PRIVACY POLICY
Articles 13-14, EU Regulation 679/2016 (GDPR)
Western Engineering Srl (VAT IT02246100446), as the Data Controller under EU Regulation 679/2016 (hereinafter, “Controller”),
HEREBY INFORMS
users that personal data provided through various collection channels—directly or indirectly managed by the Controller or lawfully acquired from third parties—will be processed lawfully and fairly, in compliance with EU and Italian regulations.
Purposes and Methods of Processing
Data collection and subsequent processing are carried out by the Controller at its headquarters, in accordance with the security measures and requirements of the aforementioned regulation, or by delegated parties (duly selected and qualified). Processing occurs via manual and computerized procedures to:
– Fulfill specific requests from data subjects;
– Execute pre-contractual and contractual obligations;
– Conduct ordinary administrative, financial, and accounting activities;
– Ensure proper customer management during product marketing and sales;
– Provide after-sales support;
– Comply with legal obligations.
Processing may also include anonymized or pseudonymized statistical analysis.
Nature of Data Provision
The Controller processes personal details, addresses, contact information (including phone/email), and other essential data to fulfill requests or contractual commitments. Provision of such data is mandatory; refusal or withdrawal of consent will render processing impossible.
Inaccurate or incomplete data may result in partial or total inability to fulfill the data subject’s requests or contractual obligations, potentially leading to non-compliance with agreed terms or legal requirements.
Minor’s Data
Individuals under 18 years old may not provide data without parental or guardian consent. The Controller bears no responsibility for false declarations by minors. If falsity is detected, all personal data will be immediately deleted.
Disclosure and Dissemination
Processed data is **ordinary** (non-sensitive) and **not for public dissemination**. The Controller neither requests nor processes “special categories” of data (e.g., sensitive, judicial, genetic, biometric) unless legally obligated.
Data may be shared with third parties to comply with laws (e.g., institutions, law enforcement, judicial authorities) or for activities related to the established relationship, including but not limited to:
- Entities requiring access for contractual purposes (banks, financial intermediaries, payment processors, debt collectors, customer verification services, carriers, etc.);
- Technical service providers;
- Consultants, collaborators, or service companies, strictly for assigned tasks;
- Subsidiaries/affiliates, solely for purposes delegated by the Controller.
Data may be transferred to EU-based entities or countries ensuring GDPR-equivalent protection; Non-EU countries, if explicitly consented by the data subject.
In all cases, processing will adhere to the strictest applicable standards to ensure maximum data protection. Data may also be transferred for consideration to third parties, subject to express consent for purposes linked to the Controller’s activities.
Data Retentiont Period
Unless legally required, data is retained until the data subject requests erasure. Regular reviews (including automated checks) ensure accuracy and relevance. Data is deleted if its purpose expires, unless otherwise requested.
Data Subject Rights
Under Article 13 of EU/2016/679, data subjects may withdraw consent at any time; request rectification, updating, or anonymization; restrict (even partially) or object to processing; request data portability or erasure (where processing is not legally mandatory).Requests may be submitted to the Controller or via email: gdpr@westernengineering.it.
If dissatisfied with the response, data subjects may lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali): based in Piazza di Monte Citorio 121, Rome | www.garanteprivacy.it