PRIVACY POLICY

KOPRON’S PRIVACY POLICY

Pursuant to and for the purposed of Art. 13-14, Reg. EU 2016/679
(European Regulation in relation to the protection of personal data)

Dear Sir or Madam,

We would like to inform you that the Reg. EU 2016/679 (“European Regulation in relation to the protection of personal data”) provides the protection of people and other subjects and the respect of data processing.

Therefore, pursuant to the Art. 13 and 14, we provide you the following information:

1. Purpose and legal basis of data processing
   

   The purpose of personal data processing is exclusively related to the execution of contractual obligations and to fulfill your specific demands, as well as the accomplishment of legal requirements, in particular to correctly carry out contracts for the supply of goods or services.
   For this purpose, the controller could become aware of data, according to Reg. EU 2016/679, like specific data necessary to correcty carry out supply contracts.

2. Modalities of the processing
   

   In relation to the above mentioned purposes, your data will be processed by computerized and papery means. The processing operations have been implemented in order to ensure the logical and physical security, and the confidentiality of your personal data.

3. Nature of personal data
   

   Your personal data relevant to the conduct of existing contract shall be treated.
   During service provisioning, some personal data may necessarily be requested for process.

4. Compulsory or optional delivery of data
   

   The delivery of your personal data is mandatory, and the refusal might make the provisions of services you required impossible or extremely difficult.

5. Data communication and dissemination
   

   Your data might be conveyed to:

   • the entities recognized by regulatory measures in order to access such data;
   • all the natural and/or legal persons, and public and/or private bodies, when such communication is necessary to carry out our activity, in the ways and for the above mentioned purposes.
6. Modality and duration of personal data retention
   

   Data retention will be processed with the aid of computerized or manual supports in total safety, strictly according to the purpose for which they have been requested. Data will be kept for the only time necessary to fulfill contract obligations. Rules preventing the retention of data over the period agreed will apply.
   In any case, regulations preventing to keep data for an unlimited period apply. Data retention time is limited to ensure respect for the minimisation principle of data processing.

7. Rights of the data subject
   7.1 Art. 15 (right of access), 16 (right of rectification) of the Reg. EU 2016/679
   

   The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:

   • • the purposes of the processing;
     • the categories of personal data concerned;
     • the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
     • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
     • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
     • the right to lodge a complaint with a supervisory authority;
     • the existence of automated decision-making, including profiling, and at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

   7.2 Right under the Art. 17 of the Reg. EU 2016/679 – Right to erasure (‘right to be forgotten’)
   

   The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

   • • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
     • the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing;
     • the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);
     • the personal data have been unlawfully processed;
     • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
     • the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).

   7.3 Right under the Art. 18 of the Reg. EU 2016/679 – Right to restriction of processing
   

   The data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:

   • • the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
     • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
     • the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
     • the data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.

   7.4 Right under the Art.20 – Right to data portability
   

   The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

8. Revocation of the consent for the processing
   

   You can revoke your consent for your personal data processing by sending a certified e-mail to the following e-mail address: privacy@kopron.com or by registered mail with return receipt to the following address: Kopron SpA, Via Primo Maggio snc, 20064 Gorgonzola (MI), complete with a copy of your identity document and the following text: <<Revocation of the consent for the processing of all my personal data>>.

   Your personal data will be removed from the archives as soon as possible and anyhow within and not over 60 days from your formal request.

   If you want to receive more information about your personal data processing, or rather to exercise the rights referred to paragraph 7, you can send a certified e-mail to privacy@kopron.com or by registered mail with return receipt to the following address: Kopron SpA, Via Primo Maggio snc, 20064 Gorgonzola (MI) , with the following text: <<Revocation of the consent for the processing of all my personal data>>.

   You may be asked to verify your identity by answering some personal questions before we can provide or modify any information. We will respond as soon as possible.

9. Identification details of the controller
   

   The controller is Kopron SpA, Via Primo Maggio snc, 20064 Gorgonzola (MI).
   The list of people in charge of personal data processing is kept at controller’s registered office.

PRIVACY POLICY ON THE PROCESSING OF WEBSITE USERS’ PERSONAL DATA

Pursuant to and for the purposed of Art. 13-15, Reg. EU 2016/679
(European Regulation in relation to the protection of personal data)

Dear Sir or Madam,

We would like to inform you that the Reg. EU 2016/679 (“European Regulation in relation to the protection of personal data”) provides the protection of people and other subjects and the respect of data processing.

Therefore, pursuant to the Art. 13 and 15, we provide you the following information:

1. Introduction
   

   Kopron SpA take very seriously User’s privacy requirements and are fully committed to comply with them. This “Privacy Policy” statement, describes the activities carried out by Kopron SpA when processing personal data (see www.kopron.com).
   Kopron SpA carry out this process every time Users visit their site or use services offered therein. In sections requesting personal data, User may find an informative specification according to the art. 13/15, Reg. EU 2016/679.
   Users’ authorization for processing personal data will be requested any time the above European Regulation requires it. In case User gives personal data of third parties, he must always follow the applicable standards contained in the European Regulation, in order to allow Kopron SpA to process them.

2. Identification details of the processing owner
   

   Kopron SpA, Via Primo Maggio snc, 20064 Gorgonzola (MI).

3. Type of data processed
   

   The visit and consultation of the Site do not generally involve the collection and processing of personal data of the User except for navigation data and cookies as specified below.In addition to the so-called “navigation data” (see below), personal data voluntarily provided by the User may be processed when the latter interacts with the Site’s features or requests to use the services offered on the Site. In compliance with the Privacy Code, Kopron SpA may also collect your personal data from third parties in the performance of your business.

4. Cookies and navigation data
   

   The Site uses “cookies”. By using the Site, you consent to the use of cookies in accordance with this Privacy Policy. Cookies are information saved on the hard disk of the User’s terminal. There are two macro-categories of cookies: technical cookies and profiling cookies. Technical cookies are necessary for the proper functioning of a website and to allow User navigation; without them the User may not be able to view the pages correctly or use some services.
   Profiling cookies have the task of creating User profiles in order to send advertising messages in line with the preferences expressed by the User during navigation.

   Cookies can also be classified as:

   • “session” cookies, which are deleted immediately when the browser is closed;
   • “persistent” cookies, which remain in the browser for a certain period of time. They are used, for example, to recognize the device that connects to a site facilitating authentication operations for the User;
   • “own” cookies, generated and managed directly by the manager of the website on which the User is browsing;
   • “third-party” cookies, generated and managed by parties other than the operator of the website on which the User is browsing.
5. Cookies used on the site
   

   The site uses the following type of cookies:

   • • own cookies, session and persistent,necessary for a correct navigation and for a safe and efficient exploration of the Site;
     • third-party cookies, session and persistent, necessary to gain access to multimedia items, like images and videos;
     • o third-party cookies, persistent, set by Google Analytics and used to gather information on how visitors use the Site, including the number of visitors, the Sites of origin and the pages visited. Kopron SpA uses this information to compile reports and to improve the website; this allows, for example, to know any errors detected by Users and to assure an immediate navigation, to easily find what they are looking for.Through a couple of cookies, a permanent and a session cookie (which is cleared once you close your browser), Google Analytics records time of entrance and exit from the Site. To prevent Google to track data through cookies, and then to process them you can download and install the following browser plugin from: https://tools.google.com/dlpage/gaoptout?hl=en
     • third-party cookies, persistent, are used by Site to include in the pages share buttons to log into Facebook, Twitter e Google+. Selecting one of these buttons, User can publish on a personal page, information regarding the web page of the site he is visiting.

   In the following table you may find details of the cookies you can find on the Site.

   PURPOSE	SOURCE	INFORMATION	EXPIRY	TYPE
   Navigation sessions	Kopron.com		Session	Own
   Authentication	Kopron.com		Persistent	Own
   Acceptance information on cookies and User’s choices	Kopron.com		Persistent	Own
   Visit tracking	Google Analytics	Go to the Website	Persistent	Third-party
   Search campaigns monitoring	Google AdWords Conversion	Go to the Website	Persistent	Third-party
   Tag management	Google Tag Manager	Go to the Website	Persistent	Third-party
   Advertisments	Double Click	Go to the Website	Persistent	Third-party
   Advertisments	Google Adsense	Go to the Website	Persistent	Third-party
   Video players	Youtube	Go to the Website	Session	Third-party
   Video players	Vimeo	Go to the Website	Session	Third-party
   Social Media	Twitter Button		Persistent	Third-party
   Social Media	Twitter Syndication		Persistent	Third-party
   Remarketing	Google Analytics	Go to the Website	Persistent	Third-party

   The Site may contain links to other sites (third parties). Kopron SpA do not give access or carry out controls on cookies, web beacons or other tracking methods, used by third parties to which Users may have access through Kopron Site. Kopron SpA SpA do not carry out checks, and therefore will not be held responsible for the content published by or obtained through third parties, and on the modalities of personal data processing.
   User must verify the privacy policy of the third parties they come across through Kopron Site and must be informed on terms and conditions regarding personal data processing. The privacy policy outlined herein applies only to Kopron Site.

6. How to check or delete cookies
   

   By choosing to refuse cookies, you may not be able to use all the features of the Site. You can block cookies by following the instructions provided by the browser.
   The deactivation of a cookie or a category of cookies does not remove them from the browser. Therefore, this operation must be done directly in the browser. Blocking third-party cookies does not affect navigation. Set up can be made for specific sites and web applications. Besides the best browsers allow you to make a different set up for “first-party” and “third-party” cookies.
   In Firefox, for example, by clicking Tools -> Options -> Privacy, it is possible to gain access to a control panel where you can decide either to accept or not different types of cookies and eventually remove them.

   Delete, activate and handle cookies in:

   • Chrome
   • Firefox
   • Internet Explorer
   • Microsoft Edge
   • Safari (Desktop)
   • Safari (Mobile)
   • Browser Android
   • Opera

   For all other browsers, refer to the instruction manual to find out how to handle cookies.

7. Retention period of personal data
   

   Personal data is stored and processed through IT systems owned by Kopron SpA and managed by Kopron SpA or by third party technical service providers; for more details please refer to the specific section “Data communication and dissemination”. The data is processed exclusively by specifically authorized personnel, including personnel assigned to carry out extraordinary maintenance operations.

8. Purpose and methods for data processing
   

   Kopron SpA are authorized to process User’s sensitive data in the following cases: when User applies for services or for other functions on the site, when he makes requests/ complaints, or send newsletters, application forms through site, etc.
   Furthermore, Kopron SpA may be authorized by User to process personal data for marketing purposes, for promotional material and/or commercial communications regarding the company to be sent either by traditional means such as post, call centers, etc., or through the internet, by fax, e-mails, SMS on smartphones, tablets or through social networks (i.e Facebook and Twitter).
   Personal data are processed in paper form or electronic means and inserted in the Company’s information system according to European Regulation UE 2016/679, with security procedures based on the principles of propriety and lawfulness.
   Data are kept as long as strictly necessary for the purpose they have been collected in compliance with standards and legal obligations.
   In any case, regulations which prevent data storage for an unlimited period apply.

9. Security and quality of personal data
   

   Kopron SpA undertakes to protect the security of the User’s personal data and complies with the security provisions of the applicable legislation in order to avoid data loss, illegitimate or illegal use of data and unauthorized access to the same, with particular reference to the Technical Disciplinary regarding minimum security measures. Furthermore, the information systems and computer programs used by Kopron SpA are configured in such a way as to minimize the use of personal and identifying data; these data are processed only for the achievement of the specific purposes pursued from time to time. Kopron SpA uses multiple advanced security technologies and procedures to promote the protection of Users’ personal data; for example, personal data is stored on secure servers located in places with secure and controlled access.The User can help Kopron SpA to update and maintain their personal data by communicating any changes to the contacts on the Site, etc.

10. Data communication and dissemination
    

    Your data might be conveyed to:

    • the entities recognized by regulatory measures in order to access such data;
    • our associates and employees, as part of their tasks;
    • all the natural and/or legal persons, and public and/or private bodies, when such communication is necessary to carry out our activity, in the ways and for the above mentioned purposes.
11. Personal data supply
    

    Some data requested are compulsory to allow the company to follow-up on User’s communications and requests. Data marked with an asterisk [*] forces User to release data. Data without an asterisk are optional: no consequences will occur in case data are not given.
    Data requested for marketing purposes as explained in section “Purpose and methods for data” are optional, User may choose not leave personal data, without consequences. In case he chooses to leave personal data for marketing purposes he will receive communications either through traditional or electronic means as described above.

12. Rights of the data subject
    12.1 Art. 15 (right of access), 16 (right of rectification) of the Reg. EU 2016/679
    

    The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:

    • • the purposes of the processing;
      • the categories of personal data concerned;
      • the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
      • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
      • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
      • the right to lodge a complaint with a supervisory authority;
      • the existence of automated decision-making, including profiling, and at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

    12.2 Right under the Art. 17 of the Reg. EU 2016/679 – Right to erasure (‘right to be forgotten’)
    

    The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

    • • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
      • the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing;
      • the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);
      • the personal data have been unlawfully processed;
      • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
      • the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).

    12.3 Right under the Art. 18 of the Reg. EU 2016/679 – Right to restriction of processing
    

    The data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:

    • • the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
      • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
      • the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
      • the data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.

    12.4 Right under the Art.20 – Right to data portability
    

    The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

13. Revocation of the consent for the processing
    

    You can revoke your consent for your personal data processing by sending a certified e-mail to the following e-mail address: privacy@kopron.com or by registered mail with return receipt to the following address: Kopron SpA, Via Primo Maggio snc, 20064 Gorgonzola (MI) complete with a copy of your identity document and the following text: <<Revocation of the consent for the processing of all my personal data>>.

    Your personal data will be removed from the archives as soon as possible and anyhow within and not over 60 days from your formal request.

    If you want to receive more information about your personal data processing, or rather to exercise the rights referred to paragraph 7, you can send a certified e-mail to privacy@kopron.com or by registered mail with return receipt to the following address: Kopron SpA, Via Primo Maggio snc, 20064 Gorgonzola (MI) with the following text: <<Revocation of the consent for the processing of all my personal data>>.

    You may be asked to verify your identity by answering some personal questions before we can provide or modify any information. We will respond as soon as possible.

PRIVACY POLICY ON DATA SUPPLIED BY VISITOR

Pursuant to and for the purposed of Art. 13-14, Reg. EU 2016/679
(European Regulation in relation to the protection of personal data)

Dear Sir or Madam,

We would like to inform you that the Reg. EU 2016/679 (“European Regulation in relation to the protection of personal data”) provides the protection of people and other subjects and the respect of data processing.

Therefore, pursuant to the Art. 13 and 14, we provide you the following information:

1. Purpose and legal basis of data processing
   

   The purpose of personal data processing is exclusively related to the execution of contractual obligations and to fulfill your specific demands, as well as the accomplishment of legal requirements, in particular accounting and fiscal obligations.
   For this purpose, the controller could become aware of personal data considered ‘sensitive’, according to Reg. EU 2016/679, such as racial and ethnic origins, religious beliefs, philosophical convictions, political views, health status and sexual life.

2. Modalities of the processing
   

   In relation to the above mentioned purposes, your data will be processed by computerized and papery means. The processing operations have been implemented in order to ensure the logical and physical security, and the confidentiality of your personal data.

3. Nature of personal data
   

   ‘Sensitive’ Personal data acquisition and processing might be necessary for the development and fulfillment of the contract.
   During service provisioning, some particular personal data, ‘sensitive’ and judicial, may necessarily requested for process.
   You may be requested to give consent in writing.

4. Compulsory or optional delivery of data
   

   The delivery of your personal data is mandatory, and the refusal might make the provisions of services you required impossible or extremely difficult.

5. Data communication and dissemination
   

   Your data might be conveyed to:

   • the entities recognized by regulatory measures in order to access such data;
   • our associates and employees, as part of their tasks;
   • all the natural and/or legal persons, and public and/or private bodies, when such communication is necessary to carry out our activity, in the ways and for the above mentioned purposes.
6. Modality and duration of personal data retention
   

   Data retention will be processed with the aid of computerized or manual supports in total safety, strictly according to the purpose for which they have been requested. Data will be kept for the only time necessary to fulfill contract obligations. Rules preventing the retention of data over the period agreed will apply.
   In any case, regulations preventing to keep data for an unlimited period apply. Data retention time is limited to ensure respect for the minimisation principle of data processing.

7. Rights of the data subject
   7.1 Art. 15 (right of access), 16 (right of rectification) of the Reg. EU 2016/679
   

   The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:

   • • the purposes of the processing;
     • the categories of personal data concerned;
     • the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
     • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
     • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
     • the right to lodge a complaint with a supervisory authority;
     • the existence of automated decision-making, including profiling, and at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

   7.2 Right under the Art. 17 of the Reg. EU 2016/679 – Right to erasure (‘right to be forgotten’)
   

   The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

   • • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
     • the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing;
     • the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);
     • the personal data have been unlawfully processed;
     • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
     • the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).

   7.3 Right under the Art. 18 of the Reg. EU 2016/679 – Right to restriction of processing
   

   The data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:

   • • the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
     • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
     • the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
     • the data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.

   7.4 Right under the Art.20 – Right to data portability
   

   The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

8. Revocation of the consent for the processing
   

   You can revoke your consent for your personal data processing by sending a certified e-mail to the following e-mail address: privacy@kopron.com or by registered mail with return receipt to the following address: Kopron SpA, Via Primo Maggio snc, 20064 Gorgonzola (MI) complete with a copy of your identity document and the following text: <<Revocation of the consent for the processing of all my personal data>>.

   Your personal data will be removed from the archives as soon as possible and anyhow within and not over 60 days from your formal request.

   If you want to receive more information about your personal data processing, or rather to exercise the rights referred to paragraph 7, you can send a certified e-mail to privacy@kopron.com or by registered mail with return receipt to the following address: Kopron SpA, Via Primo Maggio snc, 20064 Gorgonzola (MI) with the following text: <<Revocation of the consent for the processing of all my personal data>>.

   You may be asked to verify your identity by answering some personal questions before we can provide or modify any information. We will respond as soon as possible.

9. Identification details of the controller
   

   The controller is Kopron SpA, Via Primo Maggio snc, 20064 Gorgonzola (MI).
   The list of people in charge of personal data processing is kept at controller’s registered office.

SUMMARY DOCUMENT INFORMATION ON DATA SUPPLIED BY VISITOR

Pursuant to and for the purposed of Art. 13-14, Reg. EU 2016/679
(European Regulation in relation to the protection of personal data)

CONTROLLER
Kopron SpA, Via Primo Maggio snc, 20064 Gorgonzola (MI).

PURPOSE AND LEGITIMACY

The purpose of personal data processing is exclusively related to the execution of contractual obligations and to fulfill your specific demands, as well as the accomplishment of legal requirements, in particular accounting and fiscal obligations.

For this purpose, the controller could become aware of personal data considered ‘sensitive’, according to Reg. EU 2016/679, such as racial and ethnic origins, religious beliefs, philosophical convictions, political views, health status and sexual life.

MODALITIES OF THE PROCESSING AND PERSONAL DATA RETENTION

Data retention will be processed with the aid of computerized or manual supports in total safety, strictly according to the purpose for which they have been requested. Data will be kept for the only time necessary to fulfill contract obligations. Rules preventing the retention of data over the period agreed will apply.

In any case, regulations preventing to keep data for an unlimited period apply. Data retention time is limited to ensure respect for the minimisation principle of data processing.

RECIPIENTS

Data are conveyed to:
the entities recognized by regulatory measures in order to access such data; our associates and employees, as part of their tasks; all the natural and/or legal persons, and public and/or private bodies, when such communication is necessary to carry out our activity, in the ways and for the above mentioned purposes.

RIGHTS

Gaining access, correcting, limiting, objecting to the processing, making complaints, requesting portability.

REVOCATION

Send an e-mail to: privacy@kopron.com or by registered mail with return receipt to the following address: Kopron SpA, Via Primo Maggio snc, 20064 Gorgonzola (MI) complete with a copy of your identity document and the following text: <<Revocation of the consent for the processing of all my personal data>>.

ADDITIONAL INFORMATION

Information sheet on data processing can be downloaded from site www.kopron.com.