Information on the processing of Personal Data

1. Introduction and regulatory references
This policy explains how personal data collected through this website is processed, including data acquired through cookies, tracking technologies and—where applicable—contact forms, restricted areas, digital services and financial transactions carried out electronically.
The policy is intended for anyone who accesses or uses this site, describing how the user's personal data is collected, used, and protected, as well as the rights recognized by law.
These provisions do not apply to other sites, pages, or online services accessible via external links that may be present on the site, for which you are invited to consult the relevant privacy policies.
This policy is provided in compliance with the main national and international regulations on the protection of personal data, including:

• Regulation (EU) 2016/679 (GDPR)
• Other regulations that may be applicable.

2. Who manages your data and how can you contact us?
Your personal data is processed by:
GEM Srl
Via Teofilo Casale, 5 – 10070 Robassomero TORINO, Italy
info@gemwelding.com

For any information regarding the processing of personal data or to exercise their rights under the law, data subjects may contact the Data Controller.

3. On what legal basis do we process your data?
The processing of personal data collected through this website (including data collected through cookies, similar technologies, contact forms, restricted areas, digital services, and transactions, where applicable) is based on one or more of the following legal grounds:

1. Performance of a service/pre-contractual requested by the user via the contact forms provided;
2. Compliance with legal obligations, regulations, or rules;

An additional legal basis, the legitimate interest of the Data Controller, may be used for specific purposes (e.g., ensuring IT security, preventing fraud, protecting the rights of the Data Controller in court).

Failure to accept or revocation of consent may reduce or limit certain features or personalized services.

4. What data do we collect when you visit the site?
When browsing this site, the following data may be collected, including through cookies and similar technologies such as pixel tags, web beacons, local storage, and equivalent technologies:

• Browsing and technical data: information such as IP address, device identifiers, operating system and browser data, URL requests, connection times, technical logs, technical preferences, usage data collected through cookies and tracking technologies (pixel tags, web beacons, local storage, and equivalent tools).

• Data communicated through social media integrations and third-party platforms: data transmitted through social media features (logins, plugins, sharing, etc.), processed in accordance with the rules of the relevant platforms as well as this policy.

5. How do we process your data, how do we protect it, and how long do we keep it?
Personal data collected through this website is mainly processed using electronic and digital tools in accordance with the principles of lawfulness, fairness, data minimization, integrity, and confidentiality.

Data is stored according to the following timeframes:

• Cookie preferences and consent: stored for 180 days, as per the Cookie Policy on this website.
• Browsing and technical data: stored only for the time necessary to ensure the security, integrity, and functionality of the site, and subsequently anonymized or aggregated.
• Data collected for contractual and transactional purposes: retained for the time required by applicable laws (e.g., tax or accounting regulations).
• Data processed for marketing purposes: stored until consent is revoked or deletion is requested.
• Data entered via forms or specific requests: stored for the time necessary to respond or fulfill the relevant purpose.

6. Who can receive your data?
The following parties may access the personal data collected through this website, within the limits of their respective competences and purposes:

• Internal parties authorized by the Data Controller, duly trained in privacy and security matters;
• Suppliers and third parties appointed as Data Processors (e.g., technical providers, IT companies, customer service companies, consultants, payment service providers, and logistics providers, where applicable);
• Business partners, third parties, and affiliates, exclusively for promotional/marketing purposes if you have given your specific consent or exercised your right to opt out where applicable;
• Entities that provide plugins, social networks, and services for interaction with external platforms, which may process personal data according to their own logic as independent data controllers (in this case, please also refer to the individual privacy policies of these third parties);
• Competent public authorities and supervisory bodies, within the limits imposed by law or to satisfy requests from judicial authorities;

The updated list of external recipients can be made available upon request by writing to the Data Controller's contact details.

7. Where can your data be transferred?
Personal data collected through this website may be processed and transferred — in accordance with the purposes indicated — to the following countries:

• to countries belonging to the European Economic Area (EEA), Switzerland, or other countries recognized by the competent authorities as providing an adequate level of protection as required by law;

Updated list of “trustworthy” countries:

• EU
• Switzerland

8. What are your rights with regard to the data collected?
Under applicable law, you have the right to:

• Obtain confirmation as to whether or not personal data concerning him or her are being processed and, where that is the case, obtain access to the personal data and the related information (right of access).
• Request the correction, updating, or deletion of inaccurate or no longer necessary data (right of correction and deletion).
• Request the restriction of or object to the processing of data, including for promotional/profiling purposes, where applicable.
• Request data portability in a structured and interoperable format (where technically possible).
• Withdraw consent given for the use of non-technical cookies and for the processing of data collected through tracking tools.
• Report any irregularities or abuses to the competent supervisory authorities.

To exercise these rights, simply send a request to the Data Controller's contact details, who will respond within the time frame specified by applicable local regulations.

9. How is data relating to minors processed?
The protection of minors is a fundamental priority.

The services and content of this site are not intended for persons under the age of 18.

We do not knowingly collect personal data from minors without the verifiable consent of a parent or guardian.

If a parent or guardian believes that a minor has provided personal data without authorization, they may request its removal, updating, or restriction of processing by writing to the addresses indicated in this policy.

10. How to report issues or file complaints with the authorities?
If you believe that the processing of your personal data through this website does not comply with current legislation, you can file a complaint free of charge with the competent supervisory authorities, including:

• The Data Protection Authority or Authority for the protection of personal data in your country of citizenship or residence;
• European Data Protection Supervisor

How will we notify you of changes to this policy?
This policy is subject to periodic review for regulatory compliance or changes to the services offered through the website. Any significant changes will be communicated via this page.