Privacy Policy

Information on the processing of personal data on the website in accordance with the European Regulation No. 2016/679 (GDPR), came into force on 25 May 2018.

1- Introduction
Andrea Benfenati takes data protection very seriously and he is committed to respecting it. This privacy policy (“Privacy Policy”) describes the data processing activities carried out by Andrea Benfenati on the website (the “Website”), and his commitments in this regard. Andrea Benfenati may process user’s data when he or she visits the Website or uses its services or functions. The sections of the Website that collect personal data usually contain a specific privacy policy statement as required by Articles 13 / 15 of Regulation (EU) 2016/679.

Where required by the above Regulation (EU) 2016/679 (DDPR), the user’s consent is required before his or her personal details are processed. If the user provides personal details of third parties, he or she must ensure that the transmission of data to Andrea Benfenati and the subsequent processing of that data for the purposes specified in the Privacy Policy conform to Regulation (EU) 2016/679 and the applicable laws.

2- Details identifying the data controller and data processor
You can contact Andrea Benfenati by sending an email to or a registered letter to
Benfenati Andrea
Via Castello, 51/A
I-20872 Cornate d’Adda (MB).

To find out your rights, please read the “Rights of the Data Subject” section below (9).

3- Type of data processed
In general, users’ personal data is not processed or collected when visiting or browsing the Website, except for the browsing and cookies data as specified below. In addition to the “browsing data” (see below), any personal data voluntarily supplied by the user may be processed if the user interacts with the functions of the Website or requests services offered on the Website. In accordance with the GDPR, Andrea Benfenati may also collect the personal data of users from third parties, when carrying out his activities.

4- Storage of personal data
Personal data is stored and processed on Andrea Benfenati’s proprietary systems which are managed by Andrea Benfenati or by third-party technical services providers. For more details, please see the section below: “Accessibility of personal data”. Your data is only processed by Andrea Benfenati.

5- Purposes and methods of processing
Andrea Benfenati may process the user’s ordinary and sensitive data for the following purposes: use of the services and functions on the Website by the users, the management of enquiries and comments from users, the sending of newsletters, the management of job applications received via the Website and so on. Furthermore, with the specific optional consent of the user, Andrea Benfenati may process his/her personal data for marketing purposes, i.e. it may send out promotional and/or business communications about the Company’s services, to the addresses provided, either using traditional means (post, ordinary telephone calls, etc.) or using automated means (online communications, fax, email, text, apps for mobile devices such as smartphones or tablets, social network accounts such as Facebook or Twitter, automated telephone calls, etc.).

Personal data is processed online, and will be stored on the company’s information systems in accordance with Regulation (EU) 2016/679, and also in accordance with the security and confidentiality requirements, based on the principles of fairness and legality. In compliance with Regulation (EU) 2016/679, the data will be kept and stored as indicated in paragraph 4 of this Policy.

6- Data quality and security
Andrea Benfenati will protect the security of the user’s personal data and will respect the security provisions of the applicable laws, to prevent the loss of data, its unauthorised use or unautorised access, with particular reference to the Technical Specifications regarding minimum security requirements. The information systems and computer programs used by Andrea Benfenati are configured in such a way as to minimise the use of personal and identifying data; such data is only processed to fulfil specific purposes in each case. Andrea Benfenati uses multiple advanced security technologies and procedures to keep user’s personal data secure. For example, personal data is stored on secure servers located in protected areas with controlled access. Users can help Andrea Benfenati to keep their personal data up-to-date by giving notice of any changes of address, qualifications or contact details.

7- Scope of communication and access to data
The user’s personal data may be disclosed to:
anyone who has the right to access the data by law;
any individual and/or legal entity, public and/or private body if necessary or functional to the fulfilment of Andrea Benfenati’s activities, in the ways and for the purposes illustrated above.

8- Provision of personal data
The user is required to provide certain personal data to allow Andrea Benfenati to deal with correspondence and queries or to contact the user to follow up a request. This type of data is marked with an asterisk [*] and in such a case it must be provided to allow the Company to follow up a request that cannot be fulfilled otherwise. Conversely, the provision of data not marked with an asterisk is optional: failure to provide it will not have any consequences for the use.

The provision of personal data by the user for marketing purposes, as specified in the section “Purposes and methods of data processing” is optional, and the refusal to provide it will not have any consequences. Consent given for marketing purposes extends to the sending of communications using automated or traditional means, as listed above.

9- Rights of the data subject
9.1- Art. 15 (right of access) and Art. 16 (right to rectification) of Regulation (EU) 2016/679

The data subject has the right to obtail confirmation from the data controller as to whether or not his/her personal data is being processed and, in such case, the right to obtain access to that data and to the following information:
the purposes of processing;
the categories of personal data concerned;
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
the right to lodge a complaint with a supervisory authority;
the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

9.2- Right as set out in Art. 17 of Regulation (EU) 2016/679Right to erasure (“right to be forgotten”)
The data subject has the right to obtain from the data controller the erasure of his or her personal data without undue delay, and the data controller is obligated to erase that data without undue delay, for one of the following reasons:
the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2) of Regulation (EU) 2016/679, and where there is no other legal ground for the processing;
the data subject objects to the processing pursuant to Article 21(1) of Regulation (EU) 2016/679 and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of Regulation (EU) 2016/679;
the personal data has been unlawfully processed;
the personal data has to be erased for compliance with a legal obligation in European Union or Member State law to which the controller is subject;
the personal data has been collected in relation to the offer of information society services referred to in Article 8(1) of Regulation (EU) 2016/679.

9.3- Right as set out in Art. 18 of Regulation (EU) 2016/679 – Right to restriction of processing
The data subject may obtain a limitation of the data processing, from the Data Controller, in one of the following cases:
the data subject disputes the accuracy of the personal data, for the period required by the data controller for checking such accuracy;
the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of its use instead;
the controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defence of legal claims;
the data subject has objected to processing pursuant to Article 21(1) of Regulation (EU) 2016/679, pending verification whether the legitimate grounds of the controller override those of the data subject.

9.4- Right as set out in Article 20 – Right to data portability
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data has been provided.

10- Revocation of consent to processing
The data subject may revoke consent to the use of his or her personal data by sending a registered letter to:
Benfenati Andrea
Via Castello, 51/A
I-20872 Cornate d’Adda (MB)
together with a photocopy of ID card. The letter should be worded as follows: “Revocation of consent for the processing of all personal data.” After this, your personal data will be removed from our archives as quickly as possible.

If you require more information about the use of your personal data, or wish to exercise your rights under Article 4, you can send a registered letter to:
Benfenati Andrea
Via Castello, 51/A
I-20872 Cornate d’Adda (MB)

Before Andrea Benfenati can provide you with any information, or amend any information, Andrea Benfenati may need to check your identity, and ask you to answer a few questions. Andrea Benfenati will reply as quickly as possible.