With this information, according to art. 13 of Law 196/2003 and art. 13 of the European Regulation 679/2016 (the "GDPR"), shall provide the methods and purposes of the processing of personal data and its going protections for the confidentiality and security of the same. The personal data will be handled in compliance with the above regulations.

The data controller is Chg di Chessa Francesco, in the person of the legal representative Chessa Francesco, with registered office in Via Garibaldi 26/3 - 52100 - Arezzo - Italy.

The personal data processed, affect the information collected for the purposes of execution of commercial activity, namely:
a) personal data (name, surname, date of birth, address etc.);
b) contact information (phone number, email, business address, etc.);
c) trade data (company name and activities);
d) any other data relating to the implementation of commercial and professional contracts.

Chg di Chessa Francesco, Using methods strictly necessary, process personal data collected and / or provided in the commercial and professional activity carried out, and in particular:
a) for the execution of commercial and professional contracts;
b) to fulfill their fiscal obligations, management and accounting;
c) to comply with legal obligations to which the Company is required (requirements required by anti-money laundering legislation);
d) to exercise the rights of the owner, such as the right to legal defense.

Personal data will be processed by the Company in accordance with the principles of fairness, legality and transparency, so as to ensure the security and confidentiality.
The Company, in relation to the purposes referred to in paragraph 3 above, will process personal data in an appropriate manner to the above purposes and in compliance with current standards, using manual, computer and data, as well as through telephone services, strictly related to purposes and, in any case, to ensure the security and confidentiality of data. Specific security measures are taken to prevent data loss, illegal or incorrect use and unauthorized access.
The CHG di Chessa Francesco does not take any automated decision-making process, including profiling, according to art. 22, paragraphs 1 and 4 of EU Regulation no. 679/2016.

The Company will retain the personal information for the time strictly necessary to fulfill the contract in force and, subsequently, for the period provided by law and regulation, even in tax matters (in each case, for a period of time not exceeding 10 years - limitation period).
Once the deadline indicated before, the personal data will be deleted or made anonymous.

The data can be known, used and / or disclosed to:
a) employees of the Company;
b) responsible for maintenance of information systems;
c) consultants and accountants or other entities that provide services for the above purposes;
d) banks and insurance companies that provide functional performance for the above purposes;
e) entities that process data in execution of specific legal obligations;
f) judicial or administrative authorities, for the fulfillment of legal requirements.

The Company does not disclose personal information, except as required by law or regulations, in compliance with the obligation to industrial and professional secrecy.
The data collected will not be transferred either in European Union member states or in third countries outside the European Union without your express consent.

The individual has the right to obtain from the company:
a) access to personal data and information relating to the same;
b) information on the origin of personal data;
c) an indication of the purpose or modalities of treatment;
d) the identification data of the owner and / or the responsible treatment;
e) the identification data of the persons or categories of persons to whom the data are disclosed or who may become aware;
f) the updating, rectification and integration of data;
g) the limitation of the treatment;
h) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law;
i) confirmation that the operations as per letters. f) and h) have been notified to the persons who have been communicated and / or disseminated data;
l) the consultation of the data in a structured format, common and readable by use of an automatic device, which allows portability of the same to a different data processing.

Among the rights recognized by the person from GDPR, falls to withdraw consent at any time and, therefore, to deny in whole or in part to the processing of personal data concerning him.
The interested party may also submit a complaint to the Guarantor Authority for the protection of personal data and / or other competent supervisory authorities under the European Regulation 679/2016.
For any requests, comments and / or complaints, please send an email to:

For any questions:
 Mr. Chessa Francesco
+39 075-5996957 (Italy)