Privacy Policy
Mantero Seta S.p.A. (hereafter "Mantero") is concerned about protecting your data and privacy, under Article 13 of EU Regulation 2016/679 (GDPR).
INDEX
Why this information
How to purchase products on this site?
Cookies: What are cookies? What are cookies used for?
1. Who is the data controller? How to contact them?
2. Purpose of the processing, legal basis, data retention period, nature of the provision
3. Who will personal data be communicated to?
4. Will the data be transferred outside the European Economic Area (EEA)?
5. Is there an automated process?
6. What are your rights? How can you exercise them?
7. Changes to this privacy policy
WHY THIS INFORMATION?
This page describes how your personal data is processed. It is an informative document provided under Article 13 of Regulation (EU) 2016/679 (hereinafter "GDPR").
Personal Data Processed
Personal data refers to any information regarding an identified or identifiable natural person ("data subject"). A person is considered identifiable if they can be identified, directly or indirectly, particularly through a reference such as a name, identification number, location data, online identifier, or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity (C26, C27, C30 GDPR).
Browsing Data
The information systems and software procedures used to operate this website acquire, during their normal operation,
some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data
includes IP addresses or domain names of the computers used by users who connect to the website, the URI (Uniform
Resource Identifier) notation addresses of the requested resources, the time of the request, the method used to submit
the request to the server, the size of the file obtained in response, the numerical code indicating the status of the
response from the server (success, error, etc.), and other parameters related to the user’s operating system and
computing environment.
Data Provided by the User
Voluntarily sending emails to the contact addresses listed on this site or completing data collection forms results in the
acquisition of the sender’s email address, necessary to respond to requests, and any additional personal data included.
Information regarding Personal Data Processing via Social Media Platforms
For the processing of personal data carried out by the managers of social media platforms used by the data controller, please refer to the information provided by them in their respective privacy policies. The controller processes the personal data provided by users through the pages of dedicated social media platforms to manage interactions with users (comments, public posts, etc.), in compliance with applicable law
Specific Information
Specific information may be provided on the pages of the site in relation to particular services or data processing.
1. WHO IS THE DATA CONTROLLER? HOW TO CONTACT THEM?
The data controller is MANTERO SETA SPA, with its registered office in 22070 Grandate (CO) – Via Riccardo Mantero n. 15, Tax Code/VAT Number 02387120138, represented by its legal representative pro tempore. Contact details for the data controller: email privacy@mantero.com.
2. PURPOSE OF THE PROCESSING, LEGAL BASIS, DATA RETENTION PERIOD, NATURE OF THE PROVISION
| PURPOSE OF PROCESSING | LEGAL BASIS | DATA RETENTION PERIOD | NATURE OF PROVISION |
|---|---|---|---|
|
NAVIGATION ON THE WEBSITE: allowing the user to browse this website. The data required to use the web services are also processed in order to:
|
The processing is necessary for the pursuit of the legitimate interest of the data controller or third parties, provided that the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, do not prevail, considering the reasonable expectations of the data subject and the activities strictly necessary for the functioning of the site and navigation itself (Art. 6, par. 1 lett. f and Recital 47 of the GDPR). | Until the end of the browsing session. See the section on cookies. | The provision is necessary for browsing the website. |
| For the use of cookies and equivalent technologies, please refer to the cookies policy in the footer. | For marketing and profiling cookies, the processing is based on the consent to the processing of personal data (Art. 6 par. 1 lett. a and Recitals 42, 43 of the GDPR). Consent is given through the banner and the cookie policy on the website. |
For cookies, please refer to the cookies policy in the footer of the website. | Please refer to the cookies policy in the footer of the website. |
In addition to what is specified for browsing, personal data will be processed for the following purposes:
| PURPOSE OF PROCESSING | LEGAL BASIS | DATA RETENTION PERIOD | NATURE OF PROVISION |
|---|---|---|---|
| A) CONTACTS, INFORMATION REQUESTS, AND CUSTOMER CARE: Through the contact details provided or by filling out the appropriate form on our website, we will collect and respond to your requests, provide assistance for any needs related to the use of this e-commerce, the purchase of our products, and the use of our services. | The processing is necessary for the execution of a contract to which the data subject is a party or for the execution of pre-contractual measures taken at the request of the same (Art. 6 par. 1 lett. b of the GDPR). | 30 days | The provision of data is necessary. Failure to provide the data will make it impossible to obtain what is requested and to use the services of the data controller. |
| B) REGISTRATION ON THE MANTERO 1902 WEBSITE (creation and deletion of the e-commerce account, technical support assistance) for the use of services reserved for registered users. | The processing is necessary for the execution of a contract to which the data subject is a party or for the execution of pre-contractual measures taken at the request of the same (Art. 6 par. 1 lett. b of the GDPR). | Until the account is deactivated and in any case 24 months from the last purchase. | The provision is necessary to use the services of the data controller. Failure to provide the necessary data will make it impossible to register and use such services. |
| C) DIRECT MARKETING: Sending advertising material or direct sales or for carrying out market research, satisfaction surveys, or commercial and promotional communication, newsletters, through automated means (email, fax, SMS, instant messaging, chat, chatbot, video messages, direct messaging from social networks or other types) and traditional means (telephone and postal mail). The data controller uses systems with reports to compare and possibly improve the results of automated communications. Thanks to the reports, the data controller can know, for example: the number of readers, openings, unique clicks, and clicks; the devices and operating systems used to read the communication; the detail of the activity of individual users; the detail of the emails sent, delivered, and not, of those forwarded. All these data are used to compare and possibly improve the results of communications. | The processing is based on the consent to the processing of personal data (Recitals 42, 43) (Art. 6 par. 1 lett. a of the GDPR). | Until consent is revoked (opt-out) |
The provision is optional. Failure to provide the necessary data will make it impossible to receive marketing communications, without prejudice to other purposes. |
| D) PROFILING: To allow the data controller to process customer profiles and analyze your habits, behaviors, and consumption choices to improve the commercial offer and services proposed. | The processing is based on the consent to the processing of personal data (Recitals 42, 43) (Art. 6 par. 1 lett. a of the GDPR). | Until consent is revoked and in any case for a maximum of 7 years. Subsequently, unless you give new consent, the data will be anonymized. |
The provision is optional. Failure to provide the necessary data will make it impossible to carry out analyses and send targeted communications, without prejudice to other purposes. |
| E) ONLINE PURCHASES AND RELATED ADMINISTRATIVE- ACCOUNTING ACTIVITIES (e.g., order management, invoicing, payments, shipment fulfillment, and management of any returns, management of any credits, and pre-contractual/contractual obligations). | The processing is necessary for the execution of a contract to which the data subject is a party or for the execution of pre-contractual measures taken at the request of the same (Art. 6 par. 1 lett. b of the GDPR). | 10 years from the purchase for administrative- accounting purposes. | The provision is necessary. Failure to provide the necessary data will make it impossible to conclude and execute the purchase contract for goods offered by the data controller. |
| F) CUSTOMER SATISFACTION: Sending surveys to verify customer satisfaction to improve the product and service offering (no marketing). | Legitimate interest of the data controller - Art. 6, par. 1 lett. f) and Recital 47 GDPR: administering surveys to verify the satisfaction with the services provided, provided that the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, do not prevail, considering the reasonable expectations of the data subject based on their relationship (customer) with the data controller. | Until opposition | The provision of data is necessary for the execution of the contractual relationship and for the pursuit of the legitimate interest of the data controller, but you can object immediately to the processing of data for this purpose, without any negative consequences regarding the contract and its execution, as well as other purposes indicated. |
| G) SOFT SPAM: Commercial/promotional information activities, newsletters via email to the email address you provided during the sale, concerning the same type of product and/or service similar to the product/service subject of the sale – Art. 130, paragraph 4 of Legislative Decree 196/03 / legitimate interest (Art. 6 lett. f GDPR), unless opposed. | The processing is necessary for the pursuit of the legitimate interest of the data controller to send promotional commercial communications via email to the email address provided during the sale, concerning the same type of product and/or service (Soft Spam) similar to the product/service subject of the sale, provided that the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, do not prevail, considering the reasonable expectations of the data subject (customer) based on their relationship with the data controller (Art. 6, par. 1 lett. f and Recital 47 of the GDPR). | Until opposition | The provision is necessary during the sale and subsequently to send so-called soft spam communications. As a data subject, you have the right to object at any time to the processing of data for the indicated purpose and you will no longer receive such communications. The opposition, even subsequent to these email communications, will not prejudice the contract, nor other purposes. |
| H) PREVENTION AND CONDUCT OF DISPUTES and other legal aspects and DEFENSE IN CASE OF LITIGATION. | The processing is necessary for the pursuit of the legitimate interest of the data controller to protect its rights, provided that the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, do not prevail (Art. 6, par. 1 lett. f and Recitals 47 – 50 of the GDPR). |
Unless opposed, for the time necessary for the defense in court and subsequently for 10 years. |
The provision of data is necessary. The refusal must be balanced with the legitimate interest of the data controller indicated in the purposes of this point. |
| I) MANAGEMENT OF REQUESTS REGARDING PERSONAL DATA PROTECTION AND REQUESTS FROM OTHER DATA SUBJECTS, PURSUANT TO ARTICLES 15 AND FOLLOWING OF THE GDPR (data subject rights). | The processing is necessary to comply with a legal obligation to which the data controller is subject (Recital 45). Art. 6 par. 1 lett. c) of the GDPR. |
5 years from the closure of the request, unless disputes arise. | The provision of personal data is necessary, as it is essential to fulfill legal obligations (managing your request within the legal terms). |
| L) WORK WITH US AREA: Personnel selection, conducting research and selection activities for the possible establishment of an employment relationship, also for positions different from those for which the data subject has applied spontaneously; management of applications in response to job offers published on the organization’s website; interviews and possible video interviews (processing of image/audio data). | The data processing is necessary for the execution of pre- contractual measures taken also at the request of the data subject. Art. 6 par. 1 lett. b) of the GDPR. For the processing of special data, General Authorization no. 1/2016 of the Data Protection Authority and applicable legislation on mandatory hiring. | In principle, the data collected during the hiring process will be deleted as soon as it becomes evident that no job offer will be made or that the offer will not be accepted by the candidate. In any case, the maximum retention period is 36 months. | The provision of personal data is necessary to process the data for selections. Failure to provide the necessary personal data makes it impossible to apply. |
3. WHO WILL YOUR PERSONAL DATA BE SHARED WITH?
Your personal data will be disclosed, depending on the purposes set out in specific areas, to recipients acting as independent data controllers or as data processors (Art. 28 GDPR), and handled by natural persons (Art. 29 GDPR) acting under the authority of the data controller and/or processors. Recipients include:
- Entities providing services for website management and communication networks, including email, hosting, and website management
- Entities assisting the data controller in marketing
- Freelancers, firms, or companies in consultancy and assistance
- Entities providing services for the management of the aforementioned
- Commercial partners, distributors, and logistics service
- Competent authorities for legal
The updated list of data processors is available by writing to privacy@mantero.com or to the other addresses indicated above.
4. WILL THE DATA BE TRANSFERRED OUTSIDE THE EUROPEAN ECONOMIC AREA (EEA)?
The personal data provided will not be transferred outside the European Economic Area (EEA). If it becomes necessary to transfer your data to third countries outside the EEA, this will be done in compliance with Articles 44 and following of the GDPR. In such cases, the data subject can request a copy of the conditions governing the transfer by contacting the data controller at privacy@mantero.com.
5. IS AUTOMATED PROCESSING USED?
Personal data will be processed both manually and via electronic and automated means. If you have provided your consent, your data will be processed automatically to analyze your consumption habits and present offers aligned with your preferences (profiling). For more details, you can contact privacy@mantero.com.
6. WHAT ARE YOUR RIGHTS? HOW CAN YOU EXERCISE THEM?
You may exercise your rights as outlined in Articles 15 and following of the GDPR by contacting the Data Controller at the e-mail address privacy@mantero.com or through the other contact details listed above. You have the right, at any time, to request access to your personal data (Art. 15), rectification (Art. 16), erasure (Art. 17), and restriction of processing (Art. 18). The Data Controller will notify (Art. 19) each recipient to whom personal data has been transmitted of any rectifications, erasures, or restrictions of processing carried out in accordance with Article 16, Article 17(1), and Article 18 of the GDPR. The Data Controller will inform the data subject of these recipients if the data subject so requests. Additionally, in cases provided for by forms in specific areas, you have the right to data portability (Art. 20), and in such cases, your data will be provided to you in a structured, commonly used, and machine-readable format. You also have the right to object (Art. 21), at any time, to the processing of your data based on legitimate interest, and for processing based on this legal basis, you may request information on the balancing test carried out by the Data Controller. Furthermore, you have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on consent before its withdrawal..
To stop receiving automated direct marketing communications (email, fax, SMS messages, instant messaging, chat, chatbot, video messages, direct messaging via social networks or other types), simply send an email at any time to privacy@mantero.com with the subject "no automated marketing" or use our automatic unsubscribe systems provided for emails only.
To stop receiving traditional direct marketing communications (operator phone calls and postal mail), simply send an email at any time to privacy@mantero.com with the subject "no traditional marketing".
To stop receiving any marketing communications at all, simply send an email at any time to privacy@mantero.com with the subject "no marketing".
You may also withdraw your consent to profiling by sending an email at any time to privacy@mantero.com with the subject "no profiling".
Please refer to the specific notices based on the data processing in specific areas. If you believe that the processing of your personal data by the Data Controller is in violation of the GDPR, you have the right to lodge a complaint with the Privacy Authority (https://www.garanteprivacy.it/), or to take legal action through appropriate judicial venues.
7. CHANGES TO THIS PRIVACY POLICY
The data controller reserves the right to modify, update, add, or remove parts of this privacy policy. To facilitate checking for changes, the privacy policy will display the date of the last update.
- Choosing a selection results in a full page refresh.
- Press the space key then arrow keys to make a selection.
- Use left/right arrows to navigate the slideshow or swipe left/right if using a mobile device