Skip to content

Policy on the processing of personal data pursuant to article 13 of the GDPR

  1. Data controller

As Data Controller, Maccagnola Srl wishes to inform you that the EU Regulation n. 2016/679 (hereinafter GDPR) governs the protection of personal data in the context of the processing activities related thereto.

Maccagnola Srl handles the processing of personal data according to principles of correctness, lawfulness, transparency and necessity, thus protecting Your rights.

For this purpose, and pursuant to article 13 of the GDPR, we hereby provide you with the following information.

  1. Object of the processing

The processing we intend to carry out concerns Your personal data, as defined by the GDPR, thus the data we are or shall become aware of by virtue of the legal and contractual relationships in progress with You.

  1. Purpose of the Processing

The data You provide shall only be processed to execute the contractual relationships in progress with You and to fulfill specific legal obligations deriving therefrom.

  1. Processing method

The data shall be processed according to article 4 n. 2) of the GDPR, by means of the following operations: collecting, recording, organizing, storing, consulting, processing, changing, selecting, extracting, comparing, using, interconnecting, blocking, communicating, canceling and destroying the data.

Your data shall be processed both on paper and by electronic and/or automated means.

Your data shall be stored for a reasonable period, with respect to the purposes set out under point 3, from the moment it is received/updated.

  1. Disclosure and/or transfer of data

The data shall not be disclosed and shall be processed by adequately trained Company employees who are authorized to process the data according the responsibilities assigned to them. The data could be disclosed to external subjects, among which the Managers assigned according to article 28 of the GDPR. In particular, the data could be disclosed to the following categories of subjects, hereinafter listed by way of example and without limitations: banking institutions and firms specialized in the management of payments and credit assurance, law and consulting firms, subjects in charge of auditing the company’s financial statements, public authorities or administrations for legal obligations, Italian and foreign suppliers.

The list of external Managers in charge of processing the personal data is available at the registered office of Pastaio Srl.

  1. Rights of the concerned party

All the rights provided in articles 15, 16, 17, 18, 20 and 21 of the GDPR can be exercised with regard to the aforesaid data, and more specifically:

  1. a) the right to access the personal data;
  2. b) to modify it in case of inaccuracy;
  3. c) to delete the data;
  4. d) to limit its processing;
  5. e) to oppose to its processing;
  6. f) the right related to the portability of the data, i.e. to receive the personal data provided and to transfer it to another Data Controller in a structured and common format readable by automatic devices, without any In the event of any violation to these provisions, the party concerned by the processing has the right to file a complaint with the competent Supervisory Authority.

For further clarifications on this policy and on any other privacy issue, or in the event you should wish to exercise Your rights, please send an email to