Privacy Policy

This page describes how we process the personal data of users who visit this website and use its services (e.g. newsletter subscription). This Privacy Policy is provided pursuant to Article 13 of Regulation (EU) 2016/679 (“GDPR”) to all users interacting with the web services accessible electronically at: https://www.general-topics.com, corresponding to the home page of this website.

Types of Data Processed and Purposes of Processing

Browsing Data

The computer systems and software procedures used to operate this website automatically collect certain personal data during their normal operation. The transmission of such data is inherent in the use of Internet communication protocols. This information is not collected to be associated with identified individuals; however, by its very nature, it could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of the computers used by users connecting to the website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file returned in response, the numerical code indicating the status of the server’s response (successful, error, etc.), and other parameters relating to the user’s operating system and IT environment.

These data are normally used solely to obtain anonymous statistical information on website usage and to ensure the proper functioning of the website.

The data may also be used to establish liability in the event of alleged cybercrime against the website. Except for this possibility, web contact data are not retained for more than seven days.

Cookie

A cookie is a small text file transferred from a web server to the user’s computer. Its purpose is to inform the server about the user’s access to a particular web page and other information that can be obtained from readable system parameters through functions contained within the web page.

Cookies may be temporary (or session cookies, deleted when the browsing session ends) or persistent (stored on the user’s hard drive until deleted by the user). This website uses both session cookies and persistent cookies in order to:

  • keep track of browsing sessions anonymously;
  • improve website navigation;
  • analyse website traffic patterns in aggregate form.

The persistent cookies we use may store personally identifiable information only if the user has completed a registration process, allowing the personal identification data entered on the website to be retained. Otherwise, our server only recognises that an unidentified visitor associated with a specific cookie has returned to the website. Such data are neither disclosed nor communicated to third parties.

Depending on the browser used, users may disable cookies or selectively accept their use. In such cases, browsing may be less efficient: some website functions may be unavailable and certain web pages may not display correctly.

The use of session cookies (which are not permanently stored on the user’s computer and disappear when the browser is closed) is strictly limited to transmitting session identifiers (consisting of randomly generated numbers created by the server) necessary to ensure secure and efficient website browsing.

The session cookies used by this website avoid the use of other technologies that could compromise users’ browsing privacy and do not allow the collection of personally identifiable user data.

Users may, in any case, disable cookies or selectively accept their use depending on the browser used. In such cases, browsing may be less efficient: some website functions may be unavailable and certain web pages may not display correctly. For further information, please refer to the specific Cookie Policy available in the website footer.

Processing of Data Provided by the User

Contact Page

When requesting information, the requester’s name and email address are stored in the address book together with the subject and message entered in the contact form for the sole purpose of responding to the request. Such data will not be used for marketing communications.

Newsletter Page

Requests to receive information about new products, services or communications relating to the Data Controller’s activities are stored, and the user’s email address is retained on the Data Controller’s systems and, where necessary, shared with external processors responsible for managing communication delivery services.

Each communication sent includes an unsubscribe link allowing users to opt out of future mailings.

Registration Page

Registration is intended to create a user account through which users can stay informed about the website’s products and commercial initiatives. Users will also be able to purchase products through the dedicated online shop.

An account may be created either with the assistance of the sales representative responsible for the customer’s area or independently by the customer.

In the first case, the customer completes a registration form providing the required information and consents. The customer will also receive the Terms of Use and this Privacy Policy. Once the account has been created, the customer will receive a confirmation email containing the assigned password together with the Terms of Use and the Privacy Policy.

Upon first login, the customer will be required to change the assigned password.

In the second case, once the registration form has been completed, users must confirm that they have read and accepted the Terms of Use (General Terms and Conditions of Sale) and consent to the processing necessary for administrative purposes.

Consent to the processing of personal data for marketing communications is optional and, if desired, must be given by selecting the relevant checkbox.

Users may change this preference at any time through their account profile.

Online Shop

Registered users may access the Online Shop and order available products. Transactions are carried out using the information provided during registration.

The processing of personal data is necessary to manage all stages of the transaction, from shipment through invoicing, including transmission to the Italian Exchange System (SDI) and to banking institutions for payment processing.

Specifically:

  • contact and delivery information will be shared with transport companies selected according to the shipment destination;
  • the data necessary for the chosen payment method will be transmitted electronically to banking institutions or collection agencies;
  • electronic invoices will be transmitted to the Italian Revenue Agency’s Exchange System (SDI) and digital archiving system;
  • invoicing data and related information will be retained for the period required by applicable accounting and tax legislation, including references to the orders included in the issued invoice.

General Topics will retain order data and records relating to order fulfilment and invoicing in accordance with the applicable administrative and accounting regulations.

Legal Basis and Voluntary Nature of Data Provision

With the exception of processing carried out through non-technical cookies, whose legal basis is the data subject’s consent (Article 6(1)(a) GDPR), the processing related to requested services is based on Article 6(1)(b) (processing necessary for the performance of a contract with the user and/or in order to take steps at the request of the user prior to entering into a contract) and Article 6(1)(f) (processing necessary for the purposes of the legitimate interests pursued by the Data Controller, provided that such interests are not overridden by the rights and freedoms of the data subject).

Apart from the browsing data described above, users are free to provide personal data by voluntarily sending emails to the addresses indicated on this website or by completing and submitting the electronic forms provided. However, if users wish to receive the requested service, they must provide at least the mandatory data required to deliver that service.

Place of Data Processing

Personal data are processed at the Data Controller’s operational offices and in data centres located within the European Union, managed by hosting service provider Sartoriadigitale s.n.c. and cloud computing provider Aruba S.p.A.

Data Controller and Data Protection Officer Contact Details

The Data Controller is GENERAL TOPICS S.r.l., with registered office at Via Enrico Fermi, 7 – 25087 Salò (BS), Italy, Telephone: +39 0365 529111, Email address: info@general-topics.com , VAT No.: 01571610987

The Data Protection Officer (DPO) may be contacted through the Data Controller’s contact details above or directly at: rpd@vincenzi.com.

Rights of Data Subjects

Data subjects have the right, in the cases provided for by law, to obtain access to their personal data, request their rectification or erasure, request restriction of processing concerning them, or object to such processing (Articles 15 et seq. of the GDPR).

Requests may be submitted by contacting the Data Controller or the Data Protection Officer using the contact details provided above.

Right to Lodge a Complaint

Data subjects who believe that the processing of their personal data carried out through this website infringes the GDPR have the right to lodge a complaint with the competent Supervisory Authority pursuant to Article 77 of the GDPR or to seek judicial remedy pursuant to Article 79 of the GDPR.