Privacy Notice for the Processing of Personal Data pursuant to Article 13 of EU Regulation 2016/679
edition February 2026
This notice describes how this website (hereinafter, the “Site”) is managed with regard to the processing of personal data of users who access it and interact with its services. It is updated as of February 2026 and may be subject to changes: users are therefore invited to consult it periodically.
The Site is managed within the framework of the network contract “APT SAFETY GROUP”, a collaboration agreement between legally independent companies pursuant to Article 3, paragraph 4-ter, of Legislative Decree 5/2009. The participating companies share certain technical and organizational tools while maintaining legal, fiscal and managerial autonomy. In this context, some personal data processing activities are carried out jointly by the companies participating in the network.
This notice is provided pursuant to Article 13 of Regulation (EU) 2016/679 (hereinafter, the “Regulation” or “GDPR”) and describes the purposes and methods by which personal data are processed. Processing is based on the principles of lawfulness, fairness, transparency, data minimization, storage limitation, integrity and confidentiality.
1. Identity and contact details of the Data Controller
The personal data collected through this website are processed jointly by:
APT ANTINCENDIO S.r.l. – Via delle Azalee, 21 – 27016 Sant’Alessio con Vialone (PV) – VAT No. 00611740184 – email: [email protected]
APT SERVICES S.r.l. – Via delle Azalee, 24/26 – 27016 Sant’Alessio con Vialone (PV) – VAT No. 00953650181 – email: [email protected]
APT ENGINEERING & MARKETING S.r.l. – Via delle Azalee, 24/26 – 27016 Sant’Alessio con Vialone (PV) – VAT No. 01778510188 – email: [email protected]
To facilitate the exercise of data subjects’ rights, APT ENGINEERING & MARKETING S.r.l. acts as the single point of contact. This choice is made exclusively for organizational purposes and does not in any way limit the rights granted to the data subject under Article 26, paragraph 3 of the GDPR, according to which the data subject may exercise their rights against each joint controller.
The three companies listed above act as Joint Controllers pursuant to Article 26 of Regulation (EU) 2016/679 (GDPR), based on an internal agreement that jointly governs the purposes and means of processing carried out through this website and related IT tools, including contact forms and newsletter services.
APT ENGINEERING & MARKETING S.r.l. is the owner of the website and provides technical and operational support on behalf of the other companies of the APT SAFETY GROUP network. Pursuant to Article 26, paragraph 2 of the GDPR, a summary of the joint controllership agreement may be requested by writing to: [email protected]
2. Categories of personal data processed
Through this website, different categories of personal data may be collected and processed, depending on the user’s interaction:
a) Data voluntarily provided via web forms:
Contact form: name, surname, email address, phone number and message sent.
Newsletter subscription form: name, surname, email address, possible company/organization indication and selection of the company within the group from which the user wishes to receive communications.
Data provided through forms are processed exclusively to respond to requests submitted or for newsletter subscription, within the limits of the declared purposes and based on the consent provided by the data subject (for newsletters).
b) Browsing data: IT systems and software procedures used to operate the Site acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. Such data may include, by way of example: IP addresses or domain names of devices used, time of access, method used to submit the request to the web server, size of the file obtained in response, etc. These data are used from a technical standpoint to ensure proper functioning of the site and for security purposes.
c) Data collected through cookies and similar tools: For more details on the types of cookies used and the data collected through them, please refer to the Site’s Cookie Policy.
3. Purpose of processing and legal basis
The personal data collected through the Site are processed for the following purposes:
3.1 Management of contact requests
Data provided by the user through the contact form are processed to respond to requests for information, support or commercial contact.
Legal basis: performance of pre-contractual measures taken at the request of the data subject (Art. 6.1(b) GDPR).
Data provision: mandatory. Failure to provide data makes it impossible to process the request.
3.2 Newsletter subscription
Data provided through the newsletter subscription form are used to send periodic informational and promotional communications from the company selected by the user among those belonging to the APT Safety Group network.
Legal basis: explicit consent of the data subject (Art. 6.1(a) GDPR), given via a specific checkbox.
Data provision: optional. Failure to provide data does not affect the ability to use the website or send contact requests.
3.3 Technical management of the site and security
Browsing data are processed to ensure proper technical functioning of the site, ensure information security and prevent improper or unlawful use of the system.
Legal basis: legitimate interest of the Controller and Joint Controllers (Art. 6.1(f) GDPR) and legal obligations relating to IT security (Art. 6.1(c) GDPR).
Data provision: necessary for technical reasons; processing occurs automatically during browsing.
3.4 Cookie management
For detailed information on the types of cookies used by the Site, their purposes and how to manage user preferences, please refer to the Cookie Policy available on the Site via the dedicated link.
The legal basis for processing personal data collected via cookies is the user’s consent, pursuant to Article 6(1)(a) GDPR, where required by applicable law.
4. Methods of processing
Personal data are processed using IT and telematic tools, in a lawful, fair and transparent manner, in accordance with the principles of minimization, integrity, accuracy and confidentiality, in compliance with Regulation (EU) 2016/679 and applicable national legislation. Processing includes operations such as collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, restriction, deletion and destruction of data. Data are processed by authorized personnel, adequately trained, and by third parties acting as data processors on the basis of contracts compliant with Article 28 of the GDPR. Processing is mainly carried out electronically and appropriate technical and organizational measures are adopted to ensure data security and protection.
5. Recipients of personal data
Personal data collected through the Site may be processed by the following categories of recipients:
Companies belonging to the APT Safety Group network, acting as joint controllers in accordance with the joint controllership agreement.
Authorized persons under the authority of the joint controllers, duly instructed and bound by confidentiality obligations.
External providers supplying technical, organizational or professional services necessary for the management of the Site and related activities, acting as data processors pursuant to Article 28 GDPR. These providers may include, by way of example:
providers of ICT services, hosting, cloud, maintenance and IT security management;
providers of tools for managing contacts and commercial communications (e.g. newsletters);
providers of cookie consent management services.
Third parties authorized by law to access personal data (e.g. public authorities, judicial bodies, supervisory authorities).
The updated list of data processors is available upon request at the contact details indicated in this notice.
Personal data will not be disclosed, except where required by law.
6. Data retention period
Personal data collected through the Site are retained for the time strictly necessary to achieve the purposes for which they are processed, in accordance with the principles of minimization and storage limitation under the GDPR. In particular:
Contact requests: data are retained for 12 months from the last contact with the data subject, unless legal obligations require longer retention. For administrative purposes, data will be deleted no later than December 31 of the year in which the retention period expires.
Newsletter: data are retained until consent is withdrawn. Withdrawal can be made at any time via the unsubscribe link or by contacting the email indicated.
Browsing data: retained for 12 months unless otherwise required by law or justified technical needs.
Cookies: retention is defined in the Cookie Policy.
At the end of the retention period, data will be deleted or anonymized.
7. Data subject rights
The data subject has the right to obtain confirmation of whether personal data concerning them are being processed and, if so, access to such data and related information (Art. 15 GDPR).
The data subject also has the right to: rectification (Art. 16); erasure (Art. 17); restriction (Art. 18); data portability (Art. 20); objection (Art. 21); withdrawal of consent (Art. 7); lodge a complaint with a supervisory authority (Art. 77).
Requests may be sent to: [email protected]
8. Mandatory or optional provision of data
Providing browsing data is necessary for using the Site.
Providing data in forms is optional but necessary to submit requests or receive communications.
Consent for cookies is optional.
9. Data transfer outside the EU
Data are stored within the EU. Some services may involve transfers outside the EU (e.g. USA), carried out in compliance with GDPR (adequacy decisions, SCC, etc.). More information is available upon request.
10. Cookie Policy
The Site uses technical cookies and, with consent, also analytical and profiling cookies. Cookie management is handled via a CMP platform. Users can manage preferences via the banner. More details are available in the Cookie Policy accessible from the site.
