Privacy Policy

Your privacy is our priority. Therefore, in accordance with the principles of transparency and
fairness in data processing, and with reference to Article 13 of the EU Regulation 2016/679
(General Data Protection Regulation) and the current Privacy Code, we consider it important to
inform you about the methods and purposes for which your data will be processed.

About us and our commitment to privacy:

The data controller for your information is Mr. Daniele Raddavero, legal representative of the
company Drigging s.r.l., located at Piazza della Vittoria, 15/23, Genoa. You can contact him by
emailing daniele@drigging.com.

We wish to confirm our commitment to the protection of the privacy of personal data for all parties
concerned. We safeguard such information from any risk of violation, destruction, loss, or
unauthorized use. Data will be processed manually, electronically, and computationally, respecting
the principles of lawfulness, fairness, and transparency.

Information processed and their modes of use:

In the event of establishing a collaborative relationship, the company will need to process the
following personal data:

  • Personal identification data (residential or domicile address, telephone number, email
    address, company name, VAT number, tax code);
  • Telematic traffic and connection data (origin IP addresses, logs, cookies, etc.);
  • Banking and/or payment data (IBAN, credit card);
  • Data related to profiling preferences, choices, and habits.

The processing of your personal data is carried out through the following operations: collection,
recording, organization, storage, adaptation or modification, use, communication, extraction,
interconnection, deletion, and destruction. These operations are conducted in compliance with the
current regulations on data protection and in full respect of your privacy and rights.

If the individual providing the data is under the age of 18, the processing of the data will be
legitimate only if consent is provided or authorized by at least one of the parents or legal
guardians, who must possess identity documents and authorize the processing of the data.

Purposes of personal data processing:

Providing your personal data is essential for us, and failure to communicate them may result in the
impossibility of providing the requested services.
The purposes for which data processing is necessary, and for some of which your explicit consent
is required, include:

C1: compliance with laws related to civil, fiscal, and accounting regulations;
C2: administrative management of the relationship;
C3: fulfillment of contractual obligations;
C4: technical support for purchased products and/or services;
C5: post-sales assistance;
C6: commercial purposes and direct and indirect marketing (subject to your consent).

Recipients of personal data:

As previously mentioned, we may need to share some of your information with third parties, duly
appointed and authorized by the data controller, to perform operations related to our relationship,
whether occasional or ongoing.

These parties include:

  • Public Authorities;
  • Entities that provide technical or organizational services on behalf of the company;
  • Firms, consultants, and companies that provide accounting, legal, and financial assistance
    or consultancy;
  • Entities that manage IT technical services on behalf of the company;
  • Other authorized parties.

These parties will process the data as data processors on behalf of the company. To receive an
updated list of data processors, you can request it via email at the previously indicated address.
Additionally, data may be transferred outside the EU; in such cases, more information about
tracking can be obtained by making an explicit request.

Protection and retention of your data:

Our data retention policy aims to ensure a high level of security against any form of unauthorized
access and to retain data only for the time necessary to achieve the specified purposes, except in
cases of extraordinary need for the defense of company rights.

How your data is processed:

The data processed for purposes C1, C2, C3, and C6 will be retained for the necessary time, not
exceeding 10 years.

The data processed for purposes C4 and C5 will be retained until the consent for each specific
purpose is revoked.

Regarding protection, we adopt technical and administrative measures to reduce the risk of loss,
misuse, unauthorized access, disclosure, and manipulation of data. Our security systems include
firewalls, antivirus software, backups, data encryption, physical access controls to our data
centers, and procedures for authorizing access to personal data.

Rights of the data subject:

Right of access: you can request to know which of your personal data is being stored. Upon
request, a copy will be provided in a commonly used, transparent, and easily accessible format.

Right of rectification: you have the right to request the update or correction of your personal data if
necessary.

Right to object: You can object to the processing of your personal data.

Right to withdraw consent: you can withdraw your consent at any time, delete, or limit the use of
your personal data, being aware that such actions may have consequences on access to some of
our services, according to the applicable regulations.

Right to file a complaint with the competent data protection authority or to take legal action.

You can exercise your rights at any time by making a request to the contact of the Data Controller
previously indicated. Requests will be handled as promptly as possible.