Print

Privacy Policy

Below we provide the information referred to in articles 13 and 14 to EU General Data Protection Regulation (GDPR) No 27 April 2016.679 (hereinafter, "Regulation”).

1. Data Controller

MAGER s.r.l.
Via Luigi Cavaglià, 27 – 10020 CAMBIANO (TO) – ITALIA
VAT: 05834610015
Certified e-mail address: This email address is being protected from spambots. You need JavaScript enabled to view it.
Phone: +39 011 944.19.74
E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it. - Web: www.mager-ab.it


2. Purpose and legal basis of the processing
Below are the purposes of the processing, the type of data being processed and the legal basis of reference:

Purposes Processing Scope Legal basis
Fulfilment of contractual or of pre-contractual measures Name, ad dress, contact details, tax code, VAT and other personal identification numbers Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
Legal, accounting and fiscal obligations Name, ad dress, contact details, tax code, VAT an d other personal identification numbers Processing is necessary for compliance with a legal obligation to which the Controller is subject;
Marketing we use your information in order to communicate with you and keep you up to date with our activities that you may be interested in and to make suggestions and recommendations to you and other users of our Website about goods or services that may interest you or them. We will provide you with this information via email, telephone or smartphone. Where required by law, your prior consent will be obtained before we send you direct marketing. In any event, we will offer you the option to unsubscribe in every communication sent. You may object to receiving direct marketing from us at any time by contacting us by email at This email address is being protected from spambots. You need JavaScript enabled to view it.   or selecting the unsubscribe option in our email communications.


3. Data processing methods
Data is processed with manual, computer and electronic instruments with logics strictly correlated to the purposes and, in any case, ensuring the security and confidentiality of the data.
In particular, Your data are:

a) treated legally, correctly and transparently
b) collected for the purposes stated above and further processed in respect thereof;
c) adequate, relevant and limited compared to the purposes stated above ("so-called data minimization");
d) accurate and, if necessary, updated, deleted and / or corrected
e) kept for a period of time not exceeding the achievement of the purposes for which they are processed;
f) treated in such a way as to guarantee adequate security, including protection through appropriate technical and organizational measures, unauthorized or unlawful processing and accidental loss, destruction or damage.

4. Recipients of personal data
To achieve the purposes states in point 2, Your data will be communicated to employees and associates of the owner acting as authorized to treat.
Your data will also be made available to the company/professional offices providing assistance and/or advice to the Controller, on accounting, administrative, fiscal, legal, financial and tax matters and to third party service providers where the disclosure is necessary for the performance of services covered by the contract.
These subjects will process data in their role of Data Processors.
The Controller may also communicate Your data to administrative authorities, judicial and institutional and/or any other entity to which such disclosure is required by law and/or to carry out the purposes indicated in this policy.
These subjects will process data in their role of independent Data Controllers.
The full list of recipients of the personaI data is still available at the headquarters of the owner which can turn activating communication channels listed in section 1 of this policy.

5. Disclosure of the personal data
Your data will not be disclosed.

6. Transfer of the personal data abroad
For the purposes listed in the present informative, Your personal data can be transferred towards countries inside or outside the European Union, some of which could not supply adequate guarantees of protection of the data (a complete list of the Countries that supply adequate guarantees of protection of the data is available on the web site of the Data Protection Commission). In such cases, the Controller will take account of appropriate protections in order to preserve Your personaI data in those Countries, in conformity with the present document. Some of the safeguards we may adopt, where appropriate, include: the use of standard contractual clauses approved by the European Commission with our suppliers and the signing of contracts with a certified company Privacy Shield in the United States. By way of example but not exhaustive, we inform you that the transfer of personaI data abroad is often linked to the use of cloud computing services (e-mail, websites, backups, etc.).

7. Mandatory or optional provision of personal data
Without prejudice to Your personal autonomy, the transfer of personal data may be:
a) mandatory in relation to the obligations under applicable laws, regulations and EU legislation, as well as provisions given by authorities legitimated and vigilance and control bodies;
b) necessary for the fulfilment of new relationships or to the management and execution of existing contracts or contracts being set up.

8. Consequences of refusal to provide personal information
The refusal to provide personal information for the purposes stated in this policy will make it impossible to proceed to the correct and complete execution of the contractual relationship or to its establishment.

9. Personal data retention period
Your personal data will be kept in a form which allows Your identification for the duration of the contractual relationship and for the 10 years following its resolution or the longer term might be required for the completion of the term of prescription of civil law.

10. Rights of the Data Subject
You can contact the Controller in order to assert Your rights, as provided for in the Regulation.

Access (art.15 EU GDPR)
The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data.
Rectification (art.16 EU GDPR)
L'interessato ha il diritto di ottenere dal titolare del trattamento senza ingiustificato ritardo la rettifica dei dati personali inesatti che lo riguardano. In considerazione delle finalità del trattamento, l'interessato ha diritto di far integrare i dati personali incompleti, anche mediante la fornitura di una dichiarazione integrativa.
The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Considering the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Portability (art.20 EU GDPR)
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, if the processing is based on consent or on a contract and is carried out by automated means.
Objection (art.21 EU GDPR)
The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
Notification obligation regarding rectification or erasure of personal data or restriction of processing (art.19 EU GDPR)
The controller shall communicate any rectification or erasure of personal data or restriction of processing carried out to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The controller shall inform the data subject about those recipients if the data subject requests it.
Erasure (‘right to be forgotten’) (art.17 EU GDPR)
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies::
a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
b) the data subject withdraws consent on which the processing
c) where there is no other legal ground for the processing;
d) the data subject objects to the processing and there are no overriding legitimate grounds for continuing the processing,
e) the personal data have been unlawfully processed;
f) the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
Restriction of processing (art.18 EU GDPR)
The data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:
a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
b) the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;
d) the data subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.

Lodge a complaint with a supervisory authority (art.77 Eu GDPR)
Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this Regulation.
Italian Data Protection Autority:
Telephone: +39 06.696771
e-mail address: This email address is being protected from spambots. You need JavaScript enabled to view it.
PEC: This email address is being protected from spambots. You need JavaScript enabled to view it.
Web site: https://www.garanteprivacy.it

11. Methods of exercising rights
To exercise Your rights, you may at any time contact the Controller by sending a registered letter to MAGER s.r.l. Via Luigi Cavaglià, 27 – 10020 CAMBIANO (TO) – ITALIA or a notice to the email address This email address is being protected from spambots. You need JavaScript enabled to view it..