Privacy Policy

Dear visitor, this page intends to provide you with all the information required by art. 13 of Regulation (EU) 2016/679 (also called GDPR or General Regulation for the Protection of Personal Data), regarding the processing of personal data of visitors to this website.

The information is provided only for those who interact with the web services of the GIMO Group, accessible electronically starting from the address (home page of the official website of the group's institutional website) and not for other sites, pages or online services accessible via hypertext links published on this website.

1. Data Controller

The data controller is the GIMO GROUP, based in Perignano, via Livornese Est 96 / A - tel. O587 736062.

Responsible for the IT security of data and related processing is GIMO GROUP.

2. DPO - Data Protection Officer

    RPD - Responsible for the protection of personal data

GIMO GROUP, as Data Controller, has appointed its DPO, Data Protection Officer (in the Italian translation RPD, Responsible for the protection of personal data), pursuant to art. 37 and ss. of the GDPR and in order to better protect the interested parties.

The contacts of the DPO (RPD - responsible for the protection of personal data) are as follows:



Phone: 3492561205

3. Purpose and legal basis of the processing

Following consultation of this site, data relating to identified or identifiable persons may be processed The personal data processed while browsing the site are intended for the following purposes:

1) the correct technical functioning of the site, in fulfillment of the tasks of public interest assigned to the Data Controller by current legislation;

2) to the management of requests for information received from visitors by filling in the electronic forms on the pages of the site, or through the email addresses of the offices and / or staff, in fulfillment of the tasks of public interest assigned to the Data Controller by current legislation;

3) exclusively with your express consent (and on the basis of it), upon activation of the newsletter service, having an informative and promotional nature of services, activities, events and other initiatives carried out by the GIMO GROUP

The legal basis for the acquisition and subsequent processing of data is the performance of institutional functions (task of public interest, Article 6, paragraph 1, letter e of the GDPR) and therefore does not require consent.

4. Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes IP addresses or domain names of the computers and terminals used by users, the URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request, the method used in submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment.

The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.

5. Authorized, data processors and recipients of personal data

Personal data are processed by employees of the GIMO GROUP previously authorized for processing and specially trained and trained.

Both the navigation data and those provided voluntarily by the user using the contact forms on the site, or by writing email messages to the published addresses, can be communicated to external parties formally appointed by the GIMO GROUP as Data Processors and belonging to the following categories:

companies that provide maintenance services for the Site and IT systems;

companies that provide electronic communications services and, in particular, e-mail;

companies that perform management and maintenance services of the Data Controller's databases.

GRUPPO GIMO guarantees that the processing of the personal data of those who access the site (provided by e-mail or electronic forms, also during registration) complies with the provisions of EU Regulation no. 679/2016.

6. Nature of the provision of data and consequences of any failure to provide it

For the purpose referred to in point 3, number 1, the provision of data is necessary and not optional.

For the purpose referred to in point 3, number 2, the provision of data is necessary with reference to the fields of the forms marked with an asterisk (*). Failure to provide the necessary data will make it impossible to forward the visitor's request or to follow up on it. Failure to provide optional data could result in a less precise and detailed response, or greater difficulty in being able to contact the interested party again for more details on the request.

For the purposes referred to in point 3, number 3, the provision of data is necessary for registration (in itself entirely optional and in any case revocable at any time) to the newsletter. It follows that failure to provide the data requested at the time of registration - or consent to their treatment - prevents the registration itself.

7. Transfer of data to non-EU countries

With reference to the processing carried out for the purposes referred to in point 3, number 2), the GIMO GROUP may use, also through its Data Processors, electronic communication services companies and, in particular, e-mail, that could make the messages and personal information of users transit even in countries outside the European Union, or that in these countries could save backup copies of data, in order to limit the risks associated with any data loss.

These service companies are selected for their reliability, security and compliance with national and European legislation on the processing of personal data.

The transfer abroad thus carried out is in line with this legislation, since it is implemented only towards countries (or sectors thereof) that have been the subject of an adequacy decision and which, therefore, guarantee an adequate level of protection of personal data, or based on standard contractual clauses validated by a European supervisory authority and compliant with the models proposed by the Commission with Decision 2010/87 / EU.

With specific reference to the United States of America, any transfer of data to that country is carried out exclusively to companies certified under the Privacy Shield, an agreement that requires US companies stringent obligations to protect the personal data of European citizens and subject to the control of the US authorities.

8. Your rights

The Regulation (EU) 2016/679 recognizes you, as an interested party, various rights, which you can exercise by contacting the Data Controller or the DPO.

Among the exercisable rights, provided that the conditions provided for by the legislation are met from time to time (in particular, articles 15 and following of the Regulation) the interested party may at any time:

-revoke the consent given (without prejudice to the lawfulness of the processing prior to the revocation)

-request the data controller to access personal data, to rectify, integrate or delete them or limit their processing

The right to object is exercised through the request for cancellation or the withdrawal of consent.

The aforementioned rights can be exercised by referring to the following contacts.

The data controller and related contact details:

The Data Controller is GIMO GROUP, with registered office in Perignano (Pi) Italy, Via Livornese Est 96 / A.

Phone: 0587736062

email: PEC:

The person responsible for the protection of personal data and related contact details:

GIMO GROUP, as Data Controller, has appointed its Personal Data Protection Officer (hereinafter also DPO / Data Protection Officer) pursuant to art. 37 and ss. of the GDPR.

The contacts of the DPO (RPD - responsible for the protection of personal data) are as follows:



Phone: 3492561205

Right to complain to the supervisory authority

The interested party has the right to lodge a complaint with the supervisory authority:

Guarantor for the protection of personal data: