Dallan SpA with registered office in Via per Salvatronda 50, 31033 Castelfranco Veneto (TV), Italy, VAT No. IT 02057900264 (hereinafter, the “Owner”), owner of the website www.dallan.com, www.dallan.it (hereinafter, the “Site”), www.dalcos.com, in its capacity as the data controller of the personal data of users browsing and registered on the Site (hereinafter, the “Users”) hereby provides the privacy policy pursuant to Art. 13 of Legislative Decree 196/2003 (hereinafter, the “Privacy Code”) and pursuant to Article 13 of EU Regulation 2016/679 of 27 April 2016 (hereinafter, the “Regulation”, the Regulation and the Privacy Code are together referred to as the “Applicable Legislation”).

This Site and any services offered through the Site are reserved for individuals who are 18 years of age or older. Therefore, the Data Controller does not collect personal data relating to persons under the age of 18. At the request of Users, the Data Controller will promptly delete all personal data involuntarily collected relating to persons under the age of 18.

The Data Controller takes into the utmost consideration the right to privacy and the protection of personal data of its Users. For any information in relation to this privacy policy, Users may contact the Controller at any time, using the following methods:

  • By sending a registered letter with return receipt to the Controller’s registered office
  • By sending an e-mail message to the web address [email protected].

The Data Controller has appointed a Data Protection Officer (DPO).  The DPO can be contacted at the company’s registered office or at the e-mail address [email protected].

Purposes of the processing:

Users’ personal data shall be lawfully processed by the Controller pursuant to Article 6 of the Regulations for the following purposes:

  1. Site surfing, in relation to the possibility of detecting technically necessary User data, e.g. IP address, while browsing the site.
  2. Sending informative newsletters, following a specific request from the data subject. The newsletter does not convey marketing content, being solely institutional. Consent is therefore not required for promotion and marketing purposes. The newsletter registration mechanism is a double opt-in procedure.
  3. Replying to your requests for information, which we receive via the contact form.
  4. Subscription to the reserved area of the website, through which you can access the customer portal
  5. Subscription to masterclass through the dedicated form
  6. Legal obligations, i.e. to fulfil obligations required by law, an authority, a regulation or European legislation.
  7. Receipt of curricula used for personnel selection, via the appropriate entry form. Specific information will be conveyed on the relevant page.

The provision of personal data for the processing purposes indicated above is optional but necessary, since failure to provide such data will make it impossible for the User to navigate on the Site, register on the Site and use the services offered by the Controller on the Site.

With reference to the purposes referred to in points 1/a, 1/c, 1/d, 1/e the legal basis of the processing is in fact the performance of the services provided through the Site and requested by you (pursuant to Article 6, paragraph 1, lett. b of Privacy Regulation 2016/679); with reference to the purposes 1/b and 1/f referred to in the previous paragraph, the legal basis of the processing is your possible freely expressed consent (pursuant to Article 6, paragraph 1, lett. a of the Privacy Regulation 2016/679); with reference to the purposes referred to in point 1/f of the preceding paragraph, the legal basis of the processing is to fulfil a legal obligation to which the data controller is subject (pursuant to Article 6(1)(c) of the Privacy Regulation 2016/679).

Processing methods and data retention periods

The Data Controller will process the personal data of the Users by means of manual and computerised tools, with logics strictly related to the purposes themselves and, in any case, in such a way as to guarantee the security and confidentiality of such data.

The personal data of the Users of the Site will be stored for the time strictly necessary to fulfil the purposes illustrated in paragraph 1 above, or in any case as long as necessary to protect the interests of both the Users and the Data Controller under civil law. In relation to the purpose set forth in paragraph 1.b the data will be kept until you object to the sending of the newsletter, through the appropriate link contained in the same or through the means of exercising your rights as set forth in paragraph 4.

Scope of communication and dissemination of data

The personal data of Users may be disclosed to employees and/or collaborators of the Data Controller appointed to manage the Site. These subjects, who are formally appointed by the Owner as “data processors”, will process the User’s data exclusively for the purposes indicated in this information notice and in compliance with the provisions of the Applicable Regulations.

Users’ personal data may also be disclosed to third parties who may process personal data on behalf of the Data Controller in their capacity as “External Data Processors”, such as, by way of example, suppliers of IT and logistical services functional to the operation of the Site, suppliers of outsourced or cloud computing services, professionals and consultants.

Users have the right to obtain a list of any External Processors appointed by the Controller by making a request to the Controller in the manner indicated in paragraph 4 below.

Rights of the Data Subjects

Users may exercise the rights guaranteed to them by the Applicable Regulations by contacting the Data Controller in the following ways:

  • By sending a registered letter with return receipt to the registered office of the Data Controller
  • Sending an e-mail message to [email protected];

Pursuant to the Applicable Regulations, the Data Controller informs Users that they have the right to obtain information on (i) the source of the personal data; (ii) the purposes and methods of processing; (iii) the logic applied in the event of processing carried out with the aid of electronic instruments; (iv) the identification details of the data controller and data processors; (v) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of it in their capacity as data processors or persons in charge of processing.

Furthermore, Users have the right to obtain

  1. access, update, rectification or, when interested, integration of the data;
  2. the cancellation, transformation into anonymous form or blocking of data processed in breach of the law, including data whose storage is not necessary in relation to the purposes for which the data were collected or subsequently processed
  3. certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

Furthermore, Users have:

(a) the right to withdraw consent at any time, if the processing is based on their consent;

(b) the right to data portability (the right to receive all personal data concerning them in a structured, commonly used and machine-readable format), the right to restriction of processing of personal data and the right to erasure (‘right to be forgotten’)

(c) the right to object

  1. in whole or in part, on legitimate grounds to the processing of personal data concerning them, even if pertinent to the purpose of collection;
  2. in whole or in part, to the processing of personal data concerning them for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication;

iii. where personal data are processed for direct marketing purposes, at any time, to the processing of their data for such purposes, including profiling insofar as it is related to such direct marketing.

  1. d) if they consider that the processing concerning them is in breach of the Regulation, the right to lodge a complaint with a Supervisory Authority (in the Member State in which they have their habitual residence, in the Member State in which they work or in the Member State in which the alleged breach occurred). The Italian Supervisory Authority is the Garante per la protezione dei dati personali, based in Rome (http://www.garanteprivacy.it/).

Contact us for more info!

We’ll reply as soon as possible