Privacy Policy


The following privacy policy describes the management of the personal data collected from users who browse this web site.

This policy is drafted in compliance with art. 13 of  European Council and European Parliament EU Regulation 2016/679 (hereinafter, the “Regulation”)  of 27 April 2016 (general data protection regulation, published in the Official Journal of the European Union,  in force since 24 May 2016), and of Recommendation n. 2/2001 adopted by the European data protection authorities gathered together in the Group crated by art. 29 of directive n. 95/46/EC on 17 May 2001 to identify certain minimum requirements for the collection of personal data online, and, in particular, the methods, times and nature of the information that data controllers must provide users when they connect to web pages, and also in light of the provision of the Data Protection Authority of 8 May 2014 containing the “Identification of simplified methods for the disclosure and the acquisition of consent for the use of cookies” (hereinafter, the “Provision”) and in compliance with current legislation on privacy.

This information is provided only for this Internet site of which Indal Srl is the Data Controller and not for any other related web sites linked to within this site.


The data controller for data collected through the web site is Indal Srl with registered office in Via Felice Cavallotti 282 – 25018 Montichiari (BS) – ITALY.

The complete list of designated Data Processors is available upon request at the data controller’s main offices.


The user’s personal data shall be collected, stored, processed and transmitted in compliance with the criteria established by Indal Srl and with all data protection laws and regulations from time to time in force.

The principles governing the processing of personal information are:

(1) The user’s personal data shall be processed lawfully and fairly;

(2) The user’s personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;

(3) The user’s personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for  which they are collected;

(4) The user’s personal data shall be accurate and, where necessary, kept up to date to the best of our skill;

(5) The user’s personal data shall be protected against unauthorised or unlawful processing, using appropriate technical or organisational measures;

(6)  The user’s personal data collected shall be  kept for  no  longer  than  is  necessary  for  the  purposes  for which the personal data were collected.


The web site may collect several categories of information when the user accesses or used the Web Site:

“Personal data” means any  information that directly identifies the user or is considered as a “personal identifier” pursuant to the legislation from time to time in force. Personal Data collected by this web site, directly or through third parties, include: Cookies, Usage data, Name, Surname, Email.

The discretionary, explicit and voluntary sending of e-mail messages to the addresses mentioned in this site  entails the acquisition of the sender’s address, which is necessary in order to satisfy any requests for services and/or information.

Except with specific request or invite in special forms or site areas, we ask users not to send us, nor disseminate,  sensitive personal information through the Web Site or in any other way. Should we ask or encourage the user to provide sensitive personal information, we would require the user’s explicit consent thereto.


We collect, store and process your personal data for the purpose of providing you with the services offered through our website, or for the fulfilment of legal obligations.

The personal data collected will be used exclusively for the following purposes:

  • For the effective management of the Site and the services offered through it;
  • To contact users directly (for example, by e-mail) as a result of requests received through the website;
  • For the collection of applications.

In addition, computer systems and software procedures used to operate this website may automatically record, during their normal operation, some personal data whose transmission is implicit in the communication protocols of the Internet.

Similar information, such as device type and identifier, may be collected if you access the Website using a mobile device.

This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.

Such data include IP addresses or user computer and terminal domain names.

Such data are used exclusively to obtain anonymous and aggregated information on site use and to check the correct operation of the site, and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical and possible computer crimes against the site.

The possible use of Cookies – or other tracking tools – by this website or by the third party services providers used by this website, unless otherwise specified, has the purpose of identifying the User and recording their preferences for purposes strictly connected to the provision of the service requested by the User.

Failure by the User to provide certain Personal Data may prevent this website from providing its services.

The User assumes responsibility for any form of improper processing of Third Party Personal Data contained in this website, releasing the Data Controller from any liability towards Third Parties.


Apart from what specifically detailed for navigation data, you are free to decide whether to provide any personal data requested in the various forms for information requests.


Processing methods

The Data Controller shall process the Users’ Personal Data adopting appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of the Personal Data.

The use of your personal data will take place with the support of paper, computer or telematic means for the purposes indicated below, for the time strictly necessary to achieve the purposes for which they were collected, or, where possible, until the time when the data controller should receive a request from you to delete the data whose consent to the processing is optional and not required.

The collected data will be handled only by authorized personnel. All employees who access your data are Persons in charge of processing, according to the provisions of the current legislation. In addition to the Data Controller, in some cases, special categories of persons involved in the management of the site (administrative, commercial, marketing and legal staff, system administrators) or external parties (such as third-party technical service providers, couriers, hosting providers, computer companies, communication agencies) may have access to the Data and be also appointed, if necessary, as Data Processors by the Data Controller.

The collected data may be updated periodically with information acquired in the course of dealings with the site.

We use commercially reasonable technical and organizational measures and controls to protect your Personal data from loss, misuse, and unauthorized access.  Unfortunately, data that are transmitted or usable over the Internet cannot be 100% secure. Accordingly, while we protect all Personal Data, we cannot guarantee or warrant that such Personal Data will be fully protected from unlawful use by hackers or from other harmful criminal activities or in the event of hardware or software failure of your computer or telecommunications network. The data controller will inform you if he becomes aware of a breach of security with regard to identifying personal data (as defined and provided for in so-called “Data Breach” episodes, in accordance with the applicable law) in our possession.

If you choose to provide us with your email address for any reason, you expressly agree to receive electronic notices in the event of a breach of security.


Your personal data will be stored in secure databases on our servers, or on the servers of our trusted providers acting as data processors, and will be processed mainly by automated means.

Your personal data are, in any case, processed in compliance with the data privacy provisions contained in the Code, in the Regulation and in the Provisions issued by the Data Protection Authority.


The Data are processed for the time necessary for the performance of the service requested by the User, or for the purposes of this document, and the User may at any time request the interruption of the Processing or the erasure of the Data pursuant to Articles 17 and 18 of the Regulation.


Without prejudice for any notice given in compliance with a legal obligation, regulation or EU legislation, your data may be disclosed:

  1. a) to natural and/or legal persons that we use in the execution of our services and for related activities;
  2. b) subjects delegated by us and/or appointed by us to carry out professional and technical maintenance activities (including maintenance of network equipment and electronic communication networks of websites where the data are published).

In any case, the mentioned subjects will receive only the data that are necessary and relevant to the processing purposes they are responsible for as Processors/third-parties in charge of processing, appointed by the Data Controller as required by the current legislation.

Personal data will therefore not be disseminated.

The Data Controller collaborates with law enforcement agencies and other public bodies and public authorities to ensure that its users respect the law and the rights of other users and third parties, including their intellectual property rights. Therefore, your personal data may be communicated, without limitation, to public entities, in the event that this is necessary for purposes of defence, state security, prevention, detection or repression of crimes, in compliance with the rules governing this matter.

Such public entities shall have the right to request and obtain your personal data even if it is necessary or appropriate for investigations or controls relating to the commission of fraud, computer fraud, infringement of intellectual property rights, acts of computer piracy or other illegal activities, which could expose us or our users to legal, civil or criminal liability.


In compliance with the regulations from time to time in force, the data subject can request, at any time:

  1. Confirmation as to whether or not personal data concerning him or her are being processed;
  2. To know the content and origin, the purposes and methods of treatment;
  3. The logic involved in processing activities performed with the aid of electronic instruments;
  4. The identification details of the data controller, data processors and subjects or categories of subjects to whom his or her personal data may be communicated.

In addition, the data subject is entitled to obtain:

  1. The updating, rectification, integration, portability of existing data;
  2. The erasure, anonymisation or interruption of data processing performed in violation of the law;
  3. To object, in any case, for legitimate reasons, to the processing of data relevant to the purpose of collection.
  4. To object to the processing of data for commercial purposes.

In accordance with the Regulation, the data subjects also have the right to lodge a complaint with a supervisory authority.

To exercise their rights, data subjects may contact the Data Controller: Indal Srl with registered office in Via Felice Cavallotti 282 – 25018 Montichiari (BS) – ITALY – Mail: – T. +39 030 9650345 – F. +39 030 9658709

Should the user contact us asking to access or erase their Personal Data from our systems and records, we will, in accordance with this Privacy Policy and legal obligations, to the extent possible, respond to your request within the time frame provided.

However, please be advised that, due to technical constraints and the backup of your systems, your Personal data may continue to reside in our systems or part thereof for a certain period of time, even after erasure.

The data controller reserves the right to refuse requests for access or erasure of Personal Data if the requested disclosure or erasure is not permitted by law.

To protect against unlawful access requests, we reserve the right to request sufficient information to verify the identity of the requesting party before granting access or making corrections.