Privacy policy

PRIVACY POLICY for personal data processing for website

Your personal data (Data) will be processed in compliance with Regulation (EU) No. 2016/679 (Regulation or GDPR) and Legislative Decree No. 101/2018; some personal data are collected for the statistical purposes indicated in this privacy statement

The full text of the GDPR can be downloaded at the following link

  1. Data Controller

Fapim S.p.A. (Company), ID N. IT02224030466 with registered office in Via delle Cerbaie, 114 – 55011 Altopascio (LU) – Italy.

  1. Categories of data to be processed when carrying out statistical analysis

The Data being processed are those collected during the website surfing of the data subject, such as the IP address, the operating system of the browser used, the web contents clicked, and the web pages visited.

Such information is considered as Data in compliance with the applicable regulation whether directly or indirectly referred to identified or identifiable natural persons.

  1. Purpose of the processing, legal basis and consequences of failure to provide Data

The Data referred to in § 2 are processed by the Company for statistical purposes only and are limited to the data mentioned above, for the legitimate expectation of the Company to improve its knowledge; the Data processing for the above purposes is not subject to the explicit consent of the data subject.

Legal basis of the processing: execution of statistical analysis.

  1. Modality of the processing and Data retention period

The Data are processed at the Company’s headquarters through electronic means capable of guaranteeing security and confidentiality; the Data can be processed by the Company in the following ways:

  • Recording and processing on computer support;
  • Automated organization of the archives with profiling.

The Company keeps the Data in compliance with the regulation in force on this subject, for a period of 10 years.

  1. Communication and transfer of Data

The Company will only disclose the Data to third parties if they are authorized to process them within the company itself and, where appropriate, only for the purposes referred to in § 3.

The Company may transfer the processed statistical Data abroad to companies which are related to it and have their registered office both inside and outside the European Union. Some of these jurisdictions may not ensure the same level of Data protection guaranteed by the country where the Data subject resides. In such a case, the Company undertakes to ensure that the results of the statistical analysis are handled with the utmost confidentiality by signing, if necessary, agreements aiming to guarantee an appropriate protection level and/or by adopting the standard contract terms provided for by the European Commission.

Some of the Data are collected and handled by Google Analytics.

The Data controller keeps and handles the above mentioned Data at the registered office of the organization and within the servers located in  Italy; it is understood that the Data Controller, where necessary, has the right to move the servers: in this case the Data Controller guarantees that the transfer is carried out in conformity with the provisions of the law and signing, if necessary, special agreements with an appropriate protection level.

  1. Rights of the Data subject

The Data subject can exercise, at any time, his rights with respect to the Data Controller according to the provisions of the Regulation (EU) No. 679/2016:

  • Access to personal data – art. 15 GDPR;
  • Rectification of personal data – art. 16 GDPR;
  • Cancellation of personal data – art. 17 GDPR;
  • Limitation of personal data processing – art. 18 GDPR;
  • Data portability – art. 20 GDPR;
  • Opposition to the processing of data – art. 21 GDPR;
  • Not to be subject to decisions based solely on automated processing, including profiling – art. 22 GDPR;

The GDPR also states that the Data subject can exercise additional rights such as:

  • Withdrawal of consent – art. 7 point 3 GDPR;
  • Lodging of a complaint with a supervisory authority – art. 77 GDPR.

The Data subject can exercise the rights set out in the Regulation, by writing to the Data Controller at the company headquarters’ address below, or by sending an e-mail to .

  1. Modifications to this statement

This statement may be amended; you can view the updated version, at any time, by connecting to


Altopascio, 2019/04/18 The Data Controller      FAPIM S.p.A.





adminPrivacy policy