Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA by Impresoft Engage S.r.l.

Pursuant to articles 13 of Regulation (EU) 2016/679

This information is provided in accordance with the European General Data Protection Regulation EU 2016/679 ("GDPR") as amended and/or supplemented as well as national legislation or regulations on the processing of personal data as applicable from time to time ("Privacy Legislation") to ensure that the processing of personal data is carried out in accordance with the rights and freedoms of individuals with particular regard to the protection of personal data.

The term "personal data" means any information relating to a natural person who is identified or identifiable, even indirectly, by reference to any other information, including a personal identification number.

The term "processing" means any operation or set of operations, whether or not by automated means, applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction.

The term "datasubject" means the natural person to whom the personal data refer.

  1. Data controller

Impresoft Engage, with registered office at Via Vecchia Ferriera 5, 36100 Vicenza (VI), CF and P.I. 03184500241 acts as the Data Controller ("Controller" or "Impresoft Engage") of the data for the purposes set out in paragraph 3 below and belongs to the Impresoft Group.

The list of companies belonging to the Impresoft Group can be found in the following section of the website of Impresoft S.p.A. www.impresoftgroup.com/it/le-aziende-del-gruppo("Group Companies"). The Data Controller can be reached at the following e-mail address:privacy@impresoftengage.com

The Owner has appointed a Data Protection Officer, who can be contacted at the following address:dpo@impresoft.com.

  1. Sources and Type of Data Processed

Data processed by the Data Controller and collected directly from the forSales website of Impresoft Engage may include personal information and contact information (first name, last name, e-mail, telephone number, address, role, company name, CV and professional life data in case of application and any other information voluntarily provided by the data subject).

  1. Purpose and legal basis of the processing carried out by the Controller

The Data Controller may process the personal data of the data subject for the processing purposes set out below:

  1. Purposes strictly related and instrumental to the establishment and management of a contract to which the data subject is a party pursuant to Article 6 paragraph 1 letter b) GDPR. The provision of personal datadoes not require consent, but is necessary to perfect, execute or continue the contractual relationship with the Data Controller.
  2. Managing relations with the data subject arising from his or her requests to take advantage of additional content (whitepapers, gated content) offered within the Controller's site. The provision of personal data is not mandatory, but the refusal to provide it may result in the interested party being unable to obtain the services and/or products and/or content requested, receive the features, information and informative material requested from the Controller. The provision of personal datadoes not require consentbecausethe processing is necessary to execute a free contract to which the data subject is a party as provided for in Article 6 paragraph 1 letter b) GDPR.
  3. Through profiling cookies, if accepted by the user through the appropriate cookie banner, is put in place profiling activities consisting of the analysis of the interests and preferences of users in relation to the type of content downloaded on the site to put in place profiled marketing activities. The provision of data is not mandatory and their processingrequires the consent ofthe person concerned. Such data will be displayed and processed by the other Group Companies only in the presence of the consent referred to in point 9) below.
  4. Responding to requests for information made by the data subject to the Data Controller. In order to execute said requests, the Data Controller may make use of other partners and Group Companies whose product is the subject of the data subject's request for information. The provision of personal datadoes not require consentbecausethe processing is necessary to execute pre-contractual measures taken at the request of the data subject pursuant to Article 6 paragraph 1 letter b) GDPR.
  5. Fulfilment of legal obligations, by regulations, by EU legislation, by provisions issued by authorities empowered to do so by law or by supervisory and control bodies pursuant to Art. 6 paragraph 1 lett. c) GDPR. The provision of personal data for the purposes referred to in this point is mandatory and its processingdoes not require consent.
  6. Purposes of business analysis in an anonymous form: to improve the business and its services (e.g. detection of the degree of customer satisfaction on the quality of services rendered and on the activity carried out by the Owner, the elaboration of studies and market research). The provision of personal data is not mandatory and its processingdoes not require consentforthe existence of legitimate interest of the Data Controller to carry out business analysis activities pursuant to Art. 6 par. 1 lett. f) GDPR.
  7. Marketing purposes for the promotion and sale of products and services similar to those already purchased by the data subject (so-called soft spam), through commercial communications transmitted by e-mail. The provision of data is not compulsory and their processingdoes not require consentforthe existence of legitimate interest of the Data Controller under Art. 6 par. 1 lett. f) GDPR to carry out marketing activities towards its customers.
  8. Own marketing purposes: with recourse to automated contact tools (such as call without operator, e-mail) or through traditional contact tools (call with operator), directly or through third party companies, with reference to its products and services i) transmit and/or propose by telephone, informative, commercial, advertising and promotional material, including personalized/specific interest on the basis of the information obtained as a result of the activity referred to in point 3 above ii) transmit newsletters and invitations concerning events and initiatives. The provision of data is not compulsory and their processingrequires consent, which may be given and revoked even for some of the above activities, by writing to the e-mail address below. If the data subject fails to provide personal data, the data subject will not be able to receive information on the products and/or services offered by the Data Controller, but there will be no consequences on the possibility for the data subject to consult the site and on any existing contractual relationship with the Data Controller.
  9. Communication of data to the Group Companies that, with reference to their own products and services and those of the Group Companies belonging to the ICT and consulting sector, may, with recourse to automated contact tools (such as call without operator, e-mail) or through traditional contact tools (call with operator), directly or through third party companies, i) transmit and/or propose by telephone, informative, commercial, advertising and promotional material, including personalized/specifically of interest on the basis of the information obtained as a result of the activity referred to in point 3 above ii) transmit newsletters and invitations regarding events and initiatives. The provision of data is not compulsory and their processingrequires the consent ofthe interested party, which may be revoked at any time without affecting the processing provided before the revocation.
  10. Management of the site(s) (statistical analysis). The provision of personal data isnotcompulsory and their processingdoes not require consentforthe existence of legitimate interest of the Data Controller pursuant to Art. 6 par. 1 lett. f) GDPR in the management of its website.
  11. Personnel recruitment and selection activities. The provision of personal data is not mandatory, but refusal to provide them may prevent the Data Controller from assessing the professional profile of the data subject for the purpose of establishing an employment relationship. The relevant processingdoes not require the consentofthe data subject for execution of pre-contractual measures taken at the request of the data subject pursuant to Article 6 paragraph 1 letter b) GDPR.
  12. Disclosure of candidates' data to Group Companies for purposes of recruitment and selection of personnel by them. The relevant processingrequires the consent of thedata subject, which may be revoked at any time without affecting the processing given before the revocation.
  13. Judicial defense: if necessary to ascertain, exercise or defend one's rights in court. The provision of personal data is compulsory and its processingdoes not require consentforthe existence of legitimate interest of the Data Controller in accordance with Art. 6 par. 1 lett. f) GDPR.
  14. Transmission by the Data Controller of marketing newsletters to the e-mail address provided by the data subject in the appropriate section of the site. The provision of data is optional and its processingrequires the consent of thedata subject, which is necessary in order to take advantage of the newsletter reception service by the Data Controller.

  1. Place and methods of processing personal data

In relation to the stated purposes, the processing of personal data is carried out using manual, computerized and telematic tools with logic strictly related to the purposes themselves and, in any case, in such a way as to ensure the security and confidentiality of the data.

Impresoft Engage will process the personal data of the interested party exclusively with technical personnel in charge of such processing, using mainly automated and computerized methods, suitable to guarantee, in relation to the purposes for which the data are processed, their security and confidentiality, as well as to prevent unauthorized access to them. Impresoft Engage does not perform automated decision-making processes.

The processing of collected data takes place at the premises of Impresoft Engage and the service providers identified by it and appointed, where necessary, as data processors pursuant to Article 28 of the GDPR.

Data collected and processed on the website are stored in the CRM common to the Group Companies that resides in HubSpot's server which has its servers in Europe ("HubSpot CRM").

  1. Retention of personal data

The data subject's personal data will only be kept for as long as necessary to achieve the purposes for which they are collected, in accordance with the principle of minimization under Article 5.1.c) of the GDPR.

In particular, with regard to processing for marketing purposes, the data will be processed and stored until the data subject's consent is revoked. In any case, the data subject can always request the interruption of the processing or the deletion of his or her data, as provided below.

The Data Controller may retain some data even after the termination of the relationship depending on the time necessary for the management of specific contractual or legal obligations as well as for purposes of administrative, tax and/or contribution period of time imposed by laws and regulations in force, as well as for the time necessary to enforce any rights in court.

In any case, the data are processed not only in compliance with current regulations, but also according to the canons of confidentiality to which the Data Controller has always been inspired.

Retention times will vary depending on the type of data processed, but, in general, Impresoft Engage refers to these criteria to determine the retention period:

  • If there is a legal or contractual need to retain the data.
  • If the data is necessary to provide its services.

  1. Categories of parties to whom the data may be communicated

The Data Controller may disclose the data subject's personal data to third parties in fulfillment of legal obligations and to service providers who will act as autonomous Data Controllers or will be designated as Data Processors pursuant to Article 28 of the GDPR should they process data on behalf of the Data Controller and are essentially included in the following categories listed by way of example but not limited to:

  • entities that perform banking services, including entities involved in the management of payment systems;
  • persons, companies, associations or professional firms that provide services or activities of assistance and consultancy to the owners, with particular but not exclusive reference to issues in accounting, administrative, legal, tax and financial, commercial matters;
  • business, marketing, legal partners, suppliers of technical services and/or software platforms, system administrators, hosting providers, IT companies, communication agencies;
  • Individuals who carry out control, audit and certification tasks of the activities put in place;
  • Group Companies that provide services of an IT nature (e.g., make the HubSpot CRM available or provide support, maintenance, assistance and development of the HubSpot CRM itself);
  • all Group Companies, only in the event that the data subject has consented to the purposes referred to in points 9) and/or 12) of paragraph 3 above;
  • all Group Companies, only in the event that it is necessary to execute a request made by the data subject as indicated in point 4) of paragraph 3 above.

The updated list of names of the parties to whom the personal data of the data subjects may be communicated and/or transferred is available from Impresoft Engage by contacting us at:privacy@impresoftengage.com

  1. Transfer of data outside the EU

The possible transfer of data to Third Countries outside the EU for the purposes indicated in paragraphs 3 and 4 above, may take place, in compliance with the modalities allowed by the applicable law and in particular according to the provisions of the GDPR set out in: i) Article 44 - General principle for transfer; ii) Article 45 - Transfer on the basis of an adequacy decision; iii) Article 46 - Transfer subject to adequate safeguards; iv) Article 49 - Exceptions in specific situations.

Data subject's data are shared, if specific consent is given, with Group Companies in the HubSpot CRM. The Group Companies include the Company Kipcast Corp. which is based in Canada. The transfer of data to this Company is guaranteed by the European Commission's Adequacy Decision 2002/2/EC of December 20, 2001 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data under the Canadian Personal Information Protection and Electronic Documents Act.

  1. Rights of the data subject

Under Articles 15-22 of the GDPR, data subjects are granted specific rights. In particular, the data subject may obtain from the Data Controller: access, rectification, erasure, restriction of processing, revocation of consent as well as portability of data concerning him or her. The data subject also has the right to object to the processing for legitimate reasons and/or for commercial purposes.

The Data Controller undertakes to respond as soon as possible to the data subject after verifying his/her identity where necessary.

In the event that the right to object is exercised, the Data Controller reserves the right not to act on the request, and thus to continue the processing, in the event that there are compulsory legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subject.

As for marketing purposes, this is without prejudice to the possibility for the data subject who has given his or her consent

  • to request, at any time and free of charge, to receive communications exclusively through traditional means of contact such as operator calls;
  • to object, at any time and free of charge, to the processing of data for the aforementioned purposes. In this case, the right to object to the processing of data through automated modes of contact (such as e-mail and telephone calls without an operator), extends to traditional modes of contact (such as telephone calls through an operator);
  • to object, at any time and free of charge, to the processing of data for the above-mentioned purposes only in part, i.e. by expressing a choice about the contact mode.

The above rights may be exercised by sending a written communication to the Data Controller at the following e-mail address:privacy@impresoftengage.com;

The data subject is informed that, pursuant to Article 12 of the GDPR, if the data subject's requests are found to be manifestly unfounded or excessive, in particular due to their repetitive nature, the Data Controller may: a) charge a reasonable fee, taking into account the administrative costs incurred in providing the information or communications or taking the requested action or b) refuse to comply with the request.

The data subject also has the right to lodge a complaint before the Data Protection Authority.

  1. Links to other websites

The site may contain links to other websites. However, once the data subject has used these links and leaves this site, https://site.forsales.it/will have no control over the other websites. Impresoft Engage will in no way be responsible for the protection and privacy of any information you provide while visiting such other sites. You should carefully read the privacy policy applicable to the site in question.

  1. Changes to this privacy policy

Impresoft Engage reserves the right to make changes to this policy at any time by notifying interested parties on this page. If you do not agree to the changes made to this policy, you must cease using this site and may request Impresoft Engage to remove your personal information.

Last updated: 29/02/2024

INFORMATION PROVIDED ON THE PROCESSING OF PERSONAL DATA ofImpresoft Engage pursuant toArticle 13 of Regulation (EU) 2016/679

The information set forth in this Privacy Policy is provided in compliance with the European General Regulation on the Protection of Personal Data EU 2016/679 ("GDPR") and subsequent amendments and/or additions, as well as the national laws or regulations on the processing of personal data that may be applicable from time to time ("Privacy Regulation"). This is done with a view to guaranteeing that the processing of personal data is carried out in compliance with individuals' personal data protection rights and freedoms.

The term "personal data" means any information relating to a natural person that is identified or identifiable, even indirectly, with reference to any other information, including a personal identification number.

The term "processing" means any operation or set of operations, carried out with or without the help of automated processes that are applied to personal data or sets of personal data, such as collecting, recording, organizing, structuring, storing, adapting or modifying, extracting, consulting, using, communicating by transmission, disseminating or making the aforementioned data available in any other way, comparing or interconnecting, limiting, erasing or destroying such data.

The term "data subject" refers to the natural person to whom the personal data refers.

  1. Data controller

Impresoft Engage, with registered office at Via Vecchia Ferriera 5, 36100 Vicenza (VI) , Tax Code and VAT No. 03184500241, acts in its capacity as Data Controller ("Data Controller" or "Impresoft Engage") of the data for the purposes referred to in paragraph 3 below and belongs to the Impresoft Group.

The list of companies belonging to the Impresoft Group can be consulted in the following section of the Impresoft S.p.A. website www.impresoftgroup.com/it/le-aziende-del-gruppo("Group companies"). The Data Controller can be reached at the following e-mail address:dpo@impresoft.com.

The Data Controller has appointed a Data Protection Officer, who can be contacted at the following address:dpo@impresoft.com.

  1. Sources and Type of data that is processed

The data that the Data Controller processes and collects directly from the forSales di Impresoft Engage website may include personal information and contact information (name, surname, e-mail, telephone number, address, role, company name, CV and professional data in case of a job application and any other information voluntarily provided by the data subject).

  1. Purpose and legal basis of the processing carried out by the Data Controller

The Data Controller may process the data subject's personal data for the purpose of processing such data in the manner detailed below:

  1. Purposes that are strictly connected with and which serve the purpose of establishing and managing a contract to which the data subject is a party pursuant to Article 6, paragraph 1, letter b) of the GDPR. The provision of personal data does not require consent, but is required for perfecting, performing or continuing the ongoing contractual relationship with the Data Controller.
  2. Managing relationships with the data subject arising from requests to use the additional contents (whitepapers, gated content) provided on the Data Controller's site. The provision of personal data is not mandatory, but the refusal to provide it may make it impossible for the data subject to obtain the requested services and/or products and/or contents, receive the features, information and material requested from the Data Controller. The provision of personal data does not require the data subject to provide his or her consent since the processing thereof is essential for performing a gratuitous contract to which the data subject is a party, as envisaged by Article 6, paragraph 1, letter b) of the GDPR.

  1. Profiling activities carried out through profiling cookies in those situations in which they are accepted by the user though a specific cookie banner. They consist, with a view to carrying out profiled marketing activities, in analyzing the user's interests and preferences that are connected with the type of content that is downloaded on the website. The provision of data is not mandatory and the processing thereofrequires the data subject's consent. Such data will be viewed and processed by the other Group Companies only when the consent referred to in point 9) below has been given.
  2. Replying to requests for information that the data subject makes to the Data Controller. With a view to meeting these requests, the Data Controller may avail itself of other partners and Group companies whose product is being dealt with in a request for information that has been made by the data subject. The provision of personal datadoes not require the data subject's consent sincethe processing thereof is required for implementing pre-contractual measures that have been taken upon the data subject so requesting pursuant to Article 6, paragraph 1, letter b) of the GDPR.
  3. Complying with legal obligations, regulations, EU legislation, orders issued by authorities that are entitled to do so under the law or by supervisory and control bodies pursuant to Article 6, paragraph 1, letter c) of the GDPR. The provision of personal data for the purposes referred to in this point is mandatory and the processing thereofdoes not require the data subject's consent.
  4. Purposes that are connected with anonymous business analysis: With a view to improving its activities and services (e.g. reporting on the level of customer satisfaction about the quality of the services rendered and the activities carried out by the Data Controller, as well as carrying out market studies and research). The provision of personal data is not mandatory and the processing thereofdoes not require the data subject's consent onaccount of the Data Controller having a legitimate interest in carrying out the business analysis activities envisaged in Article 6, paragraph 1, letter f) of the GDPR.
  5. Marketing for the purpose of promoting and selling products and services similar to those already purchased by the data subject (so-called soft spam), through commercial correspondence exchanged by means of e-mails. The provision of data is not mandatory and its processingdoes not require the data subject's consent onaccount of the Data Controller's legitimate interest envisaged in Article 6, paragraph 1, letter f) of the GDPR to provide marketing services to its customers.
  6. Own marketing purposes: By using automated contact tools (such as calls without an operator, e-mails) or traditional contact tools (calls with an operator) and doing so directly or through third-party companies, in connection with its products and services: i) send and/or propose by telephone, informational, commercial, advertising and promotional material, including personalized material/material that is of specific interest and that is based on the information obtained after having conducted the activities referred to in point 3 above; ii) send newsletters and invitations relating to events and initiatives. The provision of data is not mandatory and its processingrequires the data subject's consent, whichcan be given and withdrawn even in connection with only some of the aforementioned activities, by sending an e-mail to the address indicated below. In the event that the data subject fails to provide personal data, the latter will not be able to receive information on the products and/or services provided by the Data Controller, but there will be no impact on the data subject's entitlement to consult the website and on any ongoing contractual relationship with the Data Controller.
  7. Disclosure of data to Group Companies which, with regard to their own products and services and those of Group Companies operating in the ICT and the consultancy sectors, may, by using automated contact tools (such as calls without operators, e-mails) or traditional contact methods (calls with operator), directly or through third-party companies: i) send and/or propose by telephone, informational, commercial, advertising and promotional material, including personalized material/material that is of specific interest and that is based on the information obtained after having conducted the activities referred to in point 3 above; ii) send newsletters and invitations concerning events and initiatives. The provision of such data is not mandatory and the processing thereofrequiresthe data subject's consent, which may be withdrawn at any time whatsoever, without prejudice to the processing carried out before the withdrawal.
  8. Management of the site(s) (statistical analysis). The provision of personal data is not mandatory and its processing does not requirethe data subject's consent due tothe Data Controller having a legitimate interest to manage its website pursuant to Article 6, paragraph 1, letter f) of the GDPR.
  9. Staff selection and search activities. The provision of personal data is not mandatory, but the refusal to provide it may prevent the Data Controller from evaluating the data subject's professional profile for the purpose of hiring the latter. The processing thereof does not require thedata subject's consentfor the purpose of carrying out pre-contractual activities that have been taken upon the data subject so requesting pursuant to Article 6, paragraph 1, letter b) of the GDPR.
  10. Disclosure of candidate data to Group Companies for staff search and selection activities conducted by them. The relevant processing requires thedata subject's consent, which may be withdrawn at any time whatsoever without prejudice to such data being processed before the withdrawal.
  11. Defense in legal proceedings in the event that this is required for the purpose of ascertaining, exercising or defending rights in court. The provision of personal data is mandatory and the processing thereof does not require thedata subject's consenton account of the Data Controller having a legitimate interest to do so pursuant to Article 6, paragraph 1, letter f) of the GDPR.
  12. The Data Controller sending marketing newsletters to the e-mail address provided by the data subject in the specific section of the website. The provision of such data is optional and the processing thereof requires thedata subject's consentin order that the latter may be able to use the newsletter reception service provided by the Data Controller.
  1. Place and methods for processing personal data

With regard to the aforementioned purposes, the personal data shall be processed with the use of manual, IT and electronic data transmission tools for reasons that are strictly related to such purposes and, in any case, in such a way as to guarantee the security and confidentiality of the said data.

Impresoft Engage shall only process the subject's personal data with the technical staff in charge of such processing, as well as with predominantly automated and computerized methods that are capable of guaranteeing, with regard to the purposes for which such data is processed, security and confidentiality, as well as avoiding unauthorized access to the aforementioned data. Impresoft Engage does not carry out automated decision-making procedures.

The collected data is processed at the offices of Impresoft Engage, as well as those of the service providers identified by it, who are appointed, where necessary, data controllers pursuant to Article 28 of the GDPR.

The data collected and processed on the website are stored in the CRM that the Group Companies have in common, which resides on the HubSpot server, whose servers are located in Europe ("HubSpot CRM").

  1. Storage of personal data

The data subject's personal data shall be stored only for as long as is necessary to achieve the purposes for which it has been collected, in compliance with the principle of minimization provided for under Article 5, paragraph 1, letter c) of the GDPR.

In particular, the data shall be processed and stored until the data subject withdraws his or her consent. In any event, the data subject can always request that the processing of his or her data be interrupted or his or her data be deleted in the manner envisaged below.

The Data Controller may withhold some data even after the termination of the contractual relationship. This will depend on the time required for managing specific contractual or legal obligations, as well as complying with administrative, tax and/or social security obligations (that is to say a period of time imposed by the applicable laws and regulations that are in force at such time), as well as on the time required for asserting any rights in court.

In any case, the data shall be processed not only in compliance with current legislation, but also in accordance with the levels of confidentiality that the Data Controller has always maintained.

Retention times shall depend on the type of data that is being processed, but Impresoft Engage generally refers to the following criteria for the purpose of establishing the retention period:

  • whether there is a legal or contractual need to withhold the data or not.
  • whether the data is required for providing our services.

  1. Categories of persons to whom the data can be disclosed

The Data Controller may disclose the data subject's personal data to third parties in fulfillment of legal obligations, and it may disclose such data to service providers operating as independent Data Controllers or designated Data Processors pursuant to Article 28 of the GDPR in those situations in which they must process data on behalf of the Data Controller and as a matter of fact, within one of the following categories that are listed by way of example and without any pretense of completeness:

  • persons who provide banking services, including persons who run payment systems;
  • individuals, companies, associations or professional firms that provide consulting services or assistance and advice to the data controllers, with particular but not exclusive reference to accounting, administrative, legal, tax, financial and business matters;
  • commercial, marketing, legal partners, suppliers of technical services and/or software platforms, system administrators, hosting providers, IT companies, communication agencies;
  • persons who control, audit and certify the activities that have been carried out;
  • Group companies that provide IT services (e.g. make the HubSpot CRM available or provide the aforementioned HubSpot CRM support, maintenance, assistance and development services);
  • all of the Group Companies, only in the event that the data subject has given his or her consent for the purposes referred to in point 9) and/or point 12) of paragraph 3 above;
  • all of the Group Companies, only in the event that a request made by the data subject must be dealt with in the manner indicated in point 4) of paragraph 3 above.

The updated list of names of the persons to whom data subjects' personal data may be disclosed and/or transferred can be consulted at Impresoft Engage by contacting us at:privacy@impresoftengage.com

  1. Transfer of data outside the EU

Data may be transferred to third countries outside the EU for the purposes indicated in paragraphs 3 and 4 above in compliance with the methods permitted under current legislation and in particular on the basis of the GDPR provisions referred to in: i) Article 44 - General principle for transfer; ii) Article 45 - Transfer on the basis of an adequacy decision; iii) Article 46 - Transfers subject to appropriate safeguards; iv) Article 49 - Derogations for specific situations.

The data subject's data is shared, where specific consent has been given, with the Group Companies in the HubSpot CRM. The Group Companies include Kipcast Corp, which is based in Canada.

The transfer of data to such Company is guaranteed by the Adequacy Decision issued by the European Commission 2002/2/EC on 20 December 2001 pursuant to Directive 95/46/EC of the European Parliament and of the Council concerning the adequate protection of personal data envisaged by the Canadian Personal Information Protection and Electronic Documents Act.

  1. The data subject's rights

Pursuant to Articles 15-22 of the GDPR, data subjects are granted specific rights. In particular, the data subject may obtain, from the Data Controller: access to his or her data, the rectification, erasure, limitation of the processing thereof, the withdrawal of consent as well as portability of such data. The data subject is also entitled to object to the processing of his or her data for legitimate reasons and/or to the processing thereof for marketing purposes.

The Data Controller shall reply to the data subject as soon as possible after verifying, where necessary, the identity thereof.

The Data Controller reserves the right not to follow up, in the event that the right to object is exercised, on such request and, therefore, to continue processing the data subject's personal data in those situations in which there are mandatory and legitimate reasons for proceeding with the processing thereof that prevail over the data subject's interests, rights and freedoms.

As far as processing the data subject's personal data marketing purposes are concerned, the data subject who has given his or her consent shall continue to be entitled:

  • to make a request, free of charge and at any time whatsoever, that he or she be contacted solely through traditional contact methods such as operator calls;
  • to object, free of charge and at any time whatsoever, to his or her data being processed for the aforementioned purposes; in this case, the right to object to the processing of data through automated contact methods (such as emails and telephone calls without an operator) extends to traditional contact methods (such as telephone calls through an operator);
  • to object, free of charge and at any time whatsoever, to his or her data being processed for the aforementioned purposes only in part (i.e. by making a decision on the contact methods).

The aforementioned rights may be exercised by sending notice in writing to the Data Controller to the following e-mail address:privacy@impresoftengage.com;

The data subject is hereby informed that, pursuant to Article 12 of the GDPR, the Data Controller may, in those situations in which the data subject's requests prove to be manifestly unfounded or excessive (and, in particular, on account of the repetitive nature thereof): a) charge the data subject the expenses reasonably incurred by the former, taking into account the administrative costs incurred in providing the information or serving the notices in question or taking the requested action; or b) refuse to comply with such request.

The data subject is also entitled to lodge a complaint before the Italian Personal Data Protection Authority.

  1. Links to other websites

The website may contain links to other websites. However, once the data subject has used these links and leaves this website, https://site.forsales.it/ will not have any control over other websites. Impresoft Engage will not be liable in any way whatsoever for the protection and confidentiality of any information that is provided when visiting such other websites. We recommend that you carefully read the aforementioned website's applicable privacy policy.

  1. Changes to this privacy policy

Impresoft Engage reserves the right to make changes to this Policy at any time whatsoever by giving data subjects notice thereof on this page. In the event that changes made to this Policy are not accepted, the data subject is required to cease using this website and may request Impresoft Engage that his or her personal data be removed.