Privacy Policy

Information on the processing of personal data pursuant to Article 13 of EU Regulation 2016/679 for users/navigators consulting the website

Why do we provide you with this information?

Pursuant to EU Regulation 2016/679 (hereinafter referred to as the “Regulation”), the contents of this information notice describe the methods for processing the personal data that the website acquires during navigation or that are provided directly by the user. This information does not concern other sites, pages or online services that can be reached through hypertext links that may be published on the sites but refer to resources outside the domain of

Who is the Data Controller?

The Data Controller is MLR s.r.l. with registered office in via Filippo Corridoni 10 – 76123 Andria BT, VAT-registered 8051080722 (hereinafter “Data Controller”). The processing of personal data takes place within the business structure of the Owner and/or within the business group to which the Owner belongs.

Users who provide their personal data may contact the Data Controller, in order to exercise their rights, at the following address:

The Data Controller, or a person authorised by him, is required to respond to user requests without undue delay and/or within one month at the latest.

The contact details of the Data Protection Officer (DPO), if any, will be indicated, following his or her appointment, on the site at

What is the legal basis for processing?

It seems appropriate to explain, in clear and simple terms, what is meant by ‘legal basis’.

Personal data cannot be used by anyone other than its legitimate owner. However, there are cases in which the law allows processing by other parties, such as, for example, when the user/navigator decides to request information on our site, contacts us through the appropriate section by entering your data and these will then be used to fulfil your specific request. Similarly, the user/navigator may also decide to provide his/her e-mail address in order to receive information about our specific activities.

What is the legal basis for the processing?

The user/navigator of the site, having read the informative note, is free to give or not to give the personal data requested in the registration forms for the services. This data is necessary for the provision of the requested service, and if this data is not provided, the requested service cannot be provided, and it is not possible to take advantage of the relative opportunities.

The controller processes personal data relating to users if one of the following conditions is met:

  • The user has given consent for one or more of the specified purposes;
  • The processing is necessary for the fulfilment of a legal obligation to which the Controller is subject;
  • The processing is necessary for the pursuit of the legitimate interest of the Controller or of third

The user may, however, ask the Controller to clarify the concrete legal basis of each processing operation by contacting him at the above-mentioned address.

What data are processed and how?

The data we collect are processed in full compliance with the provisions of the law on the protection of personal data and exclusively for the purposes indicated in this information notice, pursuing logics and methods aimed at guaranteeing the confidentiality, integrity and availability of the information communicated by users.

User data is collected to enable the site to provide its services and for the following purposes:

  • Contact the User;

The types of personal data used for the above purposes are:

Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or the domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check that it is functioning correctly. Access log data with IP addresses are stored on the server hosting the site for a period of 3 (three) months.

The webserver log data could be used, in cases provided for by law, to ascertain responsibility in case of hypothetical computer crimes against the site.

The systems hosting the site are protected by a firewalling system and are replicated to ensure proper storage and availability.

Google Analytics tracking code is installed on the site. The data is recorded by the Google Analytics service and is stored on Google’s servers for a standard period of 26 (twenty-six) months.

Data provided voluntarily by the user

The optional, explicit, and voluntary sending of e-mail addresses on this site entails the subsequent acquisition of the sender’s address, which is necessary to reply to requests, as well as any other personal data included in the message.

No data sent to e-mail addresses or sent via forms is saved on the servers where the website resides. Such data are stored on servers available to MLR srl, located in Italy, at the company’s datacenter and at external datacenters. Specific summarised information will be eventually and progressively reported or displayed on the pages of the website dedicated to particular services on request and in the relevant data collection fields.

Personal data are processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent the loss of data, unlawful or incorrect use and unauthorised access.

The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of such data and to know its content and origin, verify its accuracy or request its integration or updating, or rectification by contact as previously indicated.

Pursuant to the Regulation, you have the right to request the deletion, transformation into anonymous form or blocking of data processed in breach of the law, as well as to oppose in any case, for legitimate reasons, their processing as explained below.

Details of the processing of Users’ Personal Data

  • Contact forms

o  By filling in the forms on the site with their own data, the user consents to their use to respond to requests for information. In other words, by ticking the specific box, he or she consents to the processing of the data entered in order to fulfil the relevant request.

Can data be transferred outside the EU?

In the event that personal data is transferred outside the European Union, for purposes of a technical operational nature and to ensure a high continuity of service, the Data Controller guarantees that the transfer will be carried out ensuring that the level of protection of natural persons guaranteed by current legislation and in particular by EU Regulation 2016/679 is not prejudiced.

To whom are the data communicated?

The personal data provided may be communicated to appropriately appointed recipients who will process the data in their capacity as data processors and/or persons in charge of processing.

The Data Controller does not disclose any of the data subjects’ information to third parties without their consent, except where required by law. The dissemination of processed personal data is in any case excluded. The complete list of the persons in charge of the processing, the co-processors and the persons in charge of the processing of personal data may be requested by sending a specific request to the e-mail address or by contacting the Data Controller in the manner described above.

What are the rights of the user of the site?

The user who has provided the data has, in accordance with the principle of transparency, the right to:

  1. Obtaining revocation of consent given;
  2. obtain confirmation from the Data Controller as to whether or not personal data concerning him/her exist;
  3. obtain communication of the data in a clear and intelligible form;
  4. obtain the indication:
    • the origin of the personal data;
    • the purposes and methods of processing;
    • the logic applied in case of processing by electronic means;
    • the identity of the data controller, data processor(s) and/or person(s) in charge;
    • the person(s) to whom the data may be communicated and/or who may become aware of them in their capacity as designated representative in the territory of the State, data processor or person in
  5. Obtain the updating, rectification and/or integration, where interested, of the data provided;
  6. Obtain the cancellation, transformation into anonymous form or blocking of data processed in breach of the law, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
  7. Obtain certification that the operations of updating, rectification, and deletion of data, as defined in the preceding points, have been brought to the attention, also as regards their content, of those to whom the data have been communicated, unless this requirement proves impossible or involves the use of means manifestly disproportionate to the protected
  8. Obtain the restriction of processing of the data provided;
  9. Complain to the National Control

The deadline for replying to the user is, for all exercisable rights, 1 (one) month, extendable up to 3 (three) months in cases of particular complexity. The Data Controller is in any case obliged to provide feedback to the user, in writing, within 1 (one) month, even in the event of refusal, in a concise, transparent and easily accessible manner, using simple and clear language.

The exercise of the rights may entail the payment of a contribution to the user’s expenses, depending on the difficulties the Data Controller has in fulfilling the requests in relation to the resources available.

Such rights may be restricted by a rule or regulation, whether Community or national, where actual and concrete prejudice may result from the exercise of those rights.

Binding version of current disclosure

The information on the processing of personal data has been drawn up and revised in Italian. The other language versions of the policy are for information purposes only. In the event of any discrepancy between the different language versions, the original shall prevail.

Additions, updates and changes to the current policy statement

The Data Controller reserves the right to modify, integrate or periodically update this Information Notice in compliance with the applicable legislation or the measures adopted by the Data Protection Authority in its capacity as Control Authority.

The aforementioned changes or additions will be brought to the attention of those concerned. We invite users to view the Privacy Policy regularly in order to check the updated information and decide whether or not to continue using the services offered.

The above information applies to the data collected through the website owned by MLR srl in its capacity as Data Controller.

(Last updated 13/05/2021)