Who we are
Panini S.p.A. (hereinafter, "Panini" or the "Company") pays the utmost attention to the security and confidentiality of personal data of its customers in the conduct of its business.
What personal data about you may be collected
The following categories of personal data concerning you can be collected:
- Contact details - by way of example, your name, place and date of birth, social security number, address, telephone number, mobile number, and e-mail address.
- Interests - by way of example, information you provide us regarding your interests, including products that you are interested in.
- Other personal data - by way of example, information that you provide us regarding your date of birth, education or professional status.
How we collect your personal data
The Company collects and processes your personal data in the following circumstances:
- upon the conclusion of one or more contracts with the Company;
- registration on the website to use its features;
- if you contact us to request after-sales assistance;
- if affiliate companies to Panini (hereinafter, the "Group") and/or other companies and/or business partners legitimately transfer your personal data to us.
If you provide personal data on behalf of someone else, you must ensure that the parties concerned have read this Privacy Disclosure in advance.
Please help us keep your personal data up to date by informing us of any changes.
Purposes for which your personal data can be used
The processing of personal data must be legitimised by one of the legal requirements provided for by current legislation on the protection of personal data, as described below.
a) Establishment and execution of contractual relationships and subsequent obligations, including any communication relating to services (such as to start after-sales services).
The Company may process your contact data for the purpose of establishing and executing contractual relationships, providing services requested, and responding to reports and complaints. The Company may also use your contact details, and in particular your e-mail address, to provide you with information relating to the service.
Processing basis: fulfilment of contractual obligations.
The provision of data is mandatory to manage the contractual relationship. If it is not provided, we will not be able to proceed.
b) Operational management and strictly related purposes for access to the website.
The Company may process your contact information and website usage data to enable you to gain access to the Personal Area to follow up on requests made through the website.
Processing basis: fulfilment of contractual obligations.
The provision of data is mandatory to respond to your requests. If it is not provided, we will not be able to proceed.
c) Processing for marketing purposes relating to services/products similar to those requested by you.
The Company may process your contact data for marketing and advertising purposes to inform you about promotional initiatives. This is performed through the use of automated contact methods (e-mail, text messages and other mass messaging tools, etc.) and traditional methods of contact (for example, telephone call with operator) or for market research and statistical surveys related to services/products similar to those requested by you.
Processing basis: legitimate interest of the Company in maintaining an effective contractual relationship with you.
d) Processing for marketing purposes to meet your needs and provide you with promotional offers in line with your preferences.
The Company may process your contact data for marketing and advertising purposes to inform you about promotional initiatives. This is performed through the use of automated contact methods (e-mail, text messages and other mass messaging tools, etc.) and traditional methods of contact (for example, telephone call with operator) or for market research and statistical surveys related to services/products similar to those requested by you if you provide appropriate consent, and within the limits of that described in the relevant form.
The Company may also process contact data, interests and other personal data to send you commercial communications in line with your preferences and based on a specific customer profile if you give us additional consent, which remains within the limits of that described in the relevant form.
Processing basis: consent. Failure to provide consent does not have any consequences on contractual relationships.
Consent can be revoked at any time by writing to email@example.com.
e) Customer Satisfaction surveys.
The Company may use your contact data to conduct surveys to measure the customer satisfaction level of services provided.
Processing basis: consent (note: for the moment we consider it prudent to base this processing activity on consent, with the right to evaluate the "practicability" with you of using legitimate interest as a legal basis); Failure to provide consent does not have any consequences on contractual relationships.
Your consent can be revoked at any time by writing to firstname.lastname@example.org.
f) Compliance with legally binding requests to fulfil a legal obligation, comply with regulations and/or provisions of the Judicial Authority and/or Supervisory Authorities, and defend a right in a court of law.
The Company processes your contact details to fulfil legal obligations and/or to defend a legal right.
Processing basis: legal obligations with which the Company is obliged to comply.
How we keep your personal data safe
The Company uses a wide range of security measures in order to improve the protection and maintenance of the security, integrity and accessibility of your personal data.
All of your personal data are stored on our secure servers (or secure paper copies) or on those of our suppliers or business partners, and are accessible and usable according to our standards and security policies (or equivalent standards for our suppliers or business partners).
How long we retain your data
We keep your personal data only for the time necessary to achieve the purposes for which they were collected, or for any other legitimate related purpose. Therefore, if the personal data are processed for two different purposes, we will retain the data until the purpose with the longer term no longer applies; we will no longer process personal data for purposes whose retention period has ceased.
We limit access to your personal data solely to those who need to use them for relevant purposes.
Your personal data are irreversibly anonymised (and thus can be stored) or destroyed in a secure manner when they are no longer necessary, or if there is no longer a legal prerequisite for their retention.
The retention times in relation to the different purposes listed above are provided as follows:
a) Fulfilment of contractual obligations: data processed to fulfil any contractual obligation may be kept for the entire duration of the contract, and not longer than 10 years, in order to verify any outstanding amounts due, including accounting documents (e.g. invoices).
b) Operational management and closely related purposes for website access: data processed for this purpose may be kept for the entire duration of the contract, and no longer than 10 years.
c) Processing for marketing purposes relating to services/products similar to those requested by you: personal data processed for marketing purposes may be stored for 24 months from the date on which we obtained your last consent for this purpose (with the exception of any opposition to receive additional communications).
d) Processing for marketing purposes to meet your needs and provide you with promotional offers in line with your preferences (note: to be kept only if the relevant section has been inserted in the text of the final disclosure): personal data processed for marketing purposes may be kept for 24 months from the date we obtained your last consent for such purpose (with the exception of any opposition to receive additional communications); they will be kept for 12 months for marketing purposes.
e) Purpose of customer satisfaction surveys: data processed for this purpose may be kept for 24 months from the date on which we obtained your last consent (with the exception of any opposition to receive additional communications) (note: to be kept only if the relevant section has been inserted in the text of the final disclosure.
f) In the event of legally binding requests and/or disputes: in the event that it is necessary to defend ourselves, react, or make claims against you or third parties, we may retain the personal data that we deem to be reasonably necessary for such purposes, for the time being in which the action can be pursued.
With whom we can share your personal data
Your personal data may be accessed by duly authorised employees as well as external suppliers, as data processors, who provide support for the provision of services.
In carrying out a large part of its activity, the Company also uses external companies, professionals/consultants/technicians with whom it has entered into specific agreements, by way of example, for:
- performing data processing and transmission services or general computer services;
- executing the work necessary to follow instructions received from customers;
- performing installation, maintenance and updating interventions aimed at ensuring the optimal functioning of equipment, systems and procedures;
- conducting appraisal, auditing, certifications of financial statements, professional consulting and customer assistance activities;
- performing control, revision and certification activities;
- data storage and communication/documentation activities of relationships with customers, suppliers, employees, collaborators and other assignees;
- performance of customer assistance activities (call centre/help desk, etc.);
- determination of the degree of customer satisfaction;
- the organisation and management of promotional initiatives (including any bonus operations, competitions, etc.), aimed at customers or potential customers, activated upon their request.
Your personal data may also be accessed by other Group companies, where necessary for the fulfilment of legal and/or contractual obligations, or, subject to your consent (see letters (c) and (d), for marketing purposes, including their related products/services, as well as other companies for purposes related to IT infrastructure management (in particular, whose servers are located outside of the territory of the European Union), on the basis of specific contractual agreements.
Please contact us at email@example.com if you wish to ask to see the list of data processors and other subjects to whom we communicate data.
Your data protection rights and your right to submit a claim before the Control Authority
Under certain conditions, you have the right to ask us:
- to access your personal data,
- for a copy of the personal data that you have provided (portability),
- to correct the data in our possession,
- to erase any data for which we no longer have any legal basis for processing,
- to revoke your consent, if the processing activity is based on consent;
- to limit the way in which we process your personal data, within the limits provided for by the law on the protection of personal data.
Right of Opposition: For reasons due to your particular situation, you have the right to object at any time to the processing of your personal data by data controllers for the pursuit of their legitimate interests. The request must be sent to the following address: firstname.lastname@example.org.
The exercise of these rights is subject to some exceptions aimed at safeguarding the public interest (such as the prevention or identification of crimes) and our interests (such as the maintenance of professional secrecy). In the event that you exercise any of the aforementioned rights, it will be our responsibility to verify that you are entitled to exercise it; as a rule, we will reply within one month.
We will make every effort to respond to any concerns you may have regarding complaints or information regarding the processing of your data. If desired, you can send your complaints or reports to the authority responsible for data protection at the following: Guarantor for the protection of personal data - E-mail: email@example.com - Certified email: firstname.lastname@example.org.
When you use Panini web sites with a web browser, our web server may place one or more “cookies” on your machine. Cookies are small files which contain text that can be read by a web server in the domain that issued the cookie to you. That text often consists of a string of numbers and letters that uniquely identifies your computer, but may contain other information as well.
- Targeted Advertising. When we display online advertisements to you, we will place one or more persistent cookies on your device in order to recognize your device each time we display an ad to you. Because we serve advertisements on web sites of our advertising and publisher partners, we are able to compile information over time about the types of pages you visit on Panini and other sites, content and ads you, or others who are using your computer, visited or viewed. This information is used for many purposes, for example to help select and display targeted advertisements that we believe may be of interest to you.
Some of the cookies we commonly use are listed in the following chart. This list is not exhaustive, but it is intended to illustrate the reasons we typically set cookies. If you visit one of our web sites, the site may set some or all of the following cookies:
|SESS##############||Keeps track of a logged-in user’s session|
|__utma||Set by Google Analytics. See https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage for more information|
|__utmb||Set by Google Analytics. See https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage for more information|
|__utmc||Set by Google Analytics. See https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage for more information|
In addition to the cookies Panini may set when you visit our web sites, third parties may also set certain cookies on your device when you visit Panini sites. In some cases, that is because we have hired the third party to provide certain services on our behalf. Because your browser connects to third parties’ web servers to retrieve content, those third parties are able to set or read their own cookies on your device and may collect information about your online activities across websites or online services.
How to Control Cookies
- Browser Controls to Block Cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to block cookies. Instructions for blocking cookies are available at each browser’s privacy statement. Please be aware that if you choose to block cookies, you may not be able to sign in or use other interactive features of Panini sites and services that depend on cookies, and some advertising preferences that are dependent on cookies may not be able to be respected.
- Browser Controls to Delete Cookies. If you accept cookies, you can delete them later. Instructions for deleting cookies are available at each browser’s privacy statement. Please be aware that if you choose to delete cookies, any settings and preferences controlled by those cookies, including advertising preferences, will be deleted and may need to be recreated.
Use of Web Beacons
Panini web pages may contain electronic images known as web beacons - sometimes called single-pixel gifs – that may be used to help deliver cookies on our sites, let us count users who have visited those pages and deliver co-branded services. We may include web beacons in our promotional e-mail messages or newsletters to determine whether messages have been opened and acted upon.
Panini sites may also contain web beacons from third parties to help us compile aggregated statistics regarding the effectiveness of our promotional campaigns or other web site operations.