PRIVACY NOTICE
(pursuant to Article 13 of EU Regulation 2016/679 – GDPR)
1. Data Controller
The Data Controller is:
Minervas S.r.l.
Email: info@minervas.it
2. Types of Data Collected
The Data Controller processes the following categories of personal data:
• identification data (name, surname)
• contact data (email, phone number if provided)
• data related to contractual relationships with clients and suppliers
• any personal data voluntarily provided by users through the website or other contact channels
3. Purpose of Processing and Legal Basis
a) Management of relationships with clients and suppliers
• administrative, accounting, and contractual management
• compliance with legal and tax obligations
Legal basis:
• performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)
• compliance with a legal obligation (Art. 6(1)(c) GDPR)
b) Responding to information requests
• handling requests submitted via the website or email
• responding to inquiries initiated by the data subject
Legal basis:
• performance of pre-contractual measures at the request of the data subject (Art. 6(1)(b) GDPR)
4. Methods of Processing
Personal data are processed in accordance with the principles of lawfulness, fairness, and transparency,
using both manual and electronic tools, and adopting appropriate security measures to prevent unauthorized access,
disclosure, alteration, or destruction of data.
5. Data Retention
• for 10 years for administrative, accounting, and legal purposes
• for other purposes, for a period consistent with the principle of relevance and necessity,
i.e., as long as necessary to fulfill the purposes for which the data were collected
6. Data Disclosure
Personal data may be disclosed to:
• consultants and professionals (e.g., accountants, legal advisors)
• service providers supporting business operations (e.g., hosting providers, IT services)
Such parties may act as data processors pursuant to Article 28 GDPR where applicable.
Personal data will not be disclosed to the public.
7. Data Transfers
Personal data are processed within the European Union.
No transfer of data to third countries or international organizations is envisaged.
8. Cookies
The website uses only technical cookies, which are strictly necessary for its proper functioning.
The website does not use:
• profiling cookies
• third-party cookies
Therefore, prior user consent is not required.
9. Data Subject Rights
Pursuant to Articles 15–22 of the GDPR, data subjects have the right to:
• obtain confirmation as to whether or not personal data concerning them are being processed
• access their personal data
• request rectification or erasure of their data
• request restriction of processing
• object to processing
• receive their data in a portable format, where applicable
Data subjects also have the right to lodge a complaint with the competent Data Protection Authority.
To exercise these rights, data subjects may contact the Data Controller at the email address indicated above.
10. Provision of Data
• mandatory for the management of contractual relationships and compliance with legal obligations
• optional for submitting information requests
Failure to provide mandatory data may result in the inability to establish or continue a contractual relationship.
11. Minors
The website and services are not intended for individuals under the age of 14.
The Data Controller does not knowingly collect personal data from minors under 14 years of age.
If such data are identified, they will be promptly deleted.
12. Data Protection Officer (DPO)
The Data Controller has not appointed a Data Protection Officer (DPO), as the conditions set out by applicable law are not met.
13. Updates
This Privacy Notice may be subject to updates.
Users are encouraged to review it periodically.