Privacy Policy

Introduction

Guastamacchia S.p.A. uses this website to promote its services in the design and construction of building works and infrastructure, primarily public, targeting a professional Business-To-Business (B2B) audience.

The website does not collect personal data except for those strictly necessary for browsing and for processing aggregated usage statistics. However, as the website may be accessed by any data subject, Guastamacchia provides this Privacy Policy in accordance with Regulation (EU) 2016/679 (GDPR) and applicable Italian data protection laws.

Guastamacchia adopts up-to-date security standards to ensure the protection of data subjects’ rights and compliance with current regulations.

Data Controller

The Data Controller is Guastamacchia S.p.A., with registered office at Via P. Ravanas, 2 – 70037 Ruvo di Puglia (BA), Italy.
Phone: +39 080 3611722
Email: info@guastamacchiaspa.com

Purpose of Data Processing

Data collected through the website are processed exclusively for the following purposes:

1. Providing information about Guastamacchia S.p.A.’s services and activities to professional B2B users.

2. Managing contact requests and quotation requests voluntarily submitted by users.

3. Sending newsletters or commercial communications, subject to explicit consent.

4. Creating and managing user profiles for access to restricted areas (if applicable).

5. Interacting with users within dedicated areas of the website.

6. Performing anonymous and aggregated statistical analysis of website usage.

7. Ensuring the security, integrity, and proper functioning of the website.

Failure to provide data may result in the inability to fulfill the data subject’s requests.

Legal Basis for Processing

Data processing is based on:

• The performance of pre-contractual measures at the request of the data subject (Art. 6(1)(b) GDPR).

• The data subject’s explicit consent for newsletter and marketing communications (Art. 6(1)(a) GDPR).

• The legitimate interest of the Data Controller for security, integrity, and statistical analysis purposes (Art. 6(1)(f) GDPR).

Types of Data Collected

The website may collect:

• Browsing data: IP address, browser type, device parameters, ISP, date and time of visit, pages visited, number of clicks;

• Data voluntarily provided: name, surname, email address, phone number, company, and content submitted via contact forms or email;

• Anonymous statistical data collected through tools such as Google Analytics or similar services;

• Data from interactions with social networks (e.g., LinkedIn, Instagram, Facebook, YouTube).

Data collected for statistical or security purposes are anonymized and cannot be used to directly identify the data subject.

Interaction with Social Networks and External Platforms

The website may include social media buttons or plugins. Any interaction with such platforms is subject to their respective privacy policies and to the user’s consent.

Data Transfers Outside the EU

Personal data collected through external services (e.g., analytics tools) may be transferred outside the European Union based on Standard Contractual Clauses approved by the European Commission, replacing the former Privacy Shield framework.

Data Retention

Personal data will be retained as follows:

• Browsing technical data: up to 12 months;

• Anonymized statistical data: up to 14 months (or according to the service provider’s policies);

• Contact data for information requests: up to 90 days, in the absence of a contractual relationship;

• Data relating to clients with contractual relationships: for the duration of the contract, unless otherwise required by law.

At the end of the retention periods, data will be securely deleted.

Data Subject Rights

Data subjects have the right to:

• Withdraw consent at any time;

• Object to the processing of their personal data;

• Access their data and obtain a copy;

• Request rectification or updating of their data;

• Request restriction or erasure of their data;

• Receive their data in a structured format and transmit them to another controller (data portability);

• Lodge a complaint with the competent supervisory authority (Italian Data Protection Authority).

Requests may be sent to: info@guastamacchiaspa.com The Data Controller will respond within 30 days.

Security Measures and Processing Methods

Data processing is carried out using IT and telematic tools. The Data Controller adopts appropriate technical and organizational measures to protect data against unauthorized access, disclosure, alteration, or destruction.

No automated decision-making processes or profiling activities are carried out.

Cookie Policy

The website uses cookies for technical and statistical purposes. Users may consult the Cookie Policy for further details and to manage their preferences.