_ _ _ _ _ _  

Privacy Notice pursuant to Articles 13–14 of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) 

NETPAUL Paolo Patelli, VAT Number 02583110024, Data Controller, informs you that your data will be processed in the manner and for the purposes indicated below.

The Data Controller undertakes to protect the privacy and confidentiality of Personal Data in compliance with the principles of fairness, lawfulness, transparency, and the protection of your rights.

1) Types of Personal Data Processed

We process personal data provided by you (such as name, email, company name, telephone number, etc.) when submitting spontaneous requests, as well as data that are automatically collected by the website.

  • Personal Data Provided by You: personal, identifying, and non‑sensitive data provided by you when making requests via email, through the contact form, or by telephone regarding our products/services.
  • Personal Data Collected Automatically: anonymous data collected through the use of cookies or similar technologies: for further information, please refer to the Cookie Policy below.

Please Note: users under the age of 16 are not permitted to provide any personal data without the consent of their parents or legal guardians.

 

2) Purposes and Legal Bases of Processing 

We will process your personal data:

A)to fulfill our contractual obligations; to provide a response to your requests for information; to prepare a quotation you have requested; to execute contracts for the sale of products or for the provision of services; to ensure the necessary assistance regarding the products and services purchased.

B)to carry out aggregated statistical analyses on an anonymous basis in order to improve our services;

C)for administrative purposes and for the fulfillment of legal obligations, such as accounting and tax requirements, or to comply with requests from judicial authorities.

D)in the case of submitting a curriculum vitae, solely for recruitment purposes.

 

3) Is the Provision of Data Mandatory? 

Providing your personal data is always optional; however, failure to provide such data may make it impossible to carry out certain processing activities, such as those strictly related to the performance of a contract or the provision of the services you have requested.

4) Place, Methods of Processing, and Retention Periods 

The processing of your personal data is carried out by means of the operations indicated in Article 4 of the Privacy Code and Article 4(2) of the GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking,
communication, erasure, and destruction of data.

Your personal data are stored at the Data Controller’s premises and are processed both in paper form and by electronic and/or automated means, according to logics strictly related to the purposes indicated and, in any case, in such a way as to ensure the security and confidentiality of the data. The data you provide are not stored within our website.

The Data Controller will process personal data for the time necessary to fulfill the purposes indicated above and, in any case, for no longer than 10 years after the termination of the relationship for the purposes referred to in point C, and for no longer than 38 months from the collection of the data for the purposes referred to in point B.

5) Access to Data

Your data may be made accessible for the purposes indicated in point 2:

  • to employees and collaborators of the Data Controller, in their capacity as persons in charge and/or internal data processors and/or system administrators;
  • to third-party companies or other entities (such as website providers, cloud providers, e-payment service providers, suppliers, hardware and software support technicians, shippers and carriers, credit institutions, professional firms, etc.) that carry out outsourcing activities on behalf of the Data Controller, in their capacity as data processors.

 

6) Data Transfer

Data will not be disclosed, sold, or exchanged with parties other than the Data Controller, the appointed processors, and the authorized persons without your explicit and express consent.

7) Your Rights

You have the right to know which of your personal data are being processed. In particular, you are granted the right of access, rectification, erasure, as well as the right to data portability, the right to restriction of processing, and the right to object to processing, where applicable.

Below we provide a brief description of the rights granted to you in relation to the processing of your personal data.

  • The right of access it allows you to obtain confirmation as to whether or not your personal data are being processed by the Data Controller and, if so, to access such data and the information related thereto.
  • The right to rectification it allows you to obtain the rectification of inaccurate personal data concerning you without undue delay and, taking into account the purposes of the processing, to obtain the completion of incomplete personal data.
  • The right to erasure it allows you to obtain the erasure of personal data concerning you without undue delay (for example, when your personal data are no longer necessary in relation to the purposes for which they were collected), subject to the exceptions provided for by applicable law (for example, when the retention of your data is necessary to comply with legal obligations applicable to the Data Controller). Erasure will be carried out within the technical timeframes provided.
  • The right to data portability it allows you, in certain circumstances provided for by applicable law, to receive the personal data concerning you that you have provided in a structured, commonly used, and machine‑readable format. You may transmit these data to another Data Controller, provided that such right can be recognized under applicable law and without prejudice to the rights and freedoms of others.
  • The right to restriction of processing it allows you, in certain circumstances provided for by applicable law, to obtain the restriction of the processing of your personal data. In such cases, the Data Controller may continue to process your data only in specific situations, for example for the exercise of the right of defense or to protect the rights of another natural or legal person.
  • The right to object to processing it allows you, in certain circumstances provided for by applicable law, to object to the processing of your personal data unless there are overriding legitimate grounds, rights, or freedoms that allow the Data Controller to continue the processing.

To obtain further information on the processing of your personal data or to exercise your rights, we invite you to contact us.

 

8) Changes to this Privacy Notice

This Privacy Notice may be subject to changes. We therefore recommend that you regularly review this Privacy Notice and refer to the most up‑to‑date version.

Last updated: November 2025

 

Back To Top