Personal Data Processing Notice –

Informational document pursuant to Article 13, Regulation (EU) 2016/679 (GDPR)

Pursuant to Regulation (EU) 2016/679 (hereinafter “GDPR”), this page describes how personal data are processed. This information is provided pursuant to Art. 13 of the GDPR. This information does not apply to other third-party websites that may be accessible via links on this website, for which no liability is accepted.

Personal data: any information relating to an identified, or identifiable, natural person (the “Data Subject”). An identifiable natural person is a person who can be identified, directly or indirectly by reference of an identifier such as: a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (recitals 26, 27, 30 GDPR).

The computer systems and software procedures that operate this website acquire some personal data during normal use, which is transmitted using Internet communication protocols.
This data category includes IP addresses or the domain names of the computers and the terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user's operating system and computer environment.

If messages are sent voluntarily to the contact addresses indicated on this website and/or the provision of data on forms, the sender’s email address will then be stored together with any other personal data in the email, in order to reply to the request or query.

With regard to the processing of personal data by the operators of the social media platforms used by the Data Controller, please refer to the information provided by them in their respective privacy policies. The Data Controller processes the personal data provided by users through the pages of social media platforms in order to manage interactions with users (comments, public posts, etc.) and in compliance with current laws.

Specific policies may be referred to on the pages of the website with respect to particular services or processing of the data provided.

Cookies and other tracking systems. What are they? What are they for? For cookies and other tracking systems see the cookie policy in the footer of the website and at the following link.

The Data Controller is Vismaravetro Srl, with registered office in via Furlanelli 29, 20843 Verano Brianz (MB), in the person of its pro-tempore Legal Representative, who may be contacted for any information by telephone +39 0362992244 or e-mail

The data required for the use of the web services are also processed for the purpose of:
  1. Gathering statistical information on the use of the services (most visited pages, number of visitors per time slot or per day, geographical areas of origin, etc.).
  2. Monitoring the proper operation of the services offered.
Processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject which require protection of personal data, having regard to the reasonable expectations of the Data Subject and the activities Browsing data are stored for the duration of the browsing session. The provision of data is necessary for browsing the website.
strictly necessary for the operation of the website and the browsing thereof (Art. 6, para. 1, lett. f and recital 47 of the GDPR).
A1) Use of cookies and similar technologies.
See the cookie policy in the footer of the website
For necessary non-technical cookies and similar technologies, processing is based on consent to the processing of personal data (Art. 6, para. 1, lett. a and recitals 42 and 43 of the GDPR).
Consent is given through the website's banner and cookie policy
See the cookie policy in the footer of the website See the cookie policy in the footer of the website
for sending commercial communications after subscribing to the newsletter, by automated means (email).
The data will be entered in the company’s CRM software. The Data Controller makes use of newsletter and promotional communication sending systems and their reports in order to compare the results of its communication efforts and, where necessary, improve them. Reports enable the Data Controller to know, for example: the number of readers, openers and unique clickers; the devices and operating systems used to read the communication; details on the activities of individual users; details about sent emails, delivered and non-delivered emails, and forwarded emails. The data are used to compare and where necessary, improve the results of our communication efforts.
The processing is based on consent to the processing of personal data (recitals 42 and 43)
Art. 6, para. 1, lett. a of the GDPR
Until consent is withdrawn (or opt-out) Provision is optional.
Failure to provide the necessary data will result in the impossibility of receiving direct marketing communications
C) CONTACT/INFORMATION REQUEST AREA- about products, service, contacts, sales network, spare parts, suggestions, catalogue receipt Processing is necessary for the performance of pre-contractual measures taken at the request of the Data Subject (Art. 6, para. 1, lett. b and recital 44 of the GDPR). 1 year Required. The data must be provided in order to be able to satisfy the Data Subject’s request
D) HANDLING OF YOUR REQUESTS and requests from other data subjects, pursuant to Art. 15 and following of the GDPR (rights of the Data Subject) Processing is necessary for compliance with a legal obligation the Controller is subject to (recital 45) Art. 6, para. 1, lett. c of the GDPR 5 years from the closure of the request, except for litigation The provision of personal data is mandatory, as it is indispensable in order to be able to fulfil legal obligations.
E) PERSONAL AREA, for access processing is necessary for the performance of a contract the Data Subject is a party to or for the accomplishment of pre-contractual measures taken at the Data Subject's request (recital 44) Art. 6, para. 1, lett. b of the GDPR Until the termination of the contract and the time necessary to disable the credentials Provision is necessary.
Failure to provide the necessary data will make it impossible to access the personal area


Personal data will be disclosed, including on the basis of the purposes envisaged in specific areas, to parties who will process the data as autonomous Data Controllers or Data Processors (Art. 28 of the GDPR) and processed by natural persons (Art. 29 of the GDPR) acting under the authority of the Data Controller and Data Processors on the basis of specific instructions given regarding the purposes and methods of processing, for specific purposes on the basis of the area of reference. The data will be disclosed to recipients belonging to the following categories: - parties that provide services for the management of the Vismaravetro Srl information system and communication networks (including email); - for administrative-accounting purposes, data may be sent to commercial information companies for the assessment of solvency and payment habits and/or to parties for debt collection purposes; - for newsletters/direct marketing, subject to consent, to parties for the management of direct marketing; - competent authorities for the fulfilment of legal obligations and/or provisions of public bodies, upon request
The list of Data Processors is available by writing to or to the other addresses specified above.


Personal data will not be transferred to countries outside the EEA. Where consent has been given for marketing activities/ release of certain categories of cookies, transfer outside the European Union may occur. In such case, the data will be transferred in compliance with Article 44 and following of EU Regulation 2016/679. For information on the guarantees inherent in the transfer of data outside the EEA write to

Data subject rights

Personal data will be subject to traditional manual, electronic and automated processing. Note that there are no fully automated decision-making processes.

You may assert your rights as expressed in Art. 15 and following of the GDPR by contacting the Data Controller at or at the above contacts. You have the right at any time to ask for access to your personal data (Art. 15), as well as to rectify (Art. 16), erase (Art. 17), and restrict the processing of your data (Art. 18). The Data Controller shall notify (Art. 19) each recipient to whom personal data has been disclosed of any amendment or deletion of personal data or restriction of processing carried out. The Controller shall notify the Data Subject about these recipients if the Data Subject requests it. Where relevant, you have the right to the portability of your data (Art. 20), and in such case they will be provided to you in a structured, commonly used and machine-readable format. You have the right to object (Art. 21) at any time to the processing of your data based on a legitimate interest, and in cases where the legal basis is consent, you have the right to withdraw the consent given without prejudice to the lawfulness of the processing based on the consent given before withdrawal.
If you wish to stop receiving automated direct marketing communications (email), please send an email to with the subject line “Unsubscribe from automated processing” or use our automatic unsubscribe systems provided for emails only (opt-out).
Data Subjects who consider that the processing of personal data by the Controller is in breach of the provisions of Regulation (EU) 2016/679 have the right to lodge a complaint with the Supervisory Authority, specifically in the Member State where they normally reside or work or in the place where the alleged breach of the Regulation occurred (Privacy Authority, or to take appropriate legal action.

The Data Controller reserves the right to change, update or remove parts of this privacy policy. In order to facilitate verification and modification of the text, the policy will specify the date of the update.
Date of update: 18 November 2022

Data Controller