Privacy Policy

We inform you that, in relations with its users, customers and suppliers, Moretti Spa collects their data, which is acquired verbally, directly or through third parties, and which is categorised as “personal data” by Italian Legislative Decree no. 196/2003 (the so-called “Personal Data Protection Code”), by Regulation (EU) no. 679/2016 (the GDPR) and by Italian Legislative Decree no. 101/2018 (Provisions for adaptation of national regulations to the provisions of Regulation (EU) no. 2016/679). According to said regulations, in the first place, anyone who processes personal data must inform the data subject of which data is being processed and on several elements qualifying the processing, which must be based, in all cases, on the principles of lawfulness and transparency, protecting your confidentiality and your rights. Therefore, in accordance with the requirements of Art. 13 of the GDPR, we are providing the following information:

Nature of the data processed – We process personal and fiscal data, and also the financial data necessary for relations with those who have registered with our company. We do not generally process data that is classifiable as sensitive or legal in nature pursuant to Art. 4 of the GDPR; were it to become necessary to process this type of data, we will request the consent of the data subject beforehand.

Purposes of processing – The data of our users, customers and suppliers is processed to provide the services they have requested, to achieve the associative purposes of our articles of association and in relation to contractual needs and to the consequent fulfilment of legal and fiscal obligations, as well as to allow efficient management of financial, business and administrative relations. The data will be processed throughout the entire duration of the relationship and also subsequently, for fulfilment of legal obligations and for administrative and business purposes.

Processing methods – The data is processed using instruments and procedures that guarantee its security and confidentiality and may be performed on both paper and using electronic means.

Browsing data – Log files: the IT systems and applications dedicated to functioning of the website acquire certain personal data during their normal operation (the transmission of which is implicit in use of Internet communication protocols), but this is not associated with directly identifiable users. The data collected includes IP addresses and domain names of the computers used by users visiting the website, URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the digital code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. This data is processed for the time strictly necessary and for the sole purpose of obtaining anonymous statistical information on use of the website and to check that it is functioning properly.

Data provided voluntarily by the user – Voluntary and explicit sending of e-mails to the addresses indicated in the different access channels of the website and compilation of the specifically prepared “formats” (masks) leads to subsequent acquisition of the sender’s/user’s address and data, which is needed to respond to the queries made and/or to supply the service requested. Specific summary information will be progressively reported or displayed on the pages of the website prepared for particular services on request.

Obligation or option of providing the data and consequences of refusal – As far as concerns the data we are required to know, in order to fulfil obligations laid down by laws, regulations or EU regulations and also orders of the legally competent authorities or supervisory and regulatory authorities, failure to provide it will make it impossible to start or continue the relationship, to the extent that such data is necessary for its performance. As far as concerns the data that we are not required to know, failure to obtain it will be assessed by us each time and the decisions consequently reached will depend on the importance to us of the data requested from you but not provided.

Communication and disclosure – The data we collect from our users, customers and suppliers is not “disclosed” by us, meaning that it is not communicated to unidentified parties in any way, including by providing it to them or allowing it to be consulted. The personal data of the data subject may be “communicated” by us, meaning that it is provided to one or more identified parties, in the following terms:
• to people appointed within our own organisation to process the data, and particularly to the administration office staff,
• to people who have access to the data by virtue of laws or EU regulations, within the limits laid down by law;
• to people who need access to the data for purposes that are accessory to the existing relationship, within the limits strictly necessary to perform the accessory duties assigned to them (such as banks and forwarders);
• to our consultants, within the limits necessary to perform their assignment on our premises, after receiving a letter of assignment from us that imposes the obligation of confidentiality and security in processing of the data;
• to other external parties, as organisers and partners in institutional activities relating to courses, meetings, conferences and any other event in which the data subject participates through Moretti Spa

Rights of the data subject – The data subject may exercise the following rights, at any time:
• access to the personal data;
• obtain rectification or erasure of the data or restriction of its processing;
• object to processing;
• data portability;
• withdraw consent, where envisaged, without affecting the lawfulness of processing based on consent before its withdrawal;
• lodge a complaint with the supervisory authority (Italian Data Protection Authority).

You can exercise your rights by sending an e-mail to

The Controller is Moretti S.p.A , via Bruxelles 3 – Meleto, Cavriglia – 52022 Arezzo. The Processor to contact to exercise the rights of Art. 12 and/or request any clarifications on protection of personal data can be reached by writing to