Privacy Policy

This notice describes the methods and purposes for managing the personal data of visitors, as well as the practices for processing data transmitted to the Data Controller through this website, in compliance with the provisions of the European General Data Protection Regulation (hereinafter GDPR).

The information contained in this document pertains exclusively to the content of this website (https://car-gen.it/) and not to other websites linked or visited via links from this site, for which it is recommended to review the privacy notices provided by their respective Data Controllers.

1. Data Controller

The Data Controller is:
Carpenterie Generali Srls
Via delle Industrie, 103
36050 Cartigliano (VI), Italy

VAT No.: 04122810247

Phone: +39 0424 829493
Fax: +39 0424 829980

Corporate email:
car.gen2018@gmail.com

Administrative email:
amministrazione.cargen@gmail.com

Certified email (PEC):
carpenteriegeneralisrls@pec.it

2. Nature of the Data Processed

The Data Controller collects and processes personal data provided by website visitors through the completion of contact forms or via unsolicited emails sent to the addresses listed on the site.

3. Purpose and Legal Basis of Processing

The data mentioned in the previous section are processed for purposes strictly connected to and necessary for managing contact or information requests. Providing data for this purpose is optional; however, failure to consent will prevent the requested information from being provided.

The legal basis for processing is the execution of the requested service.

All provided or collected data may be used to ascertain liability in the event of computer crimes against the website or related websites. In this case, the legal basis for processing is the Data Controller’s legitimate interest.

4. Data Communication, Transfer, and Disclosure

To achieve the purposes outlined above, the Data Controller may share and process collected personal data with its employees and third parties with whom the Data Controller has entered into service contracts (e.g., hosting companies, web development agencies, IT maintenance providers). If data is shared with third parties (domestic or foreign), the Data Controller will contractually impose protection and security obligations equivalent to those guaranteed by the Data Controller itself, in line with GDPR requirements.

Personal data may also be shared, without explicit authorization from the data subject, with public entities and authorities to fulfill legal obligations or to ascertain liability in cases of computer crimes against the website.

The data will not be disseminated.

5. Retention Period

Collected data will be retained for 12 months from the last contact necessary to achieve the purposes for which they are processed, without prejudice to the rights of the data subject (see the following section) and the need to comply with legal obligations.

At the end of the retention period, personal data will be deleted, destroyed, or anonymized.

6. Rights of the Data Subject

The data subject has the right to:

• Access their personal data;
• Know the recipients to whom the data may or have been disclosed;
• Obtain the correction of inaccurate personal data;
• Obtain, in certain cases, the deletion of their data;
• Object to the processing or obtain restrictions on processing, where applicable;
• Withdraw consent to processing at any time.

The data subject also has the right to lodge a complaint with the Data Protection Authority (www.garanteprivacy.it).

7. Contact Information

To exercise the aforementioned rights or for any other communication, please contact the Data Controller directly using the details provided in Section 1.