-
PRIVACY NOTICE ON THE PROCESSING OF PERSONAL DATA
(pursuant to EU Regulation 679/2016 – GDPR)
Dear User,
Pursuant to Regulation (EU) 2016/679 (GDPR), Legislative Decree 196/2003 as amended and supplemented, as well as the provisions of the Italian Data Protection Authority, IFAC S.p.A., as Data Controller, provides the following information regarding the processing of personal data of users interacting with the website. The processing of personal data will be based on the principles of fairness, lawfulness, transparency and protection of confidentiality and data subject rights. By filling in the forms available on the website (sections “Solutions” and “Contacts”) or interacting with the available features, the user voluntarily provides certain personal data to the Data Controller.1. IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER
The Data Controller is: IFAC S.p.A. (Single Shareholder), VAT No. 02558090722, Registered Office: 70021 – Acquaviva delle Fonti (BA), Via Achille Tamburrino s.n.c. – Industrial Area Branch Tel: 080/757020 Email: privacy@ifacspa.it PEC: ifacspa@pec.it
DATA PROTECTION OFFICER (DPO)
The Data Controller has appointed a Data Protection Officer (DPO), who can be contacted at the following email address: dpo@ifacspa.it
2. PURPOSES AND LEGAL BASES OF PROCESSING
Management of contact and quotation requests (sections “Solutions” and “Contacts”)
Purpose
- respond to information requests sent by users;
- provide consultancy on the configuration of the offered solutions;
- prepare and send customized quotations requested by the user.
Legal basis
Processing is necessary for the performance of pre-contractual measures taken at the request of the data subject or for the performance of a contract to which the data subject is a party.
Browsing data
Purpose
To ensure the proper functioning of the website and the security of IT infrastructures.
Legal basis: Processing is based on the legitimate interest of the Data Controller in ensuring the security, integrity and proper operation of the website.
3. CATEGORIES OF PERSONAL DATA PROCESSED
The Data Controller may process the following categories of personal data:
Data voluntarily provided by the user:
- first and last name;
- email address;
- phone number;
- address (optional data, requested only in the “Contacts” section);
- city (mandatory data to proceed with the request in the “Solutions” section).
Browsing data
The IT systems and software procedures used to operate the website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.
These include, for example:
- IP addresses
- domain names of users’ computers
- URI addresses of requested resources
- time of the request
- parameters related to the user’s operating system and IT environment
4. DATA RETENTION PERIOD
Personal data will be retained for the time strictly necessary to achieve the purposes for which they were collected.
In particular:
- contact or quotation requests: for the time necessary to manage the request;
- in case of establishment of a contractual relationship: for the entire duration of the relationship and subsequently for the period required by legal obligations (e.g., 10 years for accounting and tax purposes);
- in the absence of a contractual relationship: for an appropriate period after the closure of the request (indicatively up to 24 months), unless consent is given for further purposes.
5. NATURE OF DATA PROVISION
Providing data in the forms available on the website is optional. However, failure to provide mandatory data will prevent the Data Controller from processing the user’s request.
6. RECIPIENTS OF PERSONAL DATA
Personal data may be processed by:
Internal staff
Employees and collaborators of the Data Controller, duly authorized to process data.
Data Processors
Third-party companies providing services on behalf of the Data Controller, appointed as Data Processors pursuant to Article 28 of the GDPR.
Public authorities
Entities or authorities where required by legal obligations.
Personal data will not be disclosed.
7. INTERACTION WITH SOCIAL NETWORKS AND EXTERNAL PLATFORMS
The website contains links to social network platforms such as:
- YouTube
These links redirect users to external platforms acting as independent Data Controllers.
8. DATA SUBJECT RIGHTS AND RIGHT TO LODGE A COMPLAINT WITH THE SUPERVISORY AUTHORITY
The Data Subject may, at any time, by sending a communication to the Data Controller using the contact details provided above, exercise the right:
- to withdraw consent;
- to access personal data;
- to rectify personal data;
- to erase (so-called “right to be forgotten”) personal data;
- to restrict the processing of personal data;
- to object to the processing of personal data;
- to data portability;
- to lodge a complaint with the Italian Data Protection Authority and/or another competent supervisory authority, should they consider that their rights have been violated by the Data Controller and/or a third party.
The Data Subject may, at any time, by sending a communication to the Data Controller at the email address: privacy@ifacspa.it and/or to the DPO at: dpo@ifacspa.it, exercise the right:
- to withdraw consent, where provided;
- to access personal data;
- to rectify personal data;
- to erase (so-called “right to be forgotten”) personal data;
- to restrict the processing of personal data;
- to object to the processing of personal data, including for purposes related to receiving promotional communications;
- to object to processing carried out by automated means, including profiling, such as those related to virtual assistance;
- to data portability;
- to lodge a complaint with the Italian Data Protection Authority (GPDP) and/or another competent supervisory authority, should they consider that their rights have been violated by the Data Controller and/or a third party.
9. METHODS FOR EXERCISING RIGHTS
Email: privacy@ifacspa.it
PEC: ifacspa@pec.it
IFAC S.p.A. - Via Achille Tamburrino s.n.c. - 70021 Acquaviva delle Fonti (BA)
Last updated on (13/03/2026)