Privacy Policy

In compliance with the obligations arising from the national ((It.)Legislative Decree 196/2003 as subsequently amended and supplemented by (It.) Legislative Decree 101/2018)) and EU legislation (European Regulation 2016/679, GDPR), relating to the protection of individuals with regard to the processing of personal data, in accordance with the principle of fairness, lawfulness and transparency, we provide you with the following information, in order to illustrate the characteristics and methods of processing of the personal data provided when consulting the website
This website respects and protects the privacy of its visitors, making every possible and proportionate effort not to harm their rights.
This privacy policy must be considered applicable solely to the online activities of this website.
This website also includes plugins and/or icons for social networks, in order to facilitate content sharing (Facebook - YouTube). The collection and use of information obtained through the plugins is in any case governed by the respective privacy policies of the social networks; please refer to them.

1. Identity and contact details of the Data Controller
The Controller of the data collected is Fraccaroli & Balzan S.p.a. (hereinafter “Controller”) in the person of the C.E.O. and legal representative, with registered and operational headquarters in Pescantina (VR) Via Ospedaletto no.113 (Tax Code and VAT No. 01288680232).
The Data Controller can be contacted directly by sending an e-mail to the following e-mail address: [] or by sending a registered letter to the address 37026 Pescantina (VR), Via Ospedaletto no. 113.
The Data Controller has not appointed a Data Protection Officer (DPO).

2. Type of data collected, legal basis and purpose of processing
We inform you that when you consult the website the Controller, on the consensus obtained from the data subject pursuant to art. 6 letter a) of the GDPR, lawfully collects and processes the following types of data.

  1. Data collected automatically, such as:
    • Usage Data. Like all websites, this website also uses log files in which the information collected, in an automated manner, during user visits, is stored, such as, for example, internet protocol (IP) address, browser type and device parameters used to connect to the website, name of the internet service provider (ISP), date and time of visit, the website from which the visitor arrives at our website and exits therefrom, country of origin. We would like inform you that these data, collected exclusively in an aggregated and anonymous form, are not collected for the purpose of being associated with identified data subjects, but for the purpose of verifying the proper functioning of the website and for security purposes (spam filters, firewalls, virus detection); however, by their very nature, they could, through treatment and association with data held by third parties, allow users to be identified. This category includes IP addresses, URL addresses and other parameters relating to the operating system and IT environment of the user, which could be used, also based on the legitimate interests of the owner (pursuant to art. 6 letter f) and in compliance with the laws in force on the matter, in order to block attempts to damage the website itself or to cause damage to other users, or however harmful activities.
    • Cookies. Full details on this category of data collected are provided in the dedicated “cookies policy” section, which can be consulted through a specific information notice that can be viewed before the data are collected for which the consent of the website visitor/user is required to continue browsing.
  2. Data provided voluntarily by the visitor/user to use the services offered by the website and communicated to the Data Controller through:
    • the optional and voluntary sending of e-mail messages to the e-mail address In this way the Data Controller collects personal data such as name, surname, address of the sender and any other personal data. In this case the personal identification and information data collected are used to fulfil the request that forms the object of the communication. The data thus collected will be processed and stored, subject to withdrawal of consent, for the period strictly necessary to fulfil the indicated purpose;
    • filling in the form in the “contacts” section of the website. In this way the Controller collects personal data, such as company name, name, surname, telephone number, e-mail address of the sender, as well as any other personal data, the latter if communicated by means of the “message” box which can be freely completed by the user.
      In this case, the processing will take place for the purpose of being able to contact you again via the references left and to process any requests contained in the message sent. The provision of data is optional; however, the refusal to provide the data will make it impossible to obtain the service requested. The data collected will be processed and stored, subject to withdrawal of consent, for the period necessary to fulfil the indicated purpose;
    • the optional completion of the “Sign up for Newsletter” form on the website’s homepage. In this way the Data Controller collects personal data, such as name, surname, and address of the sender.
      In this case, the personal identification data collected are used to fulfil the request to send the newsletter and related registration in the mailing list, concerning informational messages and commercial and promotional communications relating to the activity carried out by the Controller. The provision of data is optional; however the refusal to provide the data will make it impossible to obtain the newsletter service. The data thus collected will be processed and stored, subject to withdrawal of consent, for the time necessary to achieve the indicated purpose.

3. Withdrawal of consent
In cases where the processing of personal data is based on consent pursuant to art. 6 letter a), as better specified in the previous point, we would like to inform you of the possibility to withdraw the consent previously given at any time. However, exercising the right of withdrawal will not affect the lawfulness of the processing based on consent given prior to withdrawal.

4. Accuracy
The Controller will keep the data provided up to date and will take all reasonable measures to promptly erase and/or correct inaccurate data with respect to the purpose of processing specified in the previous point.

5. Processing methods. Storage limitation
Personal data collected by the Data Controller for the specific, explicit and legitimate purposes specified in this information notice are processed lawfully, fairly and transparently and in accordance with these purposes.
The data thus collected are stored in paper and/or electronic form which allows identification of the data subjects for a period of time not exceeding achievement of the purposes for which they are processed, as better described in point 2 of this information notice. Personal data may be stored for longer periods if this is necessary to comply with legal obligations, including tax obligations, incumbent on the Controller and in this case the processing of data will be lawful pursuant to art. 6 letter c) of the GDPR.

6. Integrity and confidentiality
The Data Controller adopts all the appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of the personal data collected and in compliance with the provisions contained in art. 22 of the GDPR.

7. Categories of persons to whom the data may be disclosed
We would like to inform you that your personal data will not be disclosed or transferred or sold to third parties, but may be disclosed, to the extent that this is strictly necessary to achieve the purposes of processing indicated in this information notice:

  • to subjects in the company specifically authorised by the Data Controller in writing, who will, under the latter's responsibility, act as persons tasked with processing pursuant to art. 29 GDPR and as such declaring, under their own responsibility, to be aware of the current privacy legislation and, however, to scrupulously comply with the orders given by the Data Controller;
  • to external subjects who provide services for management of the IT system and of the communication networks, including e-mail and websites. Individuals belonging to these categories may act as external Data Processors pursuant to art. 28 of the GDPR, or act in total autonomy as distinct data controllers. You may request the list of Data Processors by sending an email to :[]
  • to subjects that can access the data by virtue of regulations or legal provisions, always within the limits set thereby.

8. Transfer of data outside the EU.
We would like to inform you that your personal data will not be transferred outside the European Union.
On the contrary, this transfer will take place, in compliance with the general principle of lawfulness of the transfer, in accordance with the provisions of Chapter V of Regulation EU 2016/679, in such a way as to ensure an adequate level of protection of the personal data, based on a decision of adequacy according to the provisions of art. 45 of Regulation EU 2016/679 or, however, to a third country or an international organisation that has provided adequate guarantees, in accordance with the provisions of articles 46 and 47 of the GDPR, or, failing that, pursuant to art. 49 letter b) Regulation EU 2016/679 where the transfer is necessary to perform a contract between the data subject and the controller or the implementation of pre-contractual measures taken at the data subject’s request and/or pursuant to art. 49 letter c) of Regulation EU 2016/679 where the transfer is necessary for the conclusion or performance of a contract stipulated in the interest of the data subject between the controller and another natural or legal person.

9. Automated decision-making processes - profiling
Your personal data shall not be subject to any fully automated decision-making process, or to profiling.

10. Rights of the data subject
Among the rights recognised by the current legislation, we would like to remind you of the following:

  • the right to request access to your personal data and to the information relating thereto from the Controller; the correction of inaccurate data or the supplementation of incomplete data; the erasure of personal data (upon the occurrence of one of the conditions indicated in art. 17, paragraph 1 of the GDPR and in compliance with the exceptions provided in paragraph 3 of the same article); the limitation of the processing of personal data (in the event of one of the hypotheses indicated in art. 18, paragraph 1 of the GDPR);
  • the right to request and obtain from the Data Controller - in cases where the legal basis of the processing is the contract or consent, and said processing is carried out by automated means - your personal data in a structured and machine-readable format, also for the purpose of communicating such data to another data controller (so-called right to the portability of personal data);
  • the right to object at any time to the processing of your personal data in special situations that concern you;
  • the right to withdraw consent at any time, limited to cases where the processing is based on your consent for one or more specific purposes and concerns common personal data (for example, date and place of birth or place of residence), or specific categories of data (for example, data revealing your racial origin, your political opinions, your religious beliefs, your health or sexual life). The processing based on consent and carried out prior to withdrawal of said consent shall, however, maintain its lawfulness;
  • the right to lodge a complaint with a supervisory authority (Italian Data Protection Authority).

11. How to exercise the rights
To exercise the aforementioned rights, the data subjects may address a request to the Data Controller at the following addresses:
- by e-mail, at: []
- or by regular mail, at the address: 37026 Pescantina (VR), Via Ospedaletto no. 113.
A form is available on the website of the Data Protection Authority that may be used to exercise the aforementioned rights.