Privacy and disclaimer

INFORMATION ON DATA PROCESSING PURSUANT TO THE CODE ON THE PROTECTION OF PERSONAL DATA (integrated with the amendments of Legislative Decree 10 August 2018 No. 101 on “Provisions for the adaptation of national legislation to the EU Regulation 679/2016 GENERAL DATA PROTECTION REGULATION, hereinafter the “GDPR”)

Scope of treatment

Spontaneous sending of personal data by the user (hereinafter the “Interested Party”), provided that they are a natural person or referable to a physical person, through the use of email, PEC, telephone and address contacts for GMA S.r.l., as well as by completing the form “Leave a comment” of the NPL Blog section (hereinafter, the “Operation”).

Data controller and contact information

The data controller is GMA S.r.l. (hereinafter, the “Holder”), with registered office in via Generale Gustavo Fara 39, 20124, Milan, C.F./P.IVA/number of registration in the company register 03017070982, contacted at the email address Data Controller will process the data according to the principles of correctness and lawfulness expressly recommended by the GDPR and for specific, explicit and legitimate purposes. Therefore, the Data Controller and the Data Processor take all the technical and organizational and consequently security measures recommended by the relevant disciplines.

Categories of personal data processed

  • Personal data (such as, but not limited to, name, surname, date and place of birth, residence, domicile and tax code);
  • Contact details (for example, but without pretension of exhaustiveness, email, PEC, telephone numbers, websites owned by the user);
  • Any further information spontaneously sent by the user referable to the concept of personal data in accordance with the law useful for managing any possible request for contact and any necessary response.

Each data referred to above as “Personal Datum” and all together “Personal Data”.

The interested party recognizes that personal data (such as sensitive data) are not included in the Personal Data pursuant to art. 9 of the GDPR and the Owner undertakes not to treat Personal Data as particular data, as well as to process any particular data sent by the user.

Purpose of the treatment

The Personal Data of the Data Subject will be processed exclusively as part of the ordinary activity of the Data Controller and for the following purposes:

  1. Management of any communication received at the address of the owner (without using the appropriate form “Leave a comment” in the NPL Blog section of the site by the interested party and any necessary answer;
  2. Sending informational newsletter (from occasional advertising content) to the email contact used by the interested party to make communications to the Data Controller;
  3. Management of any communication received at the address of the holder through the use of the appropriate form “Leave a comment” in the NPL Blog section of the site by the interested party and any necessary response;
  4. Sending informative newsletter (from occasional advertising content) to the email contact used by the interested party for the publication of a comment in the “Leave a comment” form of the NPL Blog section.

Personal Data will be processed by manual processing and / or electronic / computerized / IT tools with organizational and processing logic strictly related to the purposes.

Furthermore, Personal Data will be constantly updated in compliance with the principles of correctness and lawfulness of the treatments.

Duration of processing and storage of Personal Data

The data are kept for the time strictly necessary for the management of the purposes for which the data are processed (“conservation limitation principle”, art.5, EU Regulation 2016/679) or in compliance with the deadlines set by the regulations in force and of the legal obligations.

The verification of the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically.

Rapport with countries, territories, or section of them located outside the territory of the European Union

Personal Data will not be transmitted outside the territory of the European Union, except for specific provisions of the Law or the supervisory and supervisory authorities. In this case the transfer of Personal Data will take place in compliance with the principles set forth in art. 44 of the GDPR and on the basis of adequacy decisions expressed pursuant to art. 45 GDPR or on the basis of appropriate guarantees pursuant to art. 45 of the GDPR.

Legal basis of the processing

The legal basis of the processing:

  • for the purposes referred to in points 1 and 2 is the legitimate interest of the Owner;
  • for the purposes set out in points 3 and 4, the consent of the interested party.

Mandatory nature of the conferment

The provision of Personal Data, carried out in compliance with the principle of minimization, is mandatory; in the absence of such a transfer, the operations described in the paragraph relating to the scope of the processing cannot be implemented and the objectives expressed cannot be pursued.

Subjects to whom Personal Data may be disclosed

Personal Data, for the purposes of carrying out the aforementioned purposes, may be communicated to third parties who will perform autonomous treatment in complete autonomy (hereinafter, the “Autonomous Owners”).

The Autonomous Owners will operate in the context of:

– web management

As part of the Transaction, the Holder and the Independent Holders may communicate the Personal Data to natural persons such as employees and consultants (hereafter, the “Assignees”) of the Owner.

The list of the names of the Autonomous Data Controllers, the Data Processor or Data Processors is deposited at the Data Controller’s registered office and made available to the Interested parties for consultation through a written request to be sent to the Data Controller.

Rights of the interested party

The GDPR confers to the Interested right of access (Article 15) quick and simple, right of rectification (Article 16), right to cancellation (so-called oblivion, Article 17), right to limitation (Article 18) and right to objection (Article 21) for legitimate reasons, right of complaint to be submitted to the National Control Authority (or Guarantor) and right to portability (Article 20).

The treatments listed above are not based on automated decision-making processes (Article 22 of the GDPR).

For the exercise, to the extent legitimacy provided by the GDPR, of the aforementioned rights, the Data Subject may contact the Data Controller by written request to the Data Controller’s registered office.


Terms and conditions
If you access this web site and use any information contained herein, you will agree with the following general terms and conditions of use. Gma reserves the right to change the terms and conditions at any time.

Copyright and applicable regulations
This website is the property of Gma, which has obtained the relating domain, in compliance with the current regulations at the time of registration. All the contents belong to Gma and are protected by the Italian privacy regulations (legislative decree no.196/2003), the Italian copyright law (law no.633/1941 and its amendments according to legislative decree no.518/1992, intellectual property rights in software) and by other national and international regulations on the intellectual and industrial property. Customers are not granted the license to partially or totally record the contents of Gma’s web site, and are not allowed to backup, reproduce, copy, publish or use them for commercial purposes, without Gma prior written permission. Gma may authorise its customers to print copies for personal use only.

Published contents and data
Customers are not allowed to use any content or data of this website for commercial purposes. Any information and content can be used for personal purposes only (knowledge, research, study.)
This website may contain links to other websites. Gma shall not be responsible for the contents accessible via these links. Gma is committed to providing its customers with updated and accurate data on this website. Nevertheless, Gma is not liable for any possible inaccurate information or typing error concerning the data and documents on the website. Therefore, their use falls exclusively under the users’ responsibility.

GMA s.r.l.