Privacy policy

Responsible for this privacy policy:

Terre Mariotti f.lenders@terremariotti.it

Updated on 15 Mar. 2024

The European General Data Protection Regulation (GDPR) – Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC – stipulates that public authorities must appoint a data protection officer.

The managing director has been appointed as the data protection officer as referred to in Article 37 of European Regulation 2016/679 on data protection.

Your privacy is of great importance to us. We strive to process your personal data in a lawful, correct, and transparent manner. In this privacy statement, we explain which personal data we collect and process as a natural person from you. From now on, we always refer to your data as that of a citizen, or as another party involved, such as a beneficiary, contact person in a company, and so on. Regardless of the capacity, your rights remain the same, and we handle your data with equal care.

We are responsible for the processing of personal data. You should be able to trust that we handle personal data carefully and securely. To ensure this, we adhere to an approved information security policy. This policy is in accordance with relevant legislation.

Terre Mariotti advocates for efficient and high-quality service. We commit ourselves to always securely manage your personal information.

We ensure to process your data only when we have a valid legal basis for doing so. Primarily, we process personal data solely within the scope of a legal obligation or for the general interest. In a limited number of cases, we do this based on a contractual commitment or to protect the vital interests of a natural person. In all other cases, we will ask for your consent to process your data. This is the case, among others, for:

1. The use of cookies on the website
2. Processing visual material: photos and videos
3. Use of contact information for newsletters you subscribe to

The collection of personal data occurs through one of the following methods:

1. We directly request your personal information from you.
2. The information users provide during a purchase on the website: name, address, email address, phone number, and IP address.
3. The information users provide when filling out a contact form: name, email address, phone number, and IP address.

The processing of personal data is carried out by employees of Terre Mariotti. All employees are bound by legal professional confidentiality and sign a confidentiality agreement. We make every effort to continually educate our employees about the importance of privacy and data protection.

Our employees use automated systems purchased from third parties. In addition to IT suppliers, we also have contracts for personnel management, legal assistance, etc. These suppliers are processors who handle personal data on our behalf. To ensure privacy, a data processing agreement has been concluded with these suppliers. These suppliers are bound by the same legal bases and security measures as those applicable to us.

We may also disclose your personal data:

1. If required by law or another legal process.
2. To law enforcement authorities or other government agencies in accordance with their legal powers.
3. When we believe disclosure is necessary or appropriate to prevent physical harm.
4. In connection with an investigation of suspected or actual fraudulent or illegal activities.

We primarily store and process your data within the European Union. We will also only use IT systems that are active within the European Union.

If there is no equivalent alternative within the zone, the organization may utilize applications that process data in countries outside the European Union, provided these applications offer sufficient guarantees that they comply with European regulations, preferably because they are located in so-called safe countries.

We retain personal data based on legally established retention periods.

Personal data is not kept longer than necessary. After the expiration of these periods, the personal data is destroyed according to the procedure outlined in the information security policy.

We implement appropriate administrative, technical, and physical security measures to protect personal data against accidental or unlawful deletion, unintentional loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the personal data in our possession. The level of security is determined by a data protection impact assessment.