Why this policy?

According to (EU) Regulation 2016/679 (hereinafter “GDPR”) this page describes the methods of personal data processing. This policy is provided according to article 13 GDPR. The policy is not to be considered valid for other third-party websites, which can be consulted through links on this website, for which we don’t assume any responsibility.

Processable personal data

Personal datum: any information regarding an identified or identifiable natural person is one who can be identified directly or indirectly with particular reference to an identifier such as a name, an identification number, location data, online identifier or one or more characteristic elements of his/her physical, physiological, genetic, psychic, economic, cultural or social identity (C26, C27, C30 GDPR).

Data of contractors/users

Navigation data

The computer systems and software procedures used for the function of this website collect, during their ordinary operation, some personal data whose transmission is implicit in the use of internet communication protocols. This category of data includes IP addresses or domain names of computers and terminals used by users, addresses in URI/URL (Uniform Resource identifier/Locator) notations of requested resources, time of request, method used for submitting the request to server, size of file obtained in response, numerical code indicating status of response given by the server (successful, error etc.) and other parameters related to the operating system and user’s IT environment.

Voluntarily communicated data

The optional, explicit and voluntary sending of messages to contact addresses indicated on this website and/or filling in of data collection forms involves subsequent acquisition of sender’s address, necessary to reply to requests, as well as any other personal data entered.

Information about the processing of personal data carried out through Social Media platforms

As regards the processing of personal data carried out by supervisors of Social Media platforms used by Data Controller, please refer to information provided by them through their respective privacy policies. The Data Controller processes the personal data provided by the user through dedicated Social Media platform pages, to manage interactions with the user (comments, public posts, etc.) and in compliance with current regulations.

Specific policy

Specific policy may be present on pages of the website in relation to particular services or processing of provided data.

Cookie and other tracking systems. What are they? What are they for?

For cookie and other tracking systems, please view cookie policy shown in the footer of the website and at the following link

1. Who is the data controller? How to contact him?

The Data Controller is JP CONCEPT SRL with both registered office and administrative office in Seregno via Marconi 14, in the person of its sole director, who you can contact for any information by telephone 0362-221961, e-mail privacy@jpconcept.it

2. Data processing purpose, legal basis, data storage period and feature of provision

Navigation on this website. The data necessary for the use of web services are also processed for the purpose of:
  • obtaining statistical information on use of the services (most visited web pages, number of visitors per hour per day, geographical areas of origin etc.)
  • checking the correct function of offered services.
The processing is necessary for the pursuit of legitimate interest of data controller or of third parties as long as interests or fundamental rights and freedom of data subject, who requires personal data protection, don’t prevail, taking into account reasonable expectations developed by data subject and activities strictly necessary for the function of the website and navigation itself. (Art. 6, par. 1. Lett. F and C47 of the GDPR) The retention of navigation data will last until navigation duration and in any case they will not last for more than seven days (except for any need to ascertain of crimes by judicial Authorities). The provision of data is necessary for website navigation.
Use of cookies and comparable technologies. Please see cookie policy in the footer of website For cookies and necessary non-technical comparable technologies, the processing is based on consent of processing of personal data (art. 6 par. 1 letter a an C42, C43 of GDPR). The consent is given through the banner and cookie policy of the website. See the cookie policy in the footer of website. See the cookie policy in the footer of website.

In addition to navigation, personal data will be processed for:

A) CONTACTS, sending contact requests, information inquiry The processing is necessary for the execution of a contract of which the involved party is a part or for the execution of contractual measures adopted upon request of the involved party himself/herself; (C44) art. 6 par. 1 lett. b) of GDPR Maximum 12 months The provision is necessary. Failure to provide the necessary data will make it impossible to be contacted and receive information
B) DIRECT MARKETING, for sending advertising or direct sales material or for carrying our market research, commercial and promotional communication, newsletter, by automated electronic means (e-mail, SMS) and traditional means (telephone and paper mail). The processing is based on consent to personal data processing (C42,C43) art. 6 par. 1 lett. a) of GDPR Until withdrawal of consent (or opt-out) The provision is optional. Failure to provide the necessary data will make it impossible to receive direct marketing communications
C) MANAGEMENT OF REQUESTS FROM THE INVOLVED PARTY and requests from other involved parties, according to art. 15 and following articles of GDPR (rights of the involved party) Processing is necessary for compliance with a legal obligation to which data controller is subject (C45) Article 6 par. 1 let. C) of GDPR 5 years from closure of the request, except disputes Personal data provision is compulsory , as it is necessary to be able to implement legal obligations

3. To whom will personal data be communicated? recipients of data

Personal data will be communicated, also on the basis of the purposes imposed in specific areas, to subjects who will process the data as independent data controllers, or data processors (art. 28 GDPR) and processed by natural persons (art. 29 GDPR) who act under the authority of Data Controller and the Responsible on the basis of specific instructions provided, with regard to the purposes and methods of processing, for specific purposes based on the reference area. The data will be communicated to recipients belonging to the following categories:

  • Subjects based in Italy and countries belonging to EU, that provide services for website and communication networks, including email, hosting and website management, as well as website assistance services;
  • Competent authorities for fulfillment of legal obligations and/or provisions of public entities, upon request.
    The list of data processors is available by writing to privacy@jpconcept.it or to other contacts indicated above.

4. Will the data be transferred to non-eea countries

Personal data will not be transferred to non-EEA countries. It should be noted, in particular, that the data will be preserved in Italy and EU countries, for hosting, management and maintenance services of the website. All third parties to whom the data might be communicated are based in Italy. In case of consent to the release of certain categories of cookies, it may be possible to transfer them outside European Union. In this case it will be carried out in compliance with articles 44 and following articles of EU Reg. 2016/679. For more information about guarantees related to the transfer of data outside EEA please write to privacy@jpconcept.it

5. Is there an automated process?

Personal data will be subjected to manual traditional electronic and automated processing. It should be noted that fully automated decision-making processes are not carried out.

6. What are your rights? How can you excersize them?

You will be able to assert rights as expressed by art.15 and following articles GDPR, by contacting the Data Controller at the email address privacy@jpconcept.it, or to the contacts indicated above or, you have the right, at any time, to request access to your personal data (art.15), rectification (art.16), cancellation of them (art.17), limitation of processing (art.18). The data controller communicates (art.19) to each of the recipients, to whom personal data have been transmitted, any amendments or cancellations or limitations of carried out processing. The data controller communicates to the involved party these recipients if the involved party requests it.
In expected cases, you have the right to portability of your data (art.20) and in that case they will be provided to you in a structured format, commonly used and readable, on automatic device. You have the right to object (art.21), at any time, to data processing based on legitimate interest, and in cases where legal basis has the consent, you have the right to revoke the given consent without the prejudice to lawfulness of the processing based on the consent before revocation.
To stop receiving automated direct marketing communications (email, SMS type messages, instant messages) please write an email to privacy@jpconcept.it with subject “unsubscribe from automated” or use our automatic cancellation systems provided for only email (opt-out). To stop receiving traditional direct marketing communications (telephone calls with operator and paper mail), please write an email to privacy@jpconcept.it with subject “unsubscribe from traditional”.
To no longer receive any marketing communications, please write an email to privacy@jpconcept.it with the subject “unsubscribe from marketing”.
In case you believe that personal data processing carried out by Data Controller occurs in violation of provisions of Regulation (UE) 2016/679, the involved party has the right to complain to supervisory Authority, in particular in the Member State where he habitually resides or works or in the place where the alleged violation has occurred (Privacy Guarantor https://www.garanteprivacy.it), or to appeal to the appropriate judicial offices.

7. Amendments to the policy

The data controller reserves the right to modify, update, add or cancel parts of this policy. In order to facilitate the check and amendment of text, the policy will contain the update date.

Update date: 05/05/2023