Personal data processing information statement pursuant to articles 13-14 of EU Regulation 2016/679
UPDATED ON 16/06/2025
This information is written and personalized for visitors of Refin websites:
- www.refin.it
- www.refin-ceramic-tiles.com
- www.refin-gres-cerame.com
- www.refin-fliesen.de
- www.refin-gres-porcelanico.com
- www.refin-tegels.nl
- www.refin-plitki.ru
- www.refin.cn
(hereinafter referred to as “websites”)
This document cancels and fully supersedes the previously published document on privacy and cookies.
WEBSITE PRIVACY POLICY PURSUANT TO ARTICLE 13 OF EUROPEAN REGULATION 2016/679 (GDPR)
Specific summary privacy notices are included or displayed on the pages of the website that offer services on demand involving data collection forms. We also inform you that, in order to provide a complete service, our website may contain links to other websites that are not managed by Ceramiche Refin SpA (hereinafter also «Refin» or Controller). Ceramiche Refin SpA is not responsible for errors, content, cookies, publication of unlawful moral content, advertising, banners or files that do not comply with the regulations in force and for compliance with the Privacy regulations by websites not managed by the Controller. In its capacity as Controller of your personal data in accordance with Articles 13 and 14 of European Regulation 2016/679, Ceramiche Refin SpA hereby informs you that the aforementioned law provides for the protection of data subjects with respect to the processing of personal data and that such processing will be based on the principles of propriety, lawfulness and transparency and the protection of your privacy and your rights. The information and personal data you provide or that is otherwise acquire when using the website will be processed in accordance with the legal provisions of the aforementioned law and the confidentiality obligations therein.
DATA SUBJECTS AND RETENTION TIME
A) Website users (visitors)
While browsing the website, the computer systems and software procedures used to operate the Website acquire certain personal data whose transmission is implicit in the use of Internet communication protocols, such as by way of example the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) notation addresses of the resources requested, the time of the request, the size of the file received and other parameters relating to the user’s operating system,
For more details see the cookie policy available on the website.
B) Users of the Contact Us section, advertisements on social media and landing pages
When filling in the forms on the Contact Us page, in advertisements or on landing pages your personal data (name, surname, email, occupation, address) will be used to respond to your request for information. The purpose of the provision of data is the fulfilment of your request. The legal basis for the processing is Article 6.1.b) of the GDPR. Your data will be stored for as long as is necessary for the provision of the service you have requested.
C) Newsletters
If you consent by ticking the relevant box, your data (name, surname, email address, profession, address) will be used to fulfil your request to send you the newsletter and your subscription to the mailing list for the purposes of direct marketing, newsletters, sending of promotional, commercial and advertising materials or concerning events and initiatives of or organised by Refin, in full compliance with the principles of lawfulness and propriety and the provisions of the law.
Providing your personal data is optional. However, your refusal to do so will make it impossible for the Controller to fulfil your request to subscribe to the newsletter and to inform you about Refin’s news. The legal basis for the processing is Article 6.1.a) of the GDPR. You may object to the processing at any time by using the link at the bottom of the email or by sending a request to the Controller at the addresses specified in this notice.
Your data will be stored until you decide to unsubscribe from the service.
METHODS OF PROCESSING PERSONAL DATA
Your personal data will be processed manually, electronically and/or online in accordance with Articles 6 and 32 of the GDPR and through the adoption of appropriate security measures.
In order to monitor and possibly improve the effectiveness of its communications, the Controller uses systems for sending newsletters and promotional communications with reports. Using these reports, the Controller will be able to see, for example: the number of readers, messages opened, unique “clickers” and clicks used to read the communication; the detail of emails sent by date/time/minute; the detail of delivered and undelivered emails, of forwarded emails; the list of unsubscribers to the newsletter; who opened an email or clicked on a single link; users with problems viewing the message; link tracking (i.e. the number of clicks made on links in the message).
All this data is used for the purpose of monitoring and possibly improving the results of communications.
RECIPIENTS OF THE PERSONAL DATA AND THEIR DISSEMINATION
Your data will be processed by personnel who have been specifically appointed for this purpose and may be processed by third parties belonging, for example, to the following categories:
- External parties providing cloud services
- Providers of technical assistance services
- Group companies that provide services for the management of the computer system, including server hosting and backup services
In some cases the entities belonging to the above categories operate as data processors specifically appointed by the Controller in compliance with Article 28 of the GDPR, and in others completely autonomously as separate data controllers, it being understood that in this latter case the disclosure of your personal data to such autonomous data controllers is made solely to pursue the purposes specified in this notice
The full list of such recipients can be obtained by writing to the Controller at the addresses provided.
Your data will not be disseminated.
TRANSFER OF PERSONAL DATA:
For the pursuit of the above purposes, the Controller may transfer your data outside the EU based on adequacy decisions or other appropriate safeguards envisaged by the GDPR. Details on the data transferred or the place where it is transferred outside the EU are available by writing to privacy@refin.it.
DATA CONTROLLER
Controller: the Controller pursuant to the Law is the undersigned Company (Ceramiche Refin Spa, with registered office in Via Primo Maggio 22, Salvaterra 42013 Casalgrande (RE) tel. +39 0522 990499 email privacy@refin.it) in the person of its legal representative pro tempore.
You have the right to obtain from the Data Controller the erasure (right to be forgotten), restriction, updating, correction, portability, opposition to the processing of your personal data and in general can exercise all the rights envisaged in articles 15, 16, 17, 18, 19, 20, 21, 22 of the 2016/679 European Regulations by writing to privacy@refin.it You also have the right to lodge a complaint with the supervisory authority.
Regulation EU 2016/679: Articles 15-22 – Rights of the data subject
- The data subject has the right to obtain confirmation of the existence or otherwise of their personal data, even if not yet recorded, and its communication in an intelligible form, as well as the possibility to lodge a complaint with the Supervisory Authority.
- The data subject has the right to be informed of:
- The origin of the personal information.
- The purposes and methods of processing.
- The logic applied to the processing if done with the help of electronic means.
- The identification of the controller, the data processors and the designated representative pursuant to article 5, paragraph 2.
- The parties or categories of parties to whom the personal data may be disclosed or that may become aware of it in their capacity as designated representatives in the country, processors or appointees.
- The data subject has the right to obtain:
- The updating, correction or, where interested, the completion of the data.
- The erasure, anonymisation or blocking of data that has been processed unlawfully, including data whose retention is unnecessary for the purposes for which it has been collected or subsequently processed.
- The declaration that the operations referred to in letters a) and b) have been brought to the attention of those to whom the information has been disclosed or disseminated, also with regard to its content, except in the case in which this fulfilment proves impossible or involves a use of means manifestly disproportionate to the protected right.
- The portability of the data
- The data subject has the right to object, in whole or in part:
- To the processing of their personal information for legitimate reasons, even if pertinent to the purpose of the collection.
- To the processing of personal information for the purpose of sending advertising or direct sales materials or for carrying out market research or commercial communications.