clause 1 lit. b) GDPR. This also applies to processing operations that are necessary to carry out pre-contractual measures.
  • Insofar as processing of personal data is necessary for the fulfilment of a legal obligation, the legal basis is Art. 6 (1) Clause 1 lit. c) GDPR.
  • In the event that vital interests of the data subject or of another natural person require a processing of personal data, the legal basis is Art. 6 (1) Clause 1 lit. d) GDPR.
  • If processing is necessary to safeguard legitimate interests of our company or of a third party and if the interests, basic rights, and basic freedoms of the data subject do not outweigh these legitimate interests, the legal basis for processing is Art. 6 (1) Clause 1 lit. f) GDPR.

CATEGORIES OF DATA PROCESSED, PURPOSES OF PROCESSING

We process your data on the basis of your consent, Art. 6 (1) Clause 1 lit. a GDPR, insofar as you have made them available to us voluntarily. You can revoke your consent at any time.

We process your data on the legal basis of Art. 6 (1) Clause 1 lit. b GDPR for the fulfilment of contracts or the implementation of pre-contractual measures (for general administration, planning, implementation and handling of business relationships). This includes contact data (e.g. first name, surname, e-mail address, telephone numbers and company name, customer number) of contact persons, payment and invoice data, order data including order history (e.g. delivery, order and confirmation date, order number, customer number), data on maintenance, warranty and guarantee work, other data which are absolutely necessary to fulfil contracts or to assert any claims against contact persons or your company.  

On the legal basis of Art. 6 (1) Clause 1 lit. f GDPR, we process your data to safeguard our legitimate interests, for example to carry out marketing measures, market analyses, surveys, insofar as this is necessary to assert legal claims and for legal defence, for accounting purposes or for credit assessment purposes.

Please note that you can object to the processing at any time on the basis of our legitimate interests.

DATA TRANSMISSION AND TRANSFER

For the processing of data, we partly use processors who are bound to our instructions. These are carefully selected, commissioned and regularly checked by us. The mandates are based on agreements on order processing in accordance with Art. 28 GDPR.

If necessary, we transmit data to Group companies for the fulfilment of the aforementioned purposes. In particular, data is transferred to the respective national company to fulfil contracts, which are in contact with you in our supply or sales chain. The legal basis for this is Art. 6 (1) Clause 1 lit. b GDPR.

As far as we pass on data to authorities, courts or lawyers, this happens, as far as it is necessary within the scope of legally permissible, in order to assert legal claims, to defend against claims of third parties, or to comply with applicable law. The legal basis for this is Art. 6 (1) Clause 1 lit. c and f GDPR.

A transfer of data to third countries (states outside the EU) does not take place.  

STORAGE PERIOD

The data processed by us will be deleted or its processing restricted in compliance with the statutory provisions, in particular in accordance with Articles 17 and 18 DS-GMO. Unless expressly stated in this privacy statement, we delete data stored by us as soon as it is no longer needed for its intended purpose. Beyond the time of continued use, data is only collected if it is required for other and legally permissible purposes or if the data must be retained due to statutory retention obligations. In these cases, processing is restricted, that means blocked, and not processed for other purposes.

YOUR RIGHTS

Pursuant to the statutory provisions, you can assert the following rights vis-à-vis us with regard to personal data relating to you:

  • Right to access by the data subject (Art. 15 GDPR),
  • Right to rectification and erasure (Art. 16 and Art. 17 GDPR),
  • Right to restriction of processing (Art. 18 GDPR),
  • Right to data portability (Art. 20 GDPR),
  • Right to object (Art. 21 GDPR).

To assert your rights, please send your request to the contact details listed above.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.

In relation to the processing of the personal data provided, we inform you that:

DATA CONTROLLER

Joint Controllers are:

Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, mail: piovanspa@legalmail.it

and

Penta S.r.l.società unipersonale with registered office in Poggio Renatico (Ferrara, Italy), Via Uccellino 75/77, mail: soc.penta@pec.it

(hereinafter also referred to as "the Data Controllers").

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The following personal data will be collected and processed: personal data of a common nature (name, surname, personal data, position within the company, contact data) referring to: customer and supplier companies/bodies and representatives/employees/collaborators/sub-contractors of customers/suppliers, eventually communicated by these, for: a) pre-contractual purposes and the execution of contractual relations, b) administrative/accounting/fiscal and legal obligations; c) marketing purposes (sending commercial/promotional/advertising/marketing communication via mail, invitations to trade fairs and events via mail and text messages).

Hence, the legal basis of the data processing is: fulfilment of contractual obligations for the purposes referred to in letter a); legal obligations, for the purposes referred to in letter b); consent, for the purposes referred to in letter c).

COMMUNICATION OF DATA TO THIRD PARTIES - RECIPIENTS OF THE DATA

The Data Controllers may communicate the processed data for the above-mentioned purposes to: i) persons in charge of data processing within the two companies; ii) external persons belonging to the following categories: external consultants and their appointees/service provider companies (transport and/or shipping companies)/banks, insurance companies and credit institutions/external companies that collaborate on marketing activities/ control bodies and organisations (customs); iii) other companies in PiovanGroup.

TRANSFER OF DATA TO THIRD COUNTRIES

The processed data may be transferred by the Data Controllers to Third Countries. In this case, the transfer of data takes place in compliance with the regulations and guarantees applicable from time to time by the country of reference in accordance with Article 44 and subsequent of EU Reg. 2016/679.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Data will be processed in printed or digital format. Data will be processed by the Data Controllers for the period required for the execution of the afore-mentioned purposes, and at the end of these for a further period prescribed by law relating to the storage of contracts and administrative data and/or for defence in legal proceedings (ten years after the last use and/or event interrupting prescription).

PROVISION OF DATA

The provision of data is mandatory for the execution of contractual relations and for legal purposes. For marketing purposes, it is optional and subject to the data subject's consent. Failure to provide such data will make it impossible to fulfil the purposes listed above.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation.

In case of alleged violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

CONTACTS AND REQUESTS

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com or a communication via fax to: +39 041 5799244.

To oppose processing for marketing purposes at a later stage, you will need to unsubscribe from the mailing list as specified in every newsletter received.

The protection and security of personal data (hereinafter also referred to as "data") and the privacy of our contact persons (hereinafter referred to as "contact persons") with customers, sales partners, suppliers and other business partners is very important to us.

Please also note the data protection information provided on our website.

Please make sure that you also make this data protection declaration available to employees whose data we process when contacting you, for example.

CONTROLLER, CONTACT, DATA PROTECTION OFFICER

Joint controllers pursuant to Art. 4 N°7, Art. 26 EU Data Protection Regulation ("GDPR") are:

Piovan S.p.A.
Via delle Industrie 16,
30036 S. Maria di Sala VE – Italy,
represented by the Executive President Nicola Piovan

and

Piovan Central Europe GmbH
Europaring F10 302
2345 Brunn am Gebirge – Austria
represented by the General Managers Nicola Piovan and Pavel Polomsky,

jointly but also individually fully responsible.

The aforementioned bodies shall jointly determine the purposes and the methods of processing.

In case of questions or comments concerning this privacy statement or data protection in general, please contact us by email at privacy@piovan.com or send a fax to + 39 041 5799244.

LEGAL BASES FOR PROCESSING OF YOUR DATA

If the legal basis is not listed in the privacy statement, the following applies:

  • Insofar as we obtain the data subject’s consent for processing, Art.6 (1) Clause 1a) of EU Data Protection Regulation (GDPR) is the legal basis. 
  • In case of processing of personal data necessary for the performance of a contract, the legal basis is Art. 6 (1) Clause 1(b) GDPR. This also applies to processing operations that are necessary to carry out pre-contractual measures. 
  • Insofar as processing of personal data is necessary for the performance of a legal obligation, the legal basis is Art. 6 (1) Clause 1(c) GDPR. 
  • In the event that vital interests of the data subject or of another natural person require a processing of personal data, the legal basis is Art.6 (1) Clause 1(d) GDPR. 
  • If processing is necessary to safeguard legitimate interests of our company or of a third party and if the interests, basic rights, and basic freedoms of the data subject do not outweigh these legitimate interests, the legal basis for processing is Art. 6 (1) Clause 1(f) GDPR.

CATEGORIES OF DATA PROCESSED, PURPOSES OF PROCESSING

We process your data on the basis of your consent, Art. 6 (1) Clause 1(a) GDPR, insofar as you have made them available to us voluntarily. You can revoke your consent at any time.

We process your data on the basis of Art. 6 (1) Clause 1 (b) GDPR for the fulfilment of contracts or the implementation of pre-contractual measures (for general administration, planning, implementation and handling of business relationships). This includes contact data (e.g. first name, surname, email address, telephone numbers and company name, customer number) of contact persons, payment and invoice data, order data including order history (e.g. delivery, order and confirmation date, order number, customer number), data on maintenance, warranty and guarantee work, other data which are absolutely necessary to fulfil contracts or to assert any claims against contact persons or your company. 

On the basis of Art. 6 (1) Clause 1(f) GDPR, we process your data to safeguard our legitimate interests, for example to carry out marketing measures, market analyses, surveys, insofar as this is necessary to assert legal claims and for legal defence, for accounting purposes or for credit assessment purposes.

Please note that you can object to the processing at any time on the basis of our legitimate interests.

DATA TRANSMISSION AND TRANSFER

For the processing of data, PIOVAN partly uses processors who are bound by our instructions. These are carefully selected, commissioned and regularly checked by us. The mandates are based on agreements on order processing in accordance with Art. 28 GDPR.

If necessary, we transmit data to Group companies for the fulfilment of the aforementioned purposes. In particular, data is transferred to the respective national company to fulfil contracts, which are in contact with you in our supply or sales chain. The legal basis for this is Art.6 (1) Clause 1(b) GDPR.

As far as we pass on data to authorities, courts or lawyers, this happens, as far as it is necessary within the scope of the legally permissible, in order to assert legal claims, to defend against claims of third parties, or to comply with applicable law. The legal basis for this is Art.6 6(1) Clause 1(c) and (f) GDPR.

A transfer of data to other countries (states outside the EU) does not take place.

STORAGE PERIOD

The data processed by us are deleted or their processing is restricted in particular in accordance with Articles 17 and 18 GDPR. Unless expressly stated in this privacy statement, we delete data stored by us as soon as they are no longer needed for their intended purpose. Beyond the time of continued use, data are only collected if this is required for other and legally permissible purposes or if the data must be retained due to statutory retention obligations. In these cases, processing is restricted, that means blocked, and not processed for other purposes.

YOUR RIGHTS

Pursuant to the statutory provisions, you can assert the following rights with regard to personal data relating to you:

  • Right to access (Art. 15 GDPR);
  • Right to rectification and erasure (Art. 16 and Art. 17 GDPR);
  • Right to restriction of processing 18 GDPR);
  • Right to data portability (Art. 20 GDPR);
  • Right to object (Art. 21 GDPR).

To assert your rights, please send your request to the contact details listed above.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.

The protection and security of personal data (hereinafter also referred to as "data") and the privacy of our contact persons (hereinafter referred to as "contact persons") with customers, sales partners, suppliers and other business partners is very important to us. 

Please also note the data protection information provided on our website. 

Please make sure that you also make this data protection declaration available to employees whose data we process when contacting you, for example.

CONTROLLER, CONTACT, DATA PROTECTION OFFICER

Joint controllers pursuant to Art. 4 N°7, Art. 26 EU Data Protection Regulation ("GDPR") are the:

PIOVAN S.p.A.,
Via delle Industrie 16,
30036 S. Maria di Sala VE – Italy,
represented by the Executive President Nicola Piovan,

and

PIOVAN GmbH,
Zeppelinstrasse 30,
85748 Garching,
represented by the General Manager Stefan Viehweg,

jointly but also individually in full responsibility.

The aforementioned bodies shall jointly determine the purposes of and the methods of processing. Piovan GmbH takes over the function within the scope of the distribution of goods and the associated communication. Other functions are performed by Piovan S.p.A.

In case of questions or comments concerning this privacy statement or data protection in general, please contact us through the email address privacy@piovan.com, confidentially by post for the attention of our data protection officer or send a fax to + 39 041 5799244.

Alternatively, you can also address your request to the external data protection officer of our German subsidiary. You can reach our DPO by e-mail at datenschutz@piovan.de or by post at:

RA Thomas Rickert
c/o Rickert Rechtsanwaltsgesellschaft mbH
Kaiserplatz 7-9
D-53113 Bonn.

LEGAL BASES FOR PROCESSING OF YOUR DATA

If the legal basis is not listed in the privacy statement, the following applies:

  • Insofar as we obtain the data subject’s consent for processing, Art. 6 (1) Clause 1 lit. a) GDPR is the legal basis.
  • In case of processing of personal data necessary for the fulfilment of a contract, the legal basis is Art. 6 (1) Clause 1 lit. b) GDPR. This also applies to processing operations that are necessary to carry out pre-contractual measures.
  • Insofar as processing of personal data is necessary for the fulfilment of a legal obligation, the legal basis is Art. 6 (1) Clause 1 lit. c) GDPR.
  • In the event that vital interests of the data subject or of another natural person require a processing of personal data, the legal basis is Art. 6 (1) Clause 1 lit. d) GDPR.
  • If processing is necessary to safeguard legitimate interests of our company or of a third party and if the interests, basic rights, and basic freedoms of the data subject do not outweigh these legitimate interests, the legal basis for processing is Art. 6 (1) Clause 1 lit. f) GDPR.

CATEGORIES OF DATA PROCESSED, PURPOSES OF PROCESSING

We process your data on the basis of your consent, Art. 6 (1) Clause 1 lit. a GDPR, insofar as you have made them available to us voluntarily. You can revoke your consent at any time.

We process your data on the legal basis of Art. 6 (1) Clause 1 lit. b GDPR for the fulfilment of contracts or the implementation of pre-contractual measures (for general administration, planning, implementation and handling of business relationships). This includes contact data (e.g. first name, surname, e-mail address, telephone numbers and company name, customer number) of contact persons, payment and invoice data, order data including order history (e.g. delivery, order and confirmation date, order number, customer number), data on maintenance, warranty and guarantee work, other data which are absolutely necessary to fulfil contracts or to assert any claims against contact persons or your company.  

On the legal basis of Art. 6 (1) Clause 1 lit. f GDPR, we process your data to safeguard our legitimate interests, for example to carry out marketing measures, market analyses, surveys, insofar as this is necessary to assert legal claims and for legal defence, for accounting purposes or for credit assessment purposes.

Please note that you can object to the processing at any time on the basis of our legitimate interests.  

DATA TRANSMISSION AND TRANSFER

For the processing of data, we partly use processors who are bound to our instructions. These are carefully selected, commissioned and regularly checked by us. The mandates are based on agreements on order processing in accordance with Art. 28 GDPR.

If necessary, we transmit data to Group companies for the fulfilment of the aforementioned purposes. In particular, data is transferred to the respective national company to fulfil contracts, which are in contact with you in our supply or sales chain. The legal basis for this is Art. 6 (1) Clause 1 lit. b GDPR.

As far as we pass on data to authorities, courts or lawyers, this happens, as far as it is necessary within the scope of legally permissible, in order to assert legal claims, to defend against claims of third parties, or to comply with applicable law. The legal basis for this is Art. 6 (1) Clause 1 lit. c and f GDPR.

A transfer of data to third countries (states outside the EU) does not take place.  

STORAGE PERIOD

The data processed by us will be deleted or its processing restricted in compliance with the statutory provisions, in particular in accordance with Articles 17 and 18 DS-GMO. Unless expressly stated in this privacy statement, we delete data stored by us as soon as it is no longer needed for its intended purpose. Beyond the time of continued use, data is only collected if it is required for other and legally permissible purposes or if the data must be retained due to statutory retention obligations. In these cases, processing is restricted, that means blocked, and not processed for other purposes.

YOUR RIGHTS

Pursuant to the statutory provisions, you can assert the following rights vis-à-vis us with regard to personal data relating to you:

  • Right to access by the data subject (Art. 15 GDPR);
  • Right to rectification and erasure (Art. 16 and Art. 17 GDPR);
  • Right to restriction of processing (Art. 18 GDPR);
  • Right to data portability (Art. 20 GDPR);
  • Right to object (Art. 21 GDPR).

To assert your rights, please send your request to the contact details listed above.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.

The supervisory authority to which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.

In relation to the processing of the personal data provided, we inform you that:

DATA CONTROLLER

Joint Controllers are:

Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, mail: piovanspa@legalmail.it

and

Progema S.r.l., with registered office in Poggio Renatico (Ferrara, Italy), Via Uccellino 71, mail: progemasrl@cert.cna.it

(hereinafter also referred to as "the Data Controllers").

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The following personal data will be collected and processed: personal data of a common nature (name, surname, personal data, position within the company, contact data) referring to: customer and supplier companies/bodies and representatives/employees/collaborators/sub-contractors of customers/suppliers, eventually communicated by these, for: a) pre-contractual purposes and the execution of contractual relations, b) administrative/accounting/fiscal and legal obligations relating to the invoicing and the management of contractual relations; c) marketing purposes (sending commercial/promotional/advertising/marketing communication via mail, invitations to trade fairs and events via mail and text messages).

Hence, the legal basis of the data processing is: fulfilment of contractual obligations for the purposes referred to in letter a); legal obligations, for the purposes referred to in letter b); consent, for the purposes referred to in letter c).

COMMUNICATION OF DATA TO THIRD PARTIES - RECIPIENTS OF THE DATA

The Data Controllers may communicate the processed data for the above-mentioned purposes to: i) persons in charge of data processing within the two companies; ii) external persons belonging to the following categories: external consultants and their appointees/service provider companies (transport and/or shipping companies)/banks, insurance companies and credit institutions/external companies that collaborate on marketing activities/ control bodies and organisations (customs); iii) other companies in PiovanGroup.

TRANSFER OF DATA TO THIRD COUNTRIES

The processed data may be transferred by the Data Controllers to Third Countries. In this case, the transfer of data takes place in compliance with the regulations and guarantees applicable from time to time by the country of reference in accordance with Article 44 and subsequent of EU Reg. 2016/679.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Data will be processed in printed or digital format. Data will be processed by the Data Controllers for the period required for the execution of the afore-mentioned purposes, and at the end of these for a further period prescribed by law relating to the storage of contracts and administrative data and/or for defence in legal proceedings (ten years after the last use and/or event interrupting prescription).

PROVISION OF DATA

The provision of data is mandatory for the execution of contractual relations and for legal purposes. For marketing purposes, it is optional and subject to the data subject's consent. Failure to provide such data will make it impossible to fulfil the purposes listed above.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation.

In case of alleged violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

CONTACTS AND REQUESTS

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com or a communication via fax to: +39 041 5799244.

To oppose processing for marketing purposes at a later stage, you will need to unsubscribe from the mailing list as specified in every newsletter received.

Careers

In relation to the processing of personal data provided, we inform you that:

DATA CONTROLLER

The Data Controller is the company Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, tel. + 39 041 5799111, fax +39 041 5799244, mail: piovanspa@legalmail.it (hereinafter referred to as "the Company") and each Piovan Group company to which the individual job advertisement refers.

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The following personal data concerning candidates are collected and processed: ordinary personal data (name, surname, personal data, contact details, telephone number, email address, current position, CV) and any personal data of a special category contained in the CV or required by the Company (e.g. previous payroll), in order to assess the possibility of the candidate's employment by the Company or a PiovanGroup company.

Legal basis of data processing is therefore: fulfilment of the data subject's request - contractual obligations - consent.

COMMUNICATION OF DATA TO THIRD PARTIES - RECIPIENTS OF THE DATA

The data processed for the aforesaid purposes may be disclosed to: persons in charge of data processing within the Company, recruitment firms, the company which manages the site or the CV collection and management software, other third companies or professionals acting as External Data Processors, which process data on the Company's behalf in relation to outsourced CV management or recruitment activities.

TRANSFER OF DATA TO THIRD COUNTRIES

The processed data may be transferred by the Data Controller to Third Countries. In this case, the transfer of data takes place in compliance with the regulations and guarantees applicable from time to time by the country of reference in accordance with Article 44 and subsequent of EU Reg. 2016/679.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Data will be processed in paper or digital format. If you will not be employed by the Company, the Data Controller will process/store the data for a period of 24 months after the date of contribution, up to a maximum of 5 years in the case of particularly specialized profiles, after which they will be automatically erased. If you are employed by the Company, an additional specific privacy policy statement will be issued.

PROVISION OF DATA

The provision of data is compulsory for the candidate assessment, except for any data marked as "not compulsory" in the data request form. Failure to provide compulsory data will make it impossible to assess the application and pursue the purposes listed above.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation.

In case of alleged violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

CONTACTS AND REQUESTS

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com or a communication via fax to: +39 041 5799244.

Contacts

ALL WEBSITES
FDM GMBH

In relation to the processing of personal data provided, we inform you that:

DATA CONTROLLER

The Data Controller is the company Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, tel. + 39 041 5799111, fax +39 041 5799244, mail: piovanspa@legalmail.it (hereinafter referred to as "the Company") and each Piovan Group company to which the individual contact request refers.

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The data collected is ordinary personal data necessary to fulfil your request, reply to it and possibly transmit information related to the request made.

The legal basis for data processing is therefore: fulfilment of the data subject's request - contractual obligations - legitimate interest of the Data Controller.

COMMUNICATION OF DATA TO THIRD PARTIES - RECIPIENTS OF THE DATA

The Company may communicate the data processed to perform the aforementioned purposes to internal and external parties which contribute to fulfilling your request, as well as to other companies of PiovanGroup.

TRANSFER OF DATA TO THIRD COUNTRIES

The processed data may be transferred by the Data Controller to Third Countries. In this case, the transfer of data takes place in compliance with the regulations and guarantees applicable from time to time by the country of reference in accordance with Article 44 and subsequent of EU Reg. 2016/679.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Data shall be processed in digital form and using electronic equipment for the period necessary for the fulfilment of the aforementioned purposes and shall be erased on completion of the same.

PROVISION OF DATA

The provision of data is necessary for the fulfilment of the contractual relationship/service request. Failure to provide such data will make it impossible to fulfil the purposes listed above.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation.

In case of alleged violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

CONTACTS AND REQUESTS

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com or a communication via fax to: +39 041 5799244.

With regard to the contact possibilities offered on our website and the possibility to apply to us, we would like to inform you below about the processing of your personal data.

CONTROLLER

Joint controllers are the:

Piovan S.p.A., with legal offices based in Venice (VE) - Italy, Santa Maria di Sala, Via delle Industrie n. 16, and certified e-mail: piovanspa@legalmail.it

and

FDM GmbH Maschinen – und Anlagenbau, with registered offices in Junkersring 24, D-53844 Troisdorf,

(hereinafter, severally, “the Company”)

Both are jointly responsible but respectively also fully responsible individually. The aforementioned controllers shall jointly determine the purpose and means of processing. In particular, the respective controllers perform the functions listed as follows.

  • Piovan S.p.A. is responsible for the provision and technical operation of this website, in particular the choice of technical means and newsletter dispatch.
  • FDM GmbH Maschinen- und Anlagenbau is responsible for the processing of applications and contact inquiries sent to FDM via the Website or by e-mail. Piovan S.p.A. might have access to all data processed in this context.

Data subject may exercise his or her rights under this Regulation in respect of and against each of the controllers.

CONTACT VIA CONTACT FORM OR E-MAIL

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The data collected is ordinary personal data necessary to enable us to fulfil and reply to your request. Until the deletion of the data the sender’s e-mail address will remain visible to all staff tasked with dealing with the query.

We need your and your company’s name and e-mail address to process and assign your enquiries by contact form. Purely informative inquiries, i.e. those which do not lead to the conclusion of a contract will be deleted by us at the end of the year after completion of the processing of the inquiry.

Depending on the content of your request, the data entered by contact form or by e-mail will be processed on the basis of your consent pursuant to art. 6 (1) lit. a GDPR or pursuant to art. 6 (1) lit. b GDPR insofar as contractual performance obligations or the implementation of pre-contractual measures exist.

COMMUNICATION OF DATA TO THIRD PARTIES - DATA RECIPIENTS

The Company may disclose the data processed for the aforesaid purposes to internal and external parties which contribute to fulfilling your request, as well as to other companies of PiovanGroup. All e-mails sent to us and all contact inquiries via contact form are recorded, forwarded to the relevant recipient and are stored for the purposes of the matter/case file to which the e-mail relates.

TRANSFER OF DATA TO THIRD COUNTRIES

The Data Controller may transfer the data processed to Third Countries for the aforesaid purposes. However, any transfer of data to the said Countries shall take place in compliance with art 44 and following articles of the GDPR 2016/679 and the relevant current legislation.

METHODS OF PROCESSING, PERIOD OF DATA STORAGE AND RELATED CRITERIA

Data shall be processed in digital form and using electronic equipment for the period necessary for the fulfilment of the aforesaid purpose(s). The data processed by us will be deleted or its processing restricted in compliance with the statutory provisions, in particular in accordance with art. 17 and 18 GDPR. Unless expressly stated in this privacy statement, we delete data stored by us as soon as it is no longer needed for its intended purpose. Beyond the time of continued use, data is only collected if it is required for other and legally permissible purposes or if the data must be retained due to statutory retention obligations. In these cases, processing is restricted, that means blocked, and not processed for other purposes.

CRM (CUSTOMER RELATIONSHIP MANAGEMENT)

We can store your contact data (name, e-mail address, company name, telephone number, address) in a CRM system (Customer Relationship Management). We have a legitimate economic interest in maintaining contacts established in the course of business beyond the initial contact and using them to establish or maintain a business relationship. You can object to the processing within the CRM system at any time.

This is not the case if you are applying for a job or there is clearly no prospect of a business relationship being established.

Legal basis is art. 6 (1) 1 lit. f GDPR.

JOB APPLICATIONS

We would be happy to receive your application at FDM GmbH. You are welcome to use our online form to apply for jobs advertised here. The purpose of processing personal data is to select a suitable candidate in connection with the advertised positions. We process data related to your application. This may include general information about you (such as your name, address and contact details), information about your professional qualifications and schooling, information about further professional training or other information that you provide to us in connection with your application. In addition, we may process job-related information made publicly available by you, such as a profile on professional social media networks.

By transmitting personal data via an attached file, the applicant agrees to the processing of personal data in this context. In the event of a successful application, the data collected may be further processed by us for the purposes of the employment relationship. The legal basis for the processing of personal data within the scope of an online application is art. 6 (1) 1 lit. b GDPR, § 26 (1) BDSG. Beyond the original purpose (selection of a suitable applicant), your data will be stored for the defence of legal claims for a period of 6 months from the end of the application procedure. Basis of the processing is art. 17 (3) lit. e, art. 6 (3) 1 lit. f GDPR.

The data processed for the aforesaid purposes may be disclosed to: recruitment firms, the company which manages the site or CV collection and management software, and other third-party companies or professionals acting as External Data Processors, which process data on the Company's behalf in relation to outsourced CV management or recruitment activities. Depending on the job description, Piovan S.p.A. will also receive your application data in addition to FDM GmbH, especially if the advertised position includes group-wide tasks. You can find out whether Piovan S.p.A. receives your application data in the respective job description.

Should you, as an applicant, wish to have your application data stored in our talent pool so that it can be taken into account at a later date when recruiting for vacant positions, your consent is required. Legal basis for this is art. 6 (1) 1 lit. a, art. 7 GDPR, § 26 (2) BDSG. Consent also refers to special categories of data according to art. 9 GDPR (e.g. photos, information about severely disabled persons, etc.). You can revoke your consent at any time. In this case your data will be deleted immediately. We will delete your data after 3 years.

Please note that for organizational reasons this is only possible for applicants who are over 16 years old. Application data of applicants under 16 years of age will be destroyed after the above-mentioned deadlines.

SECURITY

In order to protect your data transmitted via our contact forms, we use TLS/SSL encryption for any online data transfer on this website. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.

GOOGLE RECAPTCHA

We use "ReCaptcha" for the recognition of bots, e.g. for entries in online forms. The behavior information of the users (e.g. mouse movements or queries) is evaluated in order to distinguish people from bots. Service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Privacy statement: https://policies.google.com/privacy.

DATA PROVISION

The contribution of personal data is necessary for the fulfilment of the contractual relationship/service request. Failure to provide such data will make it impossible to fulfil the purposes listed above.

AUTOMATED DECISION-MAKING AND PROFILING

Processing is not carried out using automated decision-making processes (e.g. profiling).

RIGHTS OF THE DATA SUBJECT, WITHDRAWAL OF CONSENT AND COMPLAINTS TO THE CONTROL AUTHORITY

Under data protection law, data subjects have certain rights. Subject to certain restrictions, which are set out below, you can exercise these rights in relation to your personal data that is processed by the Joint Controllers. Data subjects can assert their rights against FDM GmbH or Piovan S.p.A. at their choice.

The data subject rights are:

  • The right to be informed about the processing of your personal data;
  • The right to access your personal data;
  • The right to rectification of your personal data;
  • The right to erasure of your personal data;
  • The right to data portability;
  • The right to object to processing of your personal data;
  • The right to restrict processing of your personal data;
  • Rights in relation to automated decision making, including profiling.

To exercise the rights provided by current data protection legislation and to obtain a full list of the External Entities in Charge of Data Processing appointed for each area and activity, or for information about the transfer of data to non-EU states and the relevant guarantees, please contact FDM’s Data Protection Officer or write to privacy@piovan.com or send a fax to +39 041 5799244.

The data subject is also entitled to submit a complaint to a Data Protection Authority in his or her member state of residence, or the member state in which he or she works or where the presumed data breach occurred.

CONTACTS AND REQUESTS, DATA PROTECTION OFFICER

To obtain further information about personal data processing, object to processing or exercise the rights envisaged by current personal data protection law (access, rectification, erasure, restriction, objection and portability), and/or to obtain a complete list of the internal and external parties appointed to process the data, and/or for information with regard to data transfer to non-EU states and the relative guarantees, including data transfer mechanisms and safeguards under art 44 and following articles of the GDPR, please contact e-mail privacy@piovan.com fax 041.5799244 tel 041.5799111.

You can also contact FDM's Data Protection Officer by e-mail at datenschutz@rickert.net or confidentially by post at DSB FDM GmbH, c/o Rickert Rechtsanwaltsgesellschaft mbH, Kaiserplatz 7-9, D-53113 Bonn.

Marketing and Newsletter

In relation to the processing of personal data provided, we inform you that:

DATA CONTROLLER

The Data Controller is the company Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, tel. + 39 041 5799111, fax +39 041 5799244, email: piovanspa@legalmail.it (hereinafter referred to as "the Company") and each company of the PiovanGroup to which any individual commercial communication refers.

 

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The following personal data are collected and processed: personal data of a common nature (name, surname, reference company, position within the company, contact data, email, telephone, mobile phone) for marketing purposes, such as sending by email, SMS and/or telephone communications related to sales – promotional – advertising topics, invitations to fairs and events, information related to Piovan S.p.A and the companies belonging to PiovanGroup.

Legal basis of data processing is therefore the consent of the interested party.

COMMUNICATION OF DATA TO THIRD PARTIES - RECIPIENTS OF THE DATA

The Company may communicate the data processed to perform the aforementioned purposes to internal corporate subjects in charge of processing and/or to external subjects belonging to the following categories: external consultants and their representatives/service companies (communication, IT and/or marketing companies) and to each company of the PiovanGroup to which any individual commercial communication refers.

TRANSFER OF DATA TO THIRD COUNTRIES

The processed data may be transferred by the Data Controller to Third Countries. In this case, the transfer of data takes place in compliance with the regulations and guarantees applicable from time to time by the country of reference in accordance with Article 44 and subsequent of EU Reg. 2016/679.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Data will be processed in printed or digital format for the period required for the execution of the aforementioned purposes and, in any case, up to the possible revocation of the consent or to the cancellation request of the data subject and for the period permitted by law.

PROVISION OF DATA

The provision of data is optional for marketing purposes and subject to the consent of the data subject. Failure to provide data implies the impossibility of pursuing the aforementioned purposes.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation.

In case of alleged violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

CONTACTS AND REQUESTS

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com or a communication via fax to: +39 041 5799244. To oppose the processing for marketing purposes at a later stage you will need to unsubscribe from the mailing list as indicated in each marketing email or newsletter received.

Investor Relations

In relation to the processing of personal data provided, we inform you that:

DATA CONTROLLER

The Data Controller is the company Piovan S.p.A., with registered office in Santa Maria di Sala (Venice, Italy), Via delle Industrie no. 16, tel. + 39 041 5799111, fax +39 041 5799244, mail: piovanspa@legalmail.it (hereinafter referred to as "the Company").

TYPE OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING

The following personal data are collected and processed: personal data of a common nature (name, surname, mail, reference company) for the purpose of sending communications concerning events organized by Piovan S.p.A. in conjunction with the publication of financial results and price sensitive press releases.

Legal basis of data processing is therefore: consent of the data subject/service request.

COMMUNICATION OF DATA TO THIRD PARTIES - RECIPIENTS OF THE DATA

The Company may communicate the data processed to perform the aforementioned purposes to the personnel in charge of processing and/or to external services companies (communication or IT companies).

TRANSFER OF DATA TO THIRD COUNTRIES

The processed data may be transferred by the Data Controller to Third Countries. In this case, the transfer of data takes place in compliance with the regulations and guarantees applicable from time to time by the country of reference in accordance with Article 44 and subsequent of EU Reg. 2016/679.

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

Data will be processed in printed or digital format for the period required for the execution of the aforementioned purposes and, in any case, up to the possible revocation of the consent or to the cancellation request of the data subject and for the period permitted by law.

PROVISION OF DATA

The provision of data is optional for marketing purposes and subject to the consent of the data subject. Failure to provide data implies the impossibility of pursuing the aforementioned purposes.

RIGHTS OF THE INTERESTED PARTY, REVOCATION OF CONSENT AND COMPLAINT TO THE CONTROL AUTHORITY

The data subject has the right at any time to request access to his/her personal data, to request rectification, deletion, limitation of the same, to oppose the processing and withdraw consent and to exercise the right to data portability whenever possible. In any case, the data subject has the right to revoke, at any time, any consent given to data processing, without prejudice to the lawfulness of processing based on the consent given before revocation.

In case of presumed violation, the data subject, having recourse to the conditions, also has the right to propose a complaint to a Data Supervision Authority in the EU member state where he/she resides habitually or in the EU state where he/she works or where the alleged violation occurred.

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

CONTACTS AND REQUESTS

To know the complete list of external parties to whom the data are communicated, to have information regarding the transfer of data to non-EU countries, the mechanisms and protection of data transfer pursuant to Article 44 and subsequent of GDPR, to exercise the revocation of any consent given or to exercise your rights (access, rectification, cancellation, limitation, opposition, portability) please send a request to the following email: privacy@piovan.com or a communication via fax to: +39 041 5799244. To oppose the processing at a later stage, you will need to unsubscribe from the mailing list as indicated at the end of the mail received.

Whistleblowing

DATA CONTROLLER

The following are Joint Data Controllers:

  • Piovan S.p.A., with registered office in Santa Maria di Sala (Venice), Via delle Industrie 16, e-mail: piovanspa@legalmail.it
  • Aquatech S.r.l., with registered office in Santa Maria di Sala (Venice), Via delle Industrie 16, e-mail: aquatech@legalmail.it 
  • Energys S.r.l., with registered office in Santa Maria di Sala (Venice), Via delle Industrie 16, e-mail: energys@pec.net
  • Penta S.r.l., with registered office in Poggio Renatico (Ferrara), Via Uccellino 75/77, e-mail: penta@penta.piovan.com
  • Doteco S.p.A., with registered office in Mirandola (Modena), San Martino Spino, Via E. Mattei 30, e-mail: doteco-spa@pec.it
  • FEA process & technological plants S.r.l., with registered office in Scarnafigi (Cuneo), Strada Saluzzo 49, e-mail: amministrazione@feaptpcert.it

(hereinafter, also referred to as “the Data Controllers” or “the Companies”).

This policy is provided in relation to the processing of personal data of whistleblowers, those reported, whistleblower facilitators and any other third parties involved or mentioned in the report (hereinafter, "Data Subjects") used in the management of the reports of offences addressed to the Companies falling within the scope of the "Procedure for Reporting Breaches" – drawn up in compliance with the provisions of Italian Legislative Decree no. 24 of March 10, 2023, implementing Directive (EU) 2019/1937 on the protection of whistleblowers against breaches of EU and national law –  published on the group's corporate website www.piovan.com.

TYPE OF DATA PROCESSED

The following personal data are collected and processed: personal data of a common nature (e.g. personal data, contact data, etc.) of the whistleblower, the reported party, the facilitators of the report and any other third parties involved or mentioned that may be included in the report.

If mentioned in the report or, subsequently, acquired in the context of the management of the report and in the conduct of the related investigation, data may also be processed that reveal the racial or ethnic origin, political opinions, religious and/or philosophical convictions, union membership, as well as genetic data, biometric data, data related to health or sex life or sexual orientation of the Data Subjects and judicial data, related to crimes and criminal convictions.

The Data Subjects are (or may be): the author of the report (the whistleblower), the person (or persons) concerned by the report (the reported person/persons), the natural person who assists the whistleblower in the reporting process, operating within the same work context as the whistleblower and whose assistance is to be kept confidential (the whistleblower facilitator), and any other third parties involved or mentioned in the report that may be mentioned in the report or that may come to light in the course of the investigation following the report.

SOURCE OF PERSONAL DATA

The data are collected through the reports addressed to the Companies and, subsequently, during the investigation following the report. The data of the Data Subjects contained in the report are provided directly by the whistleblower.

As reported in the Procedure for Reporting Breaches, whistleblowers can be: 

  • employees, including holders of a part-time, full-time or intermittent, fixed term or open-ended employment relationship, sub-contracted, apprenticeship, accessory, or who perform occasional services; 
  • self-employed workers, including holders of work contracts, agency relationships, commercial representation and other collaborative relationships; 
  • workers or collaborators who provide goods or services or carry out works for the Companies; 
  • freelancers and consultants; 
  • volunteers and trainees, paid and unpaid;
  • shareholders and persons with functions of administration, direction, control, supervision or representation, even if these functions have been exercised merely de facto (i.e. without formal investiture).

Reports can be nominative or anonymous. 

To preserve the investigative purposes, in the cases envisaged by law, the person reported, pursuant to art. 14, sub. 5, lett. d), of the GDPR, may not be immediately made aware of the processing of their data by the Data Controllers, as long as there is a risk of compromising the possibility of effectively verifying the validity of the complaint or collecting the necessary evidence.

PURPOSES AND LEGAL BASIS FOR THE PROCESSING

The personal data of the Data Subjects are processed for the purposes related to the application of the Procedure for Reporting Breaches, prior to the management of reports of any breaches of national or European Union regulations that harm the public interest or the integrity of the Companies, as well as of relevant unlawful conduct pursuant to Italian Legislative Decree 231 of 8 June 2001, by anyone who has become aware of the aforementioned in the context of the employment or collaboration relationship with the Companies or, in any case, in the work context. 

The adoption of the Procedure for Reporting of Breaches and the processing of personal data consequent to the receipt of the reports take place, therefore, on the basis of a legal obligation to which the Data Controllers are subject and/or their legitimate interest. In the event of the use of voice recording with related transcription, as well as in the event of disclosure of the identity of the whistleblower, the legal basis may exclusively be the consent of the Data Subject. 

With regard to any processing of personal data subsequent to the closure of the investigation on the report, the legal basis is represented by the legitimate interest of the Data Controllers in the exercise of their rights and possibly for defense in court in all cases where it is necessary (e.g. reopening of legal proceedings, claims for compensation for damages related to the report), pursuant to art. 6, sub. 1, lett. f), and art. 9, sub. 2, lett. f), of the GDPR. 

In the context of any disciplinary proceedings against the alleged perpetrator of the reported conduct, in the event that the allegation is well-founded and the identity of the whistleblower is indispensable for the defense of the person charged with the disciplinary offence or of the person in any event involved in the report, the identity of the whistleblower shall only be used in compliance with the legal basis of the whistleblower's express consent, as requested from time to time.

COMMUNICATION OF DATA TO THIRD PARTIES - DATA RECIPIENTS

The related data are processed by the Ethics Committee and/or by any company functions and/or external consultants, as better specified in the Procedure for Reporting Breaches.

The internal members of the Ethics Committee are authorized to process personal data, on the basis of a specific letter of appointment, indicating the confidentiality obligations that must be respected in the performance of the assigned function. 

The external member of the Ethics Committee is appointed Data Processor pursuant to art. 28 of the GDPR. 

The reports and the personal data of the Data Subjects, moreover, may be communicated to the subjects involved in the management of the report, as well as the consultants and external professionals of which the Company make use, in compliance with the provisions of the law on the protection of personal data. 

The identity of the whistleblower and any other information from which such identity may be inferred, directly or indirectly, may not be disclosed, without the express consent of the same, to persons other than those indicated above. 

The communication of the personal data of the Data Subjects to public bodies and public authorities (including administrative, judicial and public security authorities) is without prejudice, if the conditions are met or the communication is necessary to comply with an order of the authority itself or with a legal obligation. 

The identity of the whistleblower cannot be revealed even in the context of the disciplinary procedures that may arise from the report, if the dispute of the disciplinary charge is based on separate and additional findings with respect to the report itself, even if consequent to the same. Where, instead, the disciplinary dispute is based, in whole or in part, on the report and knowledge of the identity of the whistleblower is indispensable for the accused's defense, the report shall be usable for the purposes of disciplinary proceedings only if the whistleblower has expressly consented to the disclosure of their identity. In the latter case, the whistleblower will be notified in writing of the reasons for the disclosure of the confidential data; a similar communication will be provided to the whistleblower if the disclosure of their identity and the information from which it can be obtained, directly or indirectly, is also essential for the defense of any person involved.

The data are processed, as a Data Processor, pursuant to art. 28 of the GDPR, by the company that manages the Whistleblowing platform and guarantees the storage of the personal data processed in the cloud.

The Data Controllers, pursuant to articles 28 and 29 of the GDPR, provide the Data Processor with operational instructions to ensure the confidentiality and security of the processing of personal data, ensure compliance with applicable legislation and the protection of Data Subjects. 

 

PROCESSING METHODS, PERIOD AND DATA RETENTION CRITERIA

The data will be processed mainly through computerized and/or automated tools within the Whistleblowing platform, with logic related to the purposes indicated above and, in any case, in such a way as to guarantee the security and confidentiality of the data.

The data will be processed for the time necessary to manage the specific whistleblowing and in any case no later than five years from the date of communication of the final outcome of the whistleblowing procedure (art. 14 of Italian Legislative Decree 24/2023).

PROVISION OF DATA

The provision of the whistleblower's data is mandatory in the "nominative report" (with confidential identity management). Any refusal to provide data in the "nominative report" makes it impossible to follow the procedure described in the Procedure for Reporting Breaches. 

The provision of the whistleblower's data is optional in the "anonymous report" (which does not require prior registration and identification). However, anonymous reporting will only be taken into consideration if adequately substantiated and referring to specific facts and situations.

TRANSFER OF DATA TO THIRD COUNTRIES

The data processed are not transferred by the Data Controllers to Third Countries. However, in the event of any transfer of data to Third Countries, the transfer itself will take place in compliance with the regulations in force from time to time regarding the transfer of data to Third Countries. 

PROFILING AND AUTOMATED DECISION-MAKING PROCESSES

The processing is not carried out by automated decision-making processes (i.e. profiling).

RIGHTS OF THE DATA SUBJECT, WITHDRAWAL OF CONSENT AND COMPLAINT TO THE SUPERVISORY AUTHORITY

Except as set out in the following paragraph, Data Subjects may request from the Data Controllers access to the data concerning them, their rectification, integration or erasure, as well as the restriction of processing or any other right referred to in articles 15 to 22 of the GDPR, meeting the conditions, which must be highlighted in the request. The exercise of these rights may, however, be limited if there are legitimate interests prevailing over the interests, rights and freedoms of the Data Subject, also related to the establishment, exercise or defense of a right in court or to other legal obligations that the Data Controllers must fulfil or to any provisions of the Public Authorities or the Judicial Authority or the Police Bodies. 

The person involved or the person mentioned in the report cannot exercise the rights that the GDPR grants to the Data Subjects with reference to their personal data processed in the context of the report (the right of access to personal data, the right to rectify them, the right to obtain their erasure or so-called right to be forgotten, the right to restriction of processing, the right to the portability of personal data and the right to object to processing). This is because the exercise of these rights could result in an effective and concrete prejudice to the protection of the confidentiality of the identity of the whistleblower. In such cases, therefore, the person reported or the person mentioned in the report is also excluded from the possibility, where they believe that the processing that concerns them breaches these rights, to contact the Data Controllers and, in the absence of a response from the latter, to lodge a complaint with the Supervisory Authority for the protection of personal data.

In cases other than that set out above, Data Subjects have the right to lodge a complaint with the Supervisory Authority for the protection of personal data in the event of illegitimate or unlawful processing of their data by the Data Controllers. 

Where the processing is based on consent, the Data Subject has the right to revoke the consent given for the processing of the data at any time, without prejudicing the lawfulness of the processing based on the consent given prior to the revocation.

CONTACTS AND REQUESTS

To find out about the internal privacy organization of each Data Controller and the activities of the Data Processors, to obtain further information on the transfer of data to non-EU countries, the mechanisms and protections for transferring data pursuant to art. 44 et seq. GDPR, to exercise the revocation of any consent given and/or to exercise your rights (access, rectification, cancellation, restriction, opposition, portability) you can send a request to the e-mail contact privacy.ethicscommittee@piovan.com or forward a request through the Whistleblowing platform.

Brand
crossarrow-right