Privacy Policy

PRIVACY POLICY DISCLAIMER – according the European Law n. 2016/679 (GDPR)

Esine, May 24th 2018

T.M. SRL Torrefazione dei f.lli morandini & C., with registered office at (25040) Esine (BS), Via Ruc, n. 1/C, registered in the Companies’ Register of Brescia R.E.A. n. BS – 333145, Fiscal Code and VAT no. 01992780989, in person its legal representative, Pietro Morandini, as data controller (hereinafter, the Data Controller), informs, pursuant to art. 13 Regulation EU n. 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, the GDPR) that your data will be processed as indicated below.


  1. Object of the processing

1.1     We deal with your personal, identifying and non-sensitive data (name, surname, address, company name, registered office, fiscal code, VAT number, company registration, email address, telephone number) in case of

– your access to our premises;

– your request information by our website;

– signature of agreements;

– professional contacts.


  1. Purpose of the processing

2.1       Your Personal Data are processed by us for the following purposes:

– control of access to our premises;

– formulation of responses to requests information by website;

– signature of agreements;

– introduction of professional contacts.


2.2       Your Personal Data are mandatory for the purposes referred to in article 2.1 of this policy. Therefore, in the event of your refusal to provide your Personal Data, we may not proceed with your access to our premises or our formulation of responses to your requests for information by our website or the signature of agreements or the introduction of business relations.


  1. Methods of processing

3.1       Personal data processing means any operation or set of operations, performed with or without the use of automated processes, mentioned in article 4, no. 2) GDPR, that is collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction. Your Personal Data are subjected to paper and electronic processing.


3.2       We will process your Personal Data for the time necessary to fulfill the purposes referred to in Article 2 of this policy and, in any case, for 10 years. After this deadline, your Personal Data will be destroyed or made anonymous.


  1. Access to data

4.1       Your Personal Data may be made accessible to our employees and collaborators, in their quality of authorised to process your Personal Data and/or internal processors and/or system administrators, or to third parties, that act on our behalf, in their quality of external processors.


  1. Communication of data

5.1       Without the need for your express consent pursuant to article 6, lett. b) and c) GDPR, we may communicate your Personal Data to those subjects, to whom the communication is mandatory pursuant to the law (for example, Judicial Authorities). These subjects will process your Personal Data in their capacity as independent data controllers. Except for the aforementioned obligations, your Personal Data will not be disclosed to third parties distinguished by us or by the subjects, to whom access is authorised pursuant to article 4 of this information.


  1. Rights of Users

6.1       We guarantee you the following rights,

a) the right to obtain a confirmation of the existence of your Personal Data, even if not yet recorded, and their communication in an intelligible form;

b) the right to obtain the indication of i) the origin of your Personal Data; ii) the purposes and methods of the processing; iii) the logic applied in case of treatment carried out with the aid of electronic instruments; iv) the identifying details of the Data Controller, the processors and the eventual representative designated according to article 3, paragraph 1, GDPR; v) the subjects or categories of subjects to whom your Personal Data may be communicated or who can learn about them as appointed representatives in the territory of the State, managers or agents;

c) the right to obtain i) the updating, rectification or, when interested, the integration of your Personal Data; ii) the cancellation, transformation into anonymous form or blocking of your Personal Data processed in violation of the law, including those whose retention is unnecessary for the purposes for which your Personal Data have been collected or subsequently processed; iii) the attestation that the operations referred to in letters i) and ii) have been brought to the attention, also with regard to their content, of those to whom your Personal Data have been communicated or disseminated, except in the case in which such fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right;

d) the right to object, in whole or in part, i) for legitimate reasons to the processing of your Personal Data, even if pertinent to the purpose of collection; ii) to the processing of your Personal Data for the purpose of email advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by email and/or through traditional marketing methods by telephone and/or mail. The right of opposition for the purposes of direct marketing is allowed both in the case of use of automated methods and paper and remains in any case its possibility to exercise the right of opposition even in part. Therefore, you may decide to receive only communications using traditional methods or only automated communications or none of the two types of communication.


6.2       According to the GDPR you may exercise the right of rectification, the right to be forgotten, the limitation of treatment, the portability of your Personal Data as well as the right to complain to the Privacy Authority.


  1. How to exercise rights

7.1       In order to exercise your rights, you can send a communication at any time by registered mail to T.M. SRL Torrefazione dei F.lli Morandini & C., Via Ruc, n. 1/C, (25040) Esine (BS) or by PEC email to


  1. Data Controller and Processor

8.1       The Data Controller is T.M. SRL Torrefazione dei F.lli Morandini & C., Via Ruc, n. 1/C, (25040) Esine (BS). The updated list of data processors is available at the registered office of the Data Controller.


  1. Data transfer

9.1       The management and storage of your Personal Data will be carried out on our servers located within the European Union and/or on servers of other companies duly appointed as data processors. Currently, our servers are located in the European Union. Your Personal Data will not be transferred to outside the European Union. In any case, it is understood that, if necessary, we will have the right to move our server in Italy and/or in the European Union and/or in non-EU countries. In this case, we ensure that the transfer of your Personal Sata to non-EU countries will take place in accordance with the provisions of the GDPR.

  1. Changes to this Policy

10.1     This policy may change. It is your responsibility to regularly check for any updates.