Privacy Policy

European legislation on the protection of personal data (GDPR - General Data Protection Regulation, Reg. UE 2016/679).

Stock Line di Gri Tomaso's privacy policy concerns the collection, use and safeguarding of any personal information acquired during each approach by you customers to our services: when you visit our website, purchase our products or call our sales and service offices.

The processing of your personal data (when requested) is carried out by Stock Line on the basis of EU REGULATION 2016/679 GDPR.

Your privacy is a priority for us as we constantly strive to protect it, in line with the values ​​we pursue. We collect your personal information because it helps us to offer you a higher level of performance: it allows us to provide you with practical access to our products and services, to focus on the categories that interest you most and finally to keep you updated on our latest products, special offers and events of possible use.

In accordance with the commitment and care that the Stock Line dedicates to the protection of personal data, we inform you about the methods, purposes and scope of communication and dissemination of your personal data and your rights, in accordance with art. 13 of the GDPR.

1. Data controller and processing methods.

The Data Controller is Stockline di Gri Tomaso with registered office at Via Roma 133, 33050 Pocenia (UD) to which the interested party may, at any time, contact for the exercise of the rights referred to in the 2016 EU Regulation / 679 (so-called GDPR).

Personal data will be processed with automatic and / or manual procedures for the purposes specified above which, as mentioned, may be exclusively of a commercial, fiscal, administrative and information nature, in line with contractual requirements, with the fulfillment of all the legal obligations that derive from it and with the desire to achieve a more effective management of commercial relations. In order to improve our service to you, the information you provide us will therefore be used to communicate news, offers and promotions of your interest, unless you express the will to oppose such treatment.

2. Purpose and legal basis of the processing

Stockline di Gri Tomaso processes the personal data of natural persons, legal persons, sole proprietorships and / or freelancers ("Interested") for the following purposes:

  • for the management, provision of the various services and for the relative assistance;
  • for the development of statistical and market analyzes;
  • for sending communications relating to services and initiatives proposed by the site manager;
  • for sending information relating to business-to-business and business-to-consumer services and on any promotions and / or services presented on the site.

3. Subjects authorized to process

The data are processed not only by Stockline di Gri Tomaso and by all its collaborators, but also by external companies and partners committed to providing and guaranteeing the continuity of services and managing information systems. The subjects can also be partner companies or companies belonging to the group, as well as management companies of marketing platforms and systems connected to the management of the information acquired. All those who can come into contact for shipping, accounting, financial, administrative and legal management are authorized subjects.

4. Non-personal and aggregated technical navigation data collected

The computer systems for the use of this website acquire some data that cannot be properly defined as personal, the transmission of which is however implicit in the use of internet communication protocols. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. Among these data, IP addresses are the only data which, although not associated with identified direct interested parties, can by its very nature, through processing and association with data held by third parties, allow users to be identified. Where possible, our company, as required by law, has set up anonymization and masking in the collection of the IP address as specified below. The data, however, could be used to ascertain responsibility in the event of hypothetical computer crimes against the site except, this possibility, at present the data of the web IPs do not persist for more than 3 months.

5. Consent and type of data processed voluntarily provided by the user

The consent to the processing of data is freely and voluntarily provided by the user through the web forms through specific approval for the various purposes and registered for a verification by the authorities or for a request by the interested party. The interested party has the right to withdraw his consent at any time. Consent may also be requested in writing if the particular actions require it, otherwise what is expressed in the IT methods described above applies. The data are those provided, also collected as an integration to previously collected data in order to keep them always updated.

6. Cookies and profiling and tracking data

For the extended information on the use of technical and profiling / tracking cookies for marketing purposes, please refer to the extended privacy at the following link

7. Purpose of data processing

The data is collected for the purposes of providing services, for the processing of requests received, for marketing communications or for any analysis and for the transfer to authorized third parties. All the required authorizations are diversified for the type of purpose in the various collection forms, with a clear indication of the data processed and their purposes. Each type of data processing collected requires specific authorization based on the purpose expressed above. The requests for authorization differ, in the collection phase, according to the different purposes of data processing as specified below:

A. Processing of mandatory data for the provision of the service. [required]

This is a mandatory consent to allow us to provide the requested services. Processing can also be understood as the transfer of data to third-party companies for the purpose of managing information and providing services in order to ensure greater security and control over the data and activities covered by the services provided. It also includes communications about the various needs related to the provision of services such as: sending deadlines, payments, invoices, technical and service communications, alerts and information on the status of the systems, sending service notes, data recovery in case of accidental loss. , backup. The revocation of the authorization, even if possible, prevents the further provision of the service. The data may also be transferred to third parties residing outside the European Union in the condition provided for in article no. 27 paragraph 2 paragraph (a), which does not provide for the establishment of a DPO (Data Protection Officer) or processing representative.

B. Processing for marketing purposes. [optional]

It concerns an optional consent on marketing purposes related to products and / or services purchased or of interest. Provides for the authorization to send emails, text messages, and communications also via other electronic and paper means of advertising. The data will be processed internally for communications by Stockline di Gri Tomaso about the activities expressed above. The data could be transferred and / or provided to third-party partner companies or external interested parties both for the management of the communications themselves and for related marketing, survey and / or survey activities, and for other purposes. The processing by third-party companies may concern activities aimed at helping the management of improvement analyzes on performances and conversions. At any time it is possible to revoke or rectify the consent.

8. Method and duration of data processing

The data is collected in full compliance with current legislation. In particular, the collection phase of the same takes place through encryption with an SSL protection certificate. The data is stored on cloud storage with backup and redundancy and kept for the period necessary for the provision of services and related activities. The disks on which the data is stored are encrypted. The data processed may be periodically subject to verification of correctness. In these cases, the interested party will receive a notice of adjustment of his data in our archives. Physical access to servers is protected with anti-intrusion systems and access control to data rooms. The data is also geographically replicated for greater protection from accidental cancellation due to natural disasters or physical theft of the same. There is a log of the data and consents provided and the authorizations granted in the phase of entering and managing the data and information connected to these authorizations. The aim is to quickly identify the activities related to the management of the data of the individual users concerned. The data is securely stored and any unauthorized access is limited to a minimum with the implementation of all the security activities required by the technology. In any case of access, the data subjects will be promptly informed and the data, in the event of accidental deletions, immediately restored.

9. Rights of the interested party regarding the processing of data

The interested party may at any time request the correction, integration or total cancellation of the data. Such requests can be made directly to the contact details on the website. The interested party can also request the revocation of the processing authorizations for the various purposes. If the revocation concerns the mandatory purpose of data processing for the provision of services, the same can no longer be provided and may be suspended without refunds. It is possible to request, always in accordance with the provisions of the law, a copy of the data processed and the purposes of the processing. You can initiate a complaint to or directly to the Data Protection Authority Personal data or one of the supervisory authorities in case of non-compliance that go against the provisions of the GDPR legislation.

All data entered on the site through the forms, managed and processed for the purposes requested for quotes, assistance, newsletters and contact in general, also sent by email on domains of our company or attributable to it, or through systems third parties and in any case sent to us, are treated in compliance with the legislation of the Privacy Guarantor of the EU regulation 2016/679 GDPR for the processing of personal data.