Privacy policy

(Version updated at 25 May 2018)


Dear User, RM Service S.r.l. (hereinafter referred to as “RM Service” and “the Data Controller”) is particularly attentive to aspects concerning the privacy of its users.
Therefore, through this page, the Data Controller intends describing the management of its website ( with reference to the processing and protection of personal data of users who access it.
This general Privacy Statement is provided in compliance with Regulation (EU) 2016/679 “Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data” (hereinafter referred to as the Regulation) for RM Service’s institutional website only and not for other websites that may be visited by the user through links on its pages for which the Data Controller is in no way responsible.

  1. Data Controller

    The Controller of the processing of data provided by the user is RM Service S.r.l. based in 24060 – Credaro (BG), Via G. Rossini n. 28, Taxpayer’s and VAT number 03631100165, Tel. 035/4260942, Fax 035/4260939.

  2. Type of data collected

    1. Navigation data
      The computer systems and programs used to operate the site collect a number of personal data the transmission of which is implicit in the use of Internet communication protocols.
      This information, even if not collected to be associated with the identified data subjects, could, by its nature and through processing and association with data held by third parties, allow the identification of users.
      This category of data includes IP addresses or domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters relating to the operating system and computer environment.
    2. Data provided voluntarily by the user (Art. 4 sub-section 1 of the Regulation)
      To visit the site, no provision is required of personal data by the user. However, the optional, explicit and voluntary sending of personal data to the addresses indicated on this site as well as the inclusion of the same in the «Contacts» section will result in the acquisition of the sender’s address and the data entered by the user necessary to respond to requests sent.
      Specific privacy notices will be progressively shown or displayed on the pages of the site set up for particular services on request. Users are invited, in their requests for services or in their questions, not to send names or other personal data of third parties, which are not strictly necessary.
    3. Cookies
      For information regarding the use of cookies through this website please read the Cookie Policy.
  3. Legal basis and purpose of data processing

    The legal basis for the processing of navigation data (par. 2, lit. a) is to pursue the legitimate interests of the Data Controller in relation to the management of the Site. In particular, the data are used for the following purposes:

    • to make it possible to access and browse the site;
    • to collect data and information in exclusively aggregated and anonymous form to make sure the site is operating correctly;
    • to collect data and information in order to protect the security of the site (spam filters, firewalls, virus detection) and users;
    • to obtain anonymous statistical information on the use of the site.

    In the event of computer-related abuses committed against the Site, the navigation data may also be used to ascertain responsibility.
    The data provided voluntarily by the user (par. 2 lit. b) through the sending of emails to the addresses indicated on this site are processed in order to respond to the data subject and perform the requested service, including the management of any applications sent voluntarily by the user.
    With reference to the purpose of processing the data entered in the «Contacts» section, please refer to the information in the appropriate section of the site. The provided data will not be sent to third parties without first obtaining the effective and unequivocal consent to processing of the data subject.

  4. Methods of data processing

    The data will be processed by the Data Controller both in electronic format and, possibly, in paper format according to principles of lawfulness, fairness and transparency.
    Such processing may be performed whether or not by electronic or automated means and shall include all the operations provided for in Art. 4, no. 2) of the Regulation (collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of data) necessary for the processing in question, including communication to the entities listed in the following “Communication of data” section.
    The data will be recorded and stored in both paper and computer files, with organizational systems related to the purposes of processing. Furthermore, in order to protect the data from destruction or loss (including accidental) as well as to guarantee their integrity and confidentiality (including against unauthorised access or disclosure) and in general to ensure the rights of the data subject, the Data Controller has adopted security measures of a technical and organisational nature, in compliance with the provisions of the Regulation (with particular reference to Articles 24, 32 and 35).

  5. Data communication

    In addition to the Data Controller, the internal staff of RM Service S.r.l. authorised to process the data pursuant to Art. 29 of the Regulation, in accordance with their respective profiles of competence and for the purposes indicated above (par. 3) may also have access to the data.
    The collected data may also be communicated to external parties (e.g. third-party technical service providers, hosting providers, IT companies) appointed as data processors pursuant to Art. 28 of the Regulation, who work on behalf of RM Service S.r.l. and in accordance with its instructions, but exclusively for activities strictly connected to the purposes indicated above (e.g. to ensure the operation of the Internet service, the management of the computer and telematics system).

  6. Dissemination of data

    Personal data collected for the indicated purposes will not be disseminated.

  7. Data storage period

    The navigation data (par. 2, lit. a) will be stored, in accordance with the provisions of current legislation on the subject, for no longer than is necessary for the purposes for which such data are processed.
    The Data Controller will process the data provided voluntarily by the user (par. 2, lit. b) for the time strictly necessary to provide the service requested and in any case for no longer than one year.

  8. Consequences of failure to provide personal data

    The navigation data collected as part of this processing (par. 2, lit. a) are mandatory because they are strictly functional to the management of the website.
    The provision of data voluntarily provided by the user (par. 2, lit. b) is optional and aimed solely at responding to the user’s requests; therefore, failure to provide such data will make it impossible for RM Service to respond.

  9. Place of data storage

    The personal data will be stored at the headquarters of the Data Controller and in any case within the European Union.

  10. Rights of the user

    The user subject to whom the personal data refer has the right to request and obtain, at any time, from the Data Controller, access (Art. 15 of the Regulation), rectification (Art. 16 of the Regulation) and erasure (“right to be forgotten”) (Art. 17 of the Regulation) of his/her personal data. The user also has the right to obtain the restriction of personal data processing (Art. 18 of the Regulation) as well as the right to data portability (Art. 20 of the Regulation), and the right to object, on legitimate grounds, to their processing (Art. 21 of the Regulation).
    In any case, the user has the right to lodge a complaint with the supervisory authority, as provided for in Art. 77 of the Regulation, or to take legal action under Art. 79 of the Regulation if he/she considers that his or her rights have been infringed as a result of the processing of his or her personal data in non-compliance with the provisions of the Regulation.

  11. Methods of exercising rights

    The user may at any time exercise his/her rights as identified above by sending an email to ; a fax to ­­­­­­­035/4260939; or a registered letter with notification of receipt to: RM Service S.r.l., Via G. Rossini n. 28, 24060 – Credaro (BG).

  12. Changes to this Privacy Policy

    RM Service S.r.l. reserves the right to amend this Privacy Policy. The date indicated at the beginning of this Privacy Policy indicates that of the last update. In the event of material changes, notice will be given through the Website or otherwise in order to give the user the chance to review the amendments before they become effective.