en flag
en flag

Privacy Policy

Privacy Policy pursuant to Articles 13-14 of EU Regulation 2016/679 (GDPR)

Data Subjects: clients.

Gieffe Impianti srl, in its capacity as Data Controller of your personal data, pursuant to and in accordance with EU Regulation 2016/679 (hereinafter “GDPR”), hereby informs you that the Regulation provides for the protection of data subjects regarding the processing of personal data, and that such processing will be based on the principles of fairness, lawfulness, transparency, and the protection of your privacy and your rights.

Your personal data will be processed in accordance with the legal provisions of the above-mentioned Regulation and the confidentiality obligations therein provided.

Purpose and Legal Basis of Processing

Specifically, your personal data will be processed for the following purposes related to compliance with legal obligations:

  • mandatory legal obligations in tax and accounting matters

  • management of litigation

Your data will also be processed for the following purposes related to the execution of contractual or pre-contractual obligations:

  • post-sales support

  • customer management

  • quality management

  • planning of activities

  • assessment of customer satisfaction

  • customer billing history

Additionally, your data will be processed for the following purposes, which are necessary for the pursuit of the legitimate interests of the Data Controller:

  • the video surveillance system is implemented as a complementary measure aimed at improving security inside or outside buildings or facilities where production, industrial, commercial or service activities are carried out, or for the purpose of facilitating the exercise, in civil or criminal proceedings, of the right of defence of the Data Controller or third parties based on useful images in the event of unlawful acts.

With your prior consent, your personal data may also be processed for the following purposes:

  • to conduct market research, statistical analyses, and promotional activities, including the sending of advertising and promotional materials.

Providing your data for the above-mentioned purposes is optional, and any refusal will not compromise the continuation of the relationship or affect the appropriateness of the processing.

Processing Methods

Your personal data may be processed using the following methods:

  • outsourcing of processing operations to third parties

  • creation of profiles relating to customers, suppliers or consumers

  • processing using electronic systems

  • manual processing using paper archives

All processing is carried out in compliance with the provisions of Articles 6 and 32 of the GDPR and through the adoption of appropriate security measures.
Your data will be processed solely by personnel expressly authorised by the Data Controller and, in particular, by the following categories of staff:

  • all individuals appointed in writing and authorised to use the systems and, where strictly necessary for the purposes pursued, to access the recordings (Art. 30 of the Italian Privacy Code)

  • software developers and analysts

  • Administration office

  • Marketing office

Data Communication

Your data may be communicated to external parties for the proper management of the relationship, including the following categories of recipients (all duly appointed as Data Processors):

  • banks and credit institutions

  • consultants and freelancers, also in associated form

  • shippers, carriers, couriers, postal services, logistics companies

Data Dissemination

Your data may be disseminated through:

  • publication on the internet

Data Transfer

Your personal data may also be transferred, exclusively for the purposes stated above, to the following countries:

  • EU countries

  • United Kingdom

  • non-EU countries deemed safe

  • United States

  • Switzerland

Data Retention Period

In compliance with the principles of lawfulness, purpose limitation and data minimisation under Article 5 of the GDPR, we inform you that the retention period of your personal data is:

  • established for no longer than the time necessary to achieve the purposes for which they are collected and processed, for the execution and fulfilment of contractual purposes

  • established for no longer than the time necessary to provide the services requested

  • established for no longer than the time necessary to achieve the purposes for which they are collected and processed, and in compliance with the mandatory retention periods required by law

Data Subject Rights

You have the right to obtain from the Data Controller the erasure (right to be forgotten), restriction, updating, rectification, portability, and objection to the processing of your personal data, as well as, more generally, to exercise all the rights provided for by Articles 15 to 22 of the GDPR.

EU Regulation 2016/679: Articles 15 to 22 — Rights of the Data Subject

  1. The data subject has the right to obtain confirmation of the existence or otherwise of personal data concerning them, even if not yet recorded, and to have such data communicated in an intelligible form, as well as the right to lodge a complaint with the Supervisory Authority.

  2. The data subject has the right to obtain information on:

    • the origin of personal data

    • the purposes and methods of processing

    • the logic applied in the event of processing carried out with the aid of electronic tools

    • the identification details of the data controller, data processors and designated representative pursuant to Article 5(2)

    • the parties or categories of parties to whom personal data may be communicated or who may become aware of them as designated representatives in the State’s territory, processors or authorised persons

  3. The data subject has the right to obtain:

    • the updating, rectification or, when interested, the integration of data

    • the erasure, anonymisation or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which they were collected or subsequently processed

    • certification that the operations referred to in points (a) and (b) have been notified, also regarding their content, to those to whom the data were communicated or disseminated, except where this requirement proves impossible or involves a manifestly disproportionate effort compared to the right being protected

    • data portability

  4. The data subject has the right to object, in whole or in part:

    • for legitimate reasons, to the processing of personal data concerning them, even if relevant to the purpose of collection

    • to the processing of personal data concerning them for the purpose of sending advertising materials or direct sales or for carrying out market research or commercial communications

From Sun, energy for you.

Sustainability

Inovation

info@sun4g.it

+39 0141 721526

ENERGy

Privacy Policy

© 2025 Sun4G - PoweredBy Gieffe Impianti SRL | Piazza Garibaldi, 2 - Nizza Monferrato (AT) - Italy | P.IVA:01492200058

Clean Energy, green future.

Eficient Photovoltaics system.