Privacy Data Treatment Policy

GDPR Information notice article 13 of the GDPR - EU Reg. 2016/679

Information notice on the processing of personal data
In compliance with the provisions of EU Reg. 2016/679 (the European for personal data protection regulation), this notice provides you with the mandatory information regarding the processing of your personal data. This notice is not to be considered valid for any other websites that may be accessible through links present on websites found on the domain of the data controller, who is not to be considered in any way responsible for the websites of third parties.
This notice is provided pursuant to art. 13 of EU Reg. 2016/679 (the European personal data protection regulation), and is also based on the provisions of Directive 2002/58/EC, as updated by Directive 2009/136/EC concerning Cookies, as well as the Provision concerning Cookies issued by the Italian Data Protection Authority on 08/05/2014.
The Data controller, pursuant to articles 4 and 24 of EU Reg. UE 2016/679, is DDX Srl, with registered offices at Via G. Donizetti 109/111, 24030 Brembate Sopra (BG) P.I. 02839360167 - PEC: – telephone +39 035620283

The Data Protection Officer is appointed internally to DDX S.r.l. and can be reached at the following email address:

The list of Data Processing Managers is constantly updated and available at the headquarters of DDX S.r.l.
The computer systems and the software procedures used to run this website, acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users who connect to the website and the time of the request, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters relating to the operating system and the user's IT environment.

The information generated by users who visit our site without being registered yet (or, despite being registered, who do not have an active session), are used to allow the user an optimal navigation of the website, for statistical analysis and for personalization. content including advertising (with prior consent to the use of reference cookies) and could be used by DDX Srl, at different times, to integrate the information provided by the user during registration.

We may collect personal data when a user contact us by phone. This data includes information that user provides to us by telephone, about himself/herself and the problem for which the user is contacting us. We will only use this personal data for the purpose of providing the relevant support services to the user.. The optional, explicit and voluntary sending of messages to the contact addresses on the site, as well as the compilation and forwarding of any forms present entail the acquisition of all personal data included in the communications.
We process personal data for these purposes as it is necessary for our legitimate interests in providing service to our customers.

The user can subscribe to our newsletter by providing us with their email address. By registering, the user authorizes DDX S.r.l. to send communications through manual and electronic tools regarding: events, opportunities, information on products and services, promotional offers, circulars and customer satisfaction surveys regarding our products and services. DDX S.r.l. will act as an independent owner for marketing purposes of its products.

Users who register on the site do so as authorized representatives or delegates of legal entities. DDX S.r.l. uses the data that the user enters during registration to provide the agreed services and for direct marketing and profiling initiatives. The user cannot register on the site as a physical person

Cookies are data created by a server that are stored in text files on the hard disk of the user's computer. They consent the functioning of this website, the use of a specific functionality explicitly requested by the user or to improve the functioning of this site, as the cookies that make navigation faster or that show the contents of greatest interest to the user according to previous choices. Technical cookies are used strictly limited to what is necessary for safe and efficient navigation. Furthermore, some types of third-party cookies (statistical) are possibly used

We may also process the personal data we collect in relation with this privacy policy for the following purposes, to the extent permitted by law:
  • To detect and protect us, our affiliates and other third parties against misuse of our Websites (such as spamming), negligence, fraud, theft and other illegal activities. We process personal data for these purposes where necessary to protect, exercise or defend our legal rights.
  • To conduct adequate anti-fraud audits, for the purposes of which personal data provided by users may be disclosed to a fraud prevention agency and kept in copies by them. We process personal data for these purposes where necessary to protect, exercise or defend our legal rights.
  • To meet any other investigation or verification requirements or any other disclosure legislation or law. We process personal data for these purposes as it is required by law.
  • To the extent permitted by applicable laws, rules and regulations and to meet any legal or regulatory requirements.
The data collected will be processed with the support of paper means (registration forms, order forms, etc.), IT (management software, accounting, etc.) and telematics with organization and processing logics strictly related to the purposes themselves and in any case in order to guarantee the security, integrity and confidentiality of the data in compliance with the organizational, physical and logical measures provided for by the provisions in force.
The personal data provided may be disclosed to recipients, appointed pursuant to art. 28 of EU Reg. 2016/679, which will process the data as managers and / or as natural persons acting under the authority of the Owner and Manager, in order to comply with contracts or related purposes.
Specifically, the data may be disclosed to recipients belonging to the following categories:
  • workers who work for the Owner;
  • subjects that provide services for the management of the information system and communication networks of DDX S.r.l.;
  • subjects that provide services for data storage in cloud storage on behalf of DDX S.r.l;
  • firms or companies in the context of assistance and consultancy relationships (administrative, tax, legal);
  • competent authorities for the fulfillment of legal obligations and / or provisions of public bodies, upon request.
We require all third parties to respect the security of the data subject's personal data and to manage them in accordance with current legislation. We do not allow third party service providers to use the data subject's personal data for their specific purposes, but we only allow them to process the data subject's personal data for the specified purposes and in accordance with our instructions.
The list of designated data processors is constantly updated and available at the headquarters of DDX S.r.l..To obtain the updated list of data processors, the user can write to
Without prejudice to communications made in compliance with legal and contractual obligations, all data collected and processed may be communicated in Italy and transferred abroad to states belonging to the European Union exclusively for the purposes and to the recipients specified above.
Some of our service providers (e.g. of a technological nature) use data centers or qualified subcontractors that are not established in the European Union, and this may involve a transfer of personal data outside the European Union. When this happens, the legal basis for this transfer is the signing by these suppliers of contractual clauses that comply with the standard defined by the European Commission.
n compliance with the provisions of art. 5 paragraph 1 letter. e) of EU Reg. 2016/679, the personal data collected will be stored in a form that allows the identification of data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed.
In relation to the various treatments carried out, DDX S.r.l. may keep your data:
  • for navigation data, our system will keep the data anonymously;
  • for the data of unregistered users, for the data collected through telephone support and e-mail, we will keep the data until the purposes for which the personal data are processed are achieved;
  • to receive our newsletter we will keep the data until the consent is revoked;
  • for the purposes related to the satisfaction of any legal obligation, we will keep the data for the time required by current legislation.
We process personal data based on different legal bases depending on the specific purpose of use of the same, as well as on the explicit consent (if applicable). In particular, we will ask for consent to receive our newsletter (marketing), while on the first visit to our site we will ask for consent for our use of third-party cookies (statistical) through a special banner. Failure to provide consent will make it impossible to obtain the requested service.

We remind you that the user has the right to revoke any consent given at any time by contacting the Data Controller by telephone, by sending an email to or by following the instructions contained in our cookie policy.
The user can assert their rights, as expressed in Articles 15, 16, 17, 18, 20, 21 of EU Regulation 2016/679, by contacting the Data Controller (see the paragraph "SUBJECTS OF TREATMENT").

You have the right, at any time, to ask the Data Controller to access your personal data, to correct them, to cancel them, to limit their processing. Furthermore, you have the right to object, at any time, to the processing of your data (including automated processing, eg profiling) as well as to the portability of your data.

Without prejudice to any other administrative and judicial appeal, if you believe that the processing of data concerning you violates the provisions of EU Reg. 2016/679, pursuant to art. 15 letter f) of the aforementioned EU Reg. 2016/679, you have the right to complain to the Guarantor for the protection of personal data and, with reference to art. 6 paragraph 1, letter a) and art. 9, paragraph 2, letter a), has the right to revoke the consent given at any time.

Italian Data Protection Authority: Piazza Venezia 11 - 00187 Roma - Telephone exchange (+39) 06.699771 - Fax: (+39) 06.69677.3785 - e-mail: - Certified mail:

In the case of a request for data portability, the Data Controller will provide you with personal data concerning you, without prejudice to paragraphs 3 and 4 of art. 20 of the EU Reg. 2016/679.

Last update: 30/11/2020

Show Success