Privacy Policy

Privacy pursuant to art. 13 of Legislative Decree N. 196/2003 (as amended by Legislative Decree 10
August 2018, N. 101) and Article 13 of EU Regulation no. 2016/679.
Pursuant to art. 13 of the legislative decree n. 196/2003, as amended by Legislative Decree 10
August 2018 N. 101 (hereinafter “Privacy Code”) and art. 13 of the EU Regulation n. 2016/679
(hereinafter, “GDPR”), which provide provisions for the protection of persons and other subjects
regarding the processing of personal data, we wish to inform you that the personal data you have
communicated to Chrysos S.p.A, as Data Controller, Via Albertoni, 10 – 36060 Romano d’Ezzelino
(Vicenza) – Italy – vat: 01917760249, due to the commercial relations and contractual agreements
between our companies, will be processed in compliance with the aforementioned law and the
related confidentiality obligations.

  1. Object of the treatment
    This information refers exclusively to the processing of personal data, identified and non-sensitive
    (by way of example but not limited to: name, surname, business name, telephone number, e-mail
    address (hereinafter only “Data”)) performed by Chrysos S.p.A in scope of its commercial and
    contractual relationships with customers and suppliers.
    Chrysos S.p.A will process the Data exclusively for the purposes and within the limits indicated in
    this communication.
  2. Purposes of data processing
    The data processing is finalized, for the fulfilments required by law, to the correct and complete
    execution of commercial and contractual relationships between.
    More specifically, your data are processed for the following service purposes:
     to allow contacts by Chrysos S.p.A for possible commercial agreements;
     to process a contact request for the aforementioned purposes;
     to send e-mails regarding the aforementioned commercial relationships and / or in any case
    concerning the respective social activities for the purposes of commercial agreements;
     to send e-mails and / or communications of changes of the data and/or of the references of
    Chrysos S.p.A
  3. Methods of data processing
    The processing can be executed with or without the aid of electronic or automated tools, in
    compliance with the provisions of art. 32 of the GDPR 2016/679 and Annex B of the Privacy Code
    (articles 33-36 of the Privacy Code) regarding security measures.
    The processing is carried out by the data controller and / or by the persons in charge of the
    processing, and in any case by persons specifically appointed and in compliance with the provisions
    of art. 29 GDPR 2016/679.
    Please note that, in compliance with the principles of lawfulness, purpose limitation and data
    minimization, pursuant to art. 5 GDPR 2016/679, subject to your free and explicit consent where
    required, your data will be kept for the period of time necessary to achieve the purposes are
    collected and processed.
  4. Provision of data
    It is specified that for data collected and used for needs related to the execution of activities /
    services / supplies inherent in a contractual relationship or to respond to direct requests by the
    interested party or compliance with legal obligations, consent is not required. Failure to communicate
    the above data will therefore entail the impossibility of proceeding with the contractual relationship.
    For the data collected and used for the legitimate interest of the Data Controller, your consent is not
    required (letter f article 6 GDPR).

The communication of personal data referred to above is optional, but strictly necessary for the
purposes of carrying out the activities referred to in point 2. Any refusal to provide data will make it
impossible to fulfill the activities referred to in point 2.

  1. Data communication
    We inform you that the data collected may be known to the persons in charge of processing and may
    be communicated for the purposes referred to in point 2 to external collaborators, persons operating
    in the judicial sector, counterparties and their lawyers, arbitration boards and, in general, to all those
    public and private subjects to whom communication is necessary for the correct fulfillment of the
    purposes indicated in point 2 and for the fulfillment of legal obligations.
  2. Data dissemination
    The data are not subject to disclosure or to undetermined communication without your explicit
    consent, outside the hypothesis referred to in the preceding paragraph.
  3. Data transfer abroad
    The management and storage of data will take place in Europe, on servers located in Europe of the
    Owner and / or third-party companies specifically appointed for this purpose and who will be
    appointed as Data Processors in this case.
    The data will not be transferred to non-EU countries.
  4. Rights of the interested party
    We inform you that, at any time, you can exercise, pursuant to art. 7 of the Privacy Code and articles
    from 15 to 22 of EU Regulation 2016/679, the exercise of specific rights, including:
     request confirmation of the existence of your data and their availability in an intelligible form;
     obtain information on the origin of the data, the categories of personal data, the purposes
    and methods of processing, the logic applied to processing, information on the holder and
    recipients to whom the data may be communicated and, when possible, the retention period;
     obtain the updating, rectification and integration of data, cancellation, limitation of
     obtain data portability, ie receive them from a data controller, in a structured format,
    commonly used and readable by automatic device, and transmit them to another data
    controller without impediments;
     oppose to the processing at any time, also in case of processing for both indirect and direct
    marketing purposes, market research and profiling, without prejudice to cases of mandatory
    processing of data expressly provided for by the applicable laws;
     oppose to an automated decision-making process concerning individuals, including profiling;
     file a complaint with a supervisory authority pursuant to art. 77 GDPR. For Italy, the
    competent authority is the Guarantor for the protection of personal data, reachable via the
    contact details shown on the website;
     revoke the consent at any time, without prejudice to the lawfulness of the processing of the
    consent given prior to the revocation, and without prejudice to the cases of obligatory
    processing of data expressly provided for by the laws in force.
    You can exercise your rights by sending a specific written request to the Data Controller Chrysos
    S.p.A. Requests will be processed without undue delay and, in any case, within one month of the
    application; only in case of particular complexity and in the number of requests can this term be
    extended by a further 2 (two) months.
  5. Data controller.
    Data controller is Chrysos S.p.A, Via Albertoni, 10 – 36060 Romano d’Ezzelino (Vicenza) – Italy – vat:
Scroll to Top
  • No products in the cart.