Pursuant to art. 13 of the European Regulation 2016/679 (the "Privacy Regulation"), Fonderia Torri Srl intends to inform all users and/or visitors of the website www.torrifonderie.com(respectively the "Users" and the "Website") about the use of personal data, log files and cookies collected through the website.

Data Controller and Data Protection Officer :

The personal data processing controller is Fonderia Torri Srl (tax code 00853190171 and VAT no. 00582760989), with registered office in Via Fontanini, 21 – Quinzano d'Oglio (BS), e-mail torrifonderie@torrifonderie.com

Information collected by the website:

a) automatically

  • Navigation data:

fThe computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols.

These data, necessary for the use of web services, are also processed for the purpose of:

  • obtaining statistical information on the use of services

  • checking the correct operation of the services offered.

Navigation data do not persist for more than 24 Months (except in case of need of investigation of crimes by the Judicial Authority).

b) communicated by the user

  • Data communicated by the user:

The optional, explicit and voluntary sending of data through the various forms on the website that involve the acquisition of the sender's contact details, necessary to fulfil requests for contact, services, possible assignment of credentials for reserved areas.

c) via cookies

The website uses cookies explained in the extended "privacy cookies" policy.

Type of personal data, purpose, legal basis and storage time

The personal information requested and provided is used to allow access to the website and use the following services:

Type of service: contact area for products/services

Type of personal data collected: personal details, contact details (e.g. e-mail, telephone numbers, etc.).

Purpose: to acquire through the compilation of a specific form the contact persons for the website's users to satisfy requests for informative/commercial contact (Contact Area) .

Legal basis: consent/execution of the contract ------- in case of request for authorisation to send promotional or marketing material, tick of acceptance and consent.

Storage time: 24 months after acquisition or renewal of contact

Type of service: work with us;

Type of personal data collected: personal details, contact details (e.g. e-mail, telephone numbers, etc.), professional/work details, possible membership of protected categories.

Purpose: Possible establishment of a working collaboration (WORK WITH US);

Legal basis: potential performance of a contract

Storage time: 12 months to 24 months

Type of service: newsletter service;

Type of personal data collected: personal details, contact details, e-mail.

Purpose: to contact subscribers by sending a periodic newsletter on activities related to the company; (NEWSLETTER)

Legal basis: consent

Storage time: 24 months or until consent is revoked

The processing of data for the above purposes will be carried out in compliance with the Privacy Regulation and all specific sector regulations.

The data provided will be processed mainly with computerised instruments under the authority of the Data Controller, by subjects specifically appointed, authorised and instructed to process the data in accordance with Articles 28 and 29 of the Privacy Regulation. Please note that appropriate security measures are also observed in accordance with Articles 5 and 32 of the Privacy Regulation to prevent the loss, unlawful or incorrect use of data and unauthorised access to them.

Compulsory or optional nature of the consent for the provision of data

If you intend to use the individual services provided by the website, the provision of personal data is mandatory.

The provision of data is optional but in case of failure to provide it, it will not be possible to use some of the services provided by our website.

Where can we transmit data :

The data may be communicated, within the EU, in full compliance with the provisions of the Privacy Regulation, to the following subjects:

(1) financial administration and/or other public authorities, where required by law or upon their request;

(2) the structures, subjects and external companies the Controller relies on for the performance of activities connected, instrumental or consequent to the execution of the Website Services.

The information automatically collected by the Website may also be transferred to cloud servers of Third Parties also located outside the EU, if such processing is necessary to perform the services of the website. The legal basis for this processing is, therefore, art. 49, paragraph 1, letter b of the Privacy Regulation.

Security measures

The data are processed through the website in compliance with the applicable law and using appropriate security measures in accordance with the regulations in force also pursuant to Articles 5 and 32 of the Privacy Regulation.

In this regard, we confirm, among other things, the adoption of appropriate security measures to prevent unauthorised access, theft, disclosure, modification or destruction of processed data.


Please note that at any time you can exercise your rights under Articles 15 and ff. up to 21 of the Privacy Regulation, by sending a written communication to the contact details of the Controller, in order to obtain:

  • confirmation of the existence or non-existence of personal data with an indication of its origin, check its accuracy or request its updating, rectification, integration;

  • access, deletion of data or restriction of processing;

  • transformation into anonymous form or blocking of data processed in violation of the law.

You may also object to the processing of personal data previously provided.

With reference to the Newsletter, please note that any request for deletion can be made explicit through the use of a link/button.

Changes to the Privacy Policy

The Controller reserves the right to make changes to this Privacy Policy, replacing the previous versions. This privacy policy was issued in July/2020.


pursuant to Article 13 of EU Regulation 2016/679


Fonderia Torri Srl, as Data Controller, in accordance with art. 13 of EU Regulation 2016/679 (hereinafter the "Privacy Regulation") and subsequent amendments and additions, collects and subsequently processes personal data relating to its Customers and Suppliers (hereinafter the "Data subject").

1.Types of data processed

The personal data subject to processing are:

Common personal data. Such information includes, but is not limited to, personal data and contact details (e-mail address and telephone number).

Special data:

  • Personal Data, so called sensitive data: his refers to particular categories of Personal Data such as data concerning health, racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership that may be provided through the use of the Services/execution of the contract.

  • Judicial data, i.e. data relating to criminal convictions and/or offences.

2. Purposes and methods of the processing.

The personal data of the data subject are processed as part of the usual activity of the Controller, for the pursuit of the following purposes:

  1. correct and complete compliance with the obligations of the established contractual relationship (hereinafter, the "Contract");

  2. administrative and accounting obligations strictly related to the Contract;

  3. fulfilment of specific obligations laid down by law, regulation or Community legislation;

  4. promotional activity concerning products and services similar to those already purchased

  5. marketing: promotional, commercial and advertising activities including the sending of newsletters

The personal data are processed, under the authority of the Controller, by persons specifically appointed, authorised and instructed to the processing pursuant to art. 29 of the Privacy Regulation, by means of manual, computerised or telematic means, with logics strictly related to the purposes and in any case so as to ensure the confidentiality and security of personal data. The personal data may also be processed on behalf of the Data Controller by the Data Processors specifically designated in accordance with art. 28 of the Privacy Regulation.

3. Legal basis of the processing and nature of the data provision.

With reference to the purposes referred to in paragraph 2, points 1, 2, 3 above, the provision of personal data is mandatory and constitutes a necessary requirement for the execution of the Contract and the related fiscal and administrative fulfilments. Failure to provide the data will make it impossible to receive the service covered by the Contract. The legal basis for the data processing is the correct execution and management of the Contract.

When the Provision of Services or the performance of a contract involves Personal Data, so called Sensitive or judicial data, the processing is based on consent.

With reference to point 4) -activities towards acquired clients- the legal basis is the legitimate interest of the controller. The customer may stop receiving these e-mail communications at any time.

With reference to point 5) -marketing activities- the legal basis is consent. Failure to give your consent will not allow to proceed with the marketing activities.

4. Subjects or categories of subjects to whom personal data may be communicated and scope of communication.

In relation to the purposes of the processing indicated above and within the limits strictly related to the same, the personal data of the data subject will or may be communicated to the following categories of subjects:

  1. financial administration and other public authorities, where required by law or upon their request;

  2. credit institutions for payment instructions or other financial activities required to perform the Contract;

  3. external subjects exercising control activities, such as auditing firms, board of statutory auditors, supervisory body;

  4. companies and organisations for credit management and/or for the protection of interests and rights;

  5. subjects designated as external data processors pursuant to art. 28 of the Privacy Regulation, for activities connected with, required for or consequent to the execution of the Contract.

The updated list of subjects appointed as external processors may be provided by the Data Controller upon request by the Data Subject.

5. Extra-EU data transfer

Personal data will not be transferred to countries outside the EU; if for reasons related to the execution of the contract or to the fulfilment of legal obligations, a transfer to countries and/or organisations outside the EU is necessary, such transfer will take place in compliance with the applicable legislation. Transfers will be carried out with appropriate guarantees, such as adequacy decisions, standard contractual clauses approved by the European Commission or other legal instruments.

6. Data storage period or criteria for determining such period

The personal data of the data subject shall be stored by the data controller for the time necessary to fulfil the purposes set out in paragraph 2 (points 1 to 3), as well as for the time required by statutory, fiscal and regulatory provisions and in any case no later than 10 years after the termination of the contractual relationship.

With regard to promotional purposes towards customers already acquired (paragraph 2, point 4) the data of the data subject will be processed until the exercise of the right to object (which can be claimed at the beginning, when sending individual communications and/or through direct contact with the controller) and in any case no later than 24 months after collection.

For the marketing purposes explained in paragraph 2) point 5, the storage period is 24 months from the acquisition of consent.

Once the terms of storage have expired, the data will be rendered anonymous or deleted, unless it is necessary to store it for other purposes expressly provided for by law.

7. Rights of the data subject

Articles 15 to 21 and ff. of the Privacy Regulation give the data subject the right to:

  • access to Personal Data (or a copy of such Personal Data) as well as further information on the processing in progress;

  • rectification or updating of personal data processed by the Controller, if they are incomplete or not updated;

  • deletion of personal data from the Data Controller's databases in the cases provided for by current legislation;

  • limitation of personal data processing by the Controller;

  • obtaining a structured, commonly used, machine-readable format for his/her personal data;

  • object to the processing of personal data by the Controller (e.g. promotional activities).

The data subject may exercise his/her rights by writing to Fonderia Torri Srl to the following e-mail address: torrifonderie@torrifonderie.com

In any case, the data subject has always the right to lodge a complaint with the competent Supervisory Authority (Personal Data Protection Supervisor).

8. Changes to the privacy policy

The controller reserves the right to modify, update, add or remove parts of this privacy policy, giving notice to those concerned.

Privacy policy updated in July/2020