Política de privacidad
Data Controller of the user's personal data.
Galli Srl is the Data Controller of personal data transmitted and is therefore responsible for the processing of data provided in accordance with applicable data protection law.
Galli Srl
Registered Office: Cicognara (MN), Via Co' de Bruni Ponente, 12
Data storage location.
Data collected from data subjects are kept within the European Economic Area (EEA) and will not be transferred and processed in a country outside this area.
Those with access to personal data.
The data are utilised by personnel and collaborators of Galli Srl and also by partners who handle marketing and the website www.gallisrl.com.
Rights of the data subject
- Right of access: the data subject is entitled at any time to request information about his/her personal data in our possession. The data subject can contact Galli Srl, which will provide all relevant personal data by e-mail.
- Right of portability: whenever Galli Srl processes the data subject's personal data by automated means based on his/her consent, or based on an agreement, then the data subject is entitled to receive a copy of the transferred data in a structured and electronically readable format. This includes exclusively personal data which the data subject communicates to Galli Srl
- Right of rectification: the data subject is entitled to request the rectification of his/her personal data if they are incorrect. He/she may also ask for full data to be provided, if they are incomplete.
- Right of erasure: the data subject is entitled at any time to request the erasure of any personal data processed by Galli Srl, except in the following cases: i) the data subject has a contractual relationship with Galli Srl; ii) the data subject has an open debt with Galli Srl or is in dispute with it.
We will keep data subjects' personal data pertaining to past contracts, in conformity with applicable laws.
- Right of opposition based on legitimate interests: the data subject is entitled to object to data processing operations which are based on the legitimate interests of Galli Srl. Galli Srl will not continue to process the personal data unless it can show that a legitimate basis exists for the data processing in question, which prevails over the data subject's rights and interests, or for legal reasons.
- Right to oppose direct marketing: The data subject is entitled to object to direct marketing. Note, in this context, that the data subject can choose not to accept direct marketing communications by sending an email to info@gallisrl.com or by following the instructions attached to each marketing email communication.
- Right to limit data processing operations: the data subject is entitled to request Galli Srl to limit personal data processing operations in the following circumstances: i) if the data subject opposes Galli Srl data processing operations based on a legitimate interest, Galli Srl will limit all processing of such data until such time as the legitimate interest is verified; ii) if the data subject states that the personal data are incorrect, Galli Srl shall limit all processing of such data until the accuracy of such data is verified and the relevant changes put in place, as necessary; iii) if the data processing operations are unlawful, the data subject will be entitled to object to their erasure and, instead, ask to have their use restricted.
How data subjects can exercise their rights.
Galli Srl employs dedicated personnel to manage requests involving the rights of data subjects listed above. Galli Srl may be contacted for this purpose at: info@gallisrl.com
Right to file a complaint with a competent supervisory authority:
If the data subject considers that Galli Srl is processing personal data incorrectly, he/she may contact us at the email address above. The data subject is also entitled to file a complaint before a competent supervisory authority.
Updating our Privacy Policy:
It may be necessary to update our Privacy Policy. Users will be notified of any material changes to the Privacy Policy, e.g. concerning the scope of the personal data processing, the identity of the Data Controller or the rights of data subjects.