Information provided pursuant to Article 13 of EU Reg. 2016/679 (hereinafter GDPR)

For Servizi Logistici Srl (hereinafter also SL) personal data represent a heritage of great value and an asset to be protected, by adopting procedures and behaviors aimed at guaranteeing its protection. Transparency towards data subjects therefore represents a primary objective, pursued through effective communication tools and aimed at making basic information on the processing of their data available to interlocutors. This information is therefore aimed at providing interested parties with all the elements required by current privacy regulations, as well as specific guarantees for stakeholders:

  • subjects who commission an activity from SL (who are informed about company data protection policies);
  • subjects SL uses for the provision of services (who must comply with these policies to carry out tasks on behalf of SL).

General information
The interested parties are informed (pursuant to Article 4, c.1 of the GDPR) of the following general profiles, valid for all areas of processing:

  • all data is processed in compliance with current privacy regulations (EU Reg. 2016/679 and Legislative Decree 196/2003, as amended and supplemented by Legislative Decree 101/2018);
  • all data are processed in a lawful, correct and transparent manner in relation to the interested party, in compliance with the general principles set out in Article 5 of the GDPR;
  • specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access (GDPR, Art.32).

Data controller and DPO
The Data Controller is the undersigned Company (in the person of its pro-tempore legal representative) who can be contacted for any request regarding privacy or to exercise the rights listed below, at the following addresses:


Name: Logistic Services Srl
Email: privacy@servizilogisticisrl.com


Name: Galli Data Service Srl
Email: dpo@gallidataservice.com

Rights of the interested parties

  • right to request the presence and access to personal data concerning him (Article 15 “Right of access”)
  • right to obtain the rectification/integration of inaccurate or incomplete data (Article 16 “Right of rectification”)
  • right to obtain, if there are justified reasons, the cancellation of data (Article 17 “Right to cancellation”)
  • right to obtain the limitation of the treatment (Article 18 “Right to limitation”)
  • right to receive data concerning him in a structured format (Article 20 “Right to portability)
  • right to oppose the processing and automated decision-making processes, including profiling (Art.21, 22)
  • right to revoke a previously given consent;
  • the right to submit, in the event of no response, a complaint to the Data Protection Authority.

The following specific information is provided below, referring to:

  • data processing connected to the functioning of this website;
  • data processing of customers / suppliers of the Data Controller and their interlocutors;
  • guarantees of protection required of individuals who carry out tasks on behalf of SL.


1.1 Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.

Purpose and legal basis of the processing

(GDPR-Art.13, comma 1, lett.c)

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could also be used to ascertain responsibility in the event of hypothetical computer crimes against the site (legitimate interests of the owner).
Communication scope

(GDPR-Art.13, comma 1, lett.e,f)

The data can be processed exclusively by internal personnel, duly authorized and instructed in the treatment (GDPR-Art.29) or by any subjects in charge of maintaining the web platform (appointed in this case as external managers) and will not be communicated to other subjects, disseminated or transferred to non-EU countries (unless subject to compliance with the provisions of chapter V of the GDPR). Only in the event of an investigation can they be made available to the competent authorities.
Data retention period

(GDPR-Art.13, comma 2, lett.a)

The data are normally kept for short periods of time, with the exception of any extensions connected to investigation activities.

(GDPR-Art.13, comma 2, lett.f)

The data are not provided by the interested party but automatically acquired by the site’s technological systems.

 1.2 Cookies
The management of cookies is aligned with the relevant regulatory requirements:

  • “Guidelines for cookies and other tracking tools” of 10 June 2021 (Published in the Official Gazette No. 163 of 9 July 2021);
  • Guidelines 5/2020 on consent pursuant to reg. (EU) 2016/679, adopted by the European Data Protection Board.

The user can analytically verify the types of cookies and set their preferences through the appropriate banner, as well as through the appropriate tools provided by the main navigation browsers. Some general information about cookies and similar technologies is provided below.

What are cookies
Cookies are short fragments of text (letters and/or numbers) that allow the web server to memorize information on the client (the browser) to be reused during the same visit to the site (session cookies) or later, even after days (persistent cookies). Cookies are stored, based on user preferences, by the single browser on the specific device used (computer, tablet, smartphone). Similar technologies, such as, for example, web beacons, transparent GIFs and all forms of local storage introduced with HTML5, can be used to collect information on user behavior and use of services. In the following of this information we will refer to cookies and all similar technologies by simply using the term “cookie”.

Possible types of first-party cookies and methods for managing preferences

Navigation or session technicians Ensure normal navigation and use of the site Tramite i principali browser di navigazione è possibile:

·  Block the reception of all (or some) types of cookies by default

·  View the analytical list of cookies used

·  Remove all or some of the cookies installed

For information on the settings of individual browsers, see the specific paragraph. It should be noted that blocking or deleting cookies could compromise the navigability of the site.

Analytical technicians Collect information on the number of visitors and pages viewed
Function technicians Allow navigation according to a series of selected criteria
Di profilazione Create user profiles in order to send advertising messages in line with preferences

The site may contain links to third-party sites and third-party cookies; for more information, we invite you to view the privacy policy of any linked sites.

Management of preferences through the main browsers
The user can decide whether or not to accept cookies using the settings of his browser (we point out that, by default, almost all web browsers are set to automatically accept cookies). The setting can be changed and defined specifically for different websites and web applications. Furthermore, the best browsers allow you to define different settings for “proprietary” cookies and for those of “third parties”. Usually, the configuration of cookies is carried out from the “Preferences”, “Tools” or “Options” menu.

Below are the links to the guides for managing the cookies of the main browsers:

Internet Explorer: http://support.microsoft.com/kb/278835

Internet Explorer [mobile version]: http://www.windowsphone.com/en-us/how-to/wp7/web/changing-privacy-and-other-browser-settings



Safari [mobile version]: http://support.apple.com/kb/HT1677



Opera: http://help.opera.com/opera/Windows/1781/it/controlPages.html#manageCookies

Further information

aboutcookies.org (for more information on cookie technologies and how they work)
youronlinechoices.com/it/a-proposito (allows users to oppose the installation of the main profiling cookies)
garanteprivacy.it/cookie (collection of the main regulatory interventions on the subject by the Italian Data Protection Authority)

1.3 Site-Specific Features
Some pages of the site could involve a request for information from the navigator in relation to specific services (eg: request information, contact us, etc.).

Purpose and legal basis of the processing

(GDPR-Art.13, comma 1, lett.c)

Only the data necessary for the correct provision of the service and necessary to give a correct and exhaustive response to the interested parties will be requested. The treatment is subject to the acceptance of specific, free and informed consent (GDPR-Art.6, comma1, lett.a)
Communication scope

(GDPR-Art.13, comma 1, lett.e,f)

The data is processed exclusively by duly authorized and trained personnel (GDPR-Art.29) or by any persons in charge of maintaining the web platform (appointed in this case as external managers). The data will not be disclosed or transferred to non-EU countries (unless subject to compliance with the provisions of chapter V of the GDPR).
Data retention period

(GDPR-Art.13, comma 2, lett.a)

The data is kept for times compatible with the purpose of the collection

(GDPR-Art.13, comma 2, lett.f)

The provision of data referring to the mandatory fields is necessary in order to obtain an answer, while the optional fields are aimed at providing the staff with further elements useful for facilitating contact.

1.4 Data provided voluntarily by the user
The optional, explicit and voluntary sending of messages to contact addresses, private messages sent by users to institutional profiles/pages on social media (where this possibility is provided), as well as the compilation and forwarding of any forms/modules present , involve the acquisition of the sender’s contact details, necessary to reply, as well as all personal data included in the communications. The sender therefore remains personally responsible for the accuracy of the data provided, as well as their pertinence and non-excess with respect to the requests in question.


2.1 Object of the treatment
The company may process personal identification data of customers/suppliers (for example, name, surname, company name, personal/fiscal data, address, telephone, e-mail, bank and payment references) and their operational contacts (name, surname and contact data), as well as of third parties conferred by them, acquired and used in the context of the provision of the services provided.

2.2 Purpose and legal basis of the processing
The data is processed for:

  • conclude contractual/professional relationships and provide the related services;
  • fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships, as well as manage the necessary communications connected to them;
  • fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority;
  • exercise a legitimate interest as well as a right of the Data Controller (for example: the right of defense in court, the protection of credit positions; ordinary internal operational, management and accounting needs).

Failure to provide the aforementioned data will make it impossible to establish the relationship with the Data Controller. The aforementioned purposes represent, pursuant to Article 6, paragraphs b, c, f, suitable legal bases for the lawfulness of the processing. If you intend to carry out treatments for different purposes (eg: marketing communications, production of photo/video content, etc.) a specific consent will be requested from the interested parties.

2.3 Processing methods and storage time
The processing of personal data is carried out by means of the operations indicated in the Art. 4 no. 2) GDPR and precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data is subjected to both paper and electronic processing. The Data Controller will process the personal data for the time necessary to fulfill the purposes for which they were collected and related legal obligations (usually coinciding with the relationship with the interested party, without prejudice to the extension with reference to the obligations to keep administrative documentation and of commercial correspondence), as well as compatibly with the exercise of the right of cancellation possibly expressed by the interested party.

In compliance with the provisions of Article 32 of the GDPR, taking into account the state of the art and implementation costs, as well as the nature, object, context and purposes of the processing, as well as the risk of varying probability and seriousness for the rights and freedoms of natural persons, SL implements appropriate technical and organizational measures, to guarantee a level of security appropriate to the risk, which include, among others, where appropriate:

  1. the pseudonymisation and encryption of personal data;
  2. the ability to ensure the confidentiality, integrity, availability and resilience of processing systems and services on a permanent basis;
  3. the ability to promptly restore the availability and access to personal data in the event of a physical or technical incident;
  4. a procedure for regularly testing, verifying and evaluating the effectiveness of technical and organizational measures in order to guarantee the security of the processing.

2.4 Scope of processing
The data is processed by duly authorized and trained internal subjects pursuant to Article 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise indications on any external subjects who operate as independent data processors or data controllers (eg: consultants, technicians, banks, carriers, etc.). The data may be communicated to any subsidiary/associated company for various reasons. The data are not subject to dissemination or transfer outside the EU (they may be transferred outside the EU only in compliance with the conditions set out in Chapter V of the GDPR, aimed at ensuring that the level of protection of the data subjects is not compromised “Art.45 Transfer on the basis of an adequacy decision, Art.46 Transfer subject to adequate guarantees, Art.47 Binding corporate rules, Art.49 Specific exceptions”). The data are not subject to automated processes that produce significant consequences for the data subject


In carrying out its activity and providing the related services, SL may make use of third parties, usually in the following areas:
entities/organisations/companies that provide operational personnel engaged in logistics/warehouse operations;

  • companies/professionals who carry out transport services.

These operators are required to fully guarantee maximum compliance with current EU (EU Reg. 2016/679 “General Data Protection Regulation”) and national (Legislative Decree 196/2003 “Privacy Code” as amended by Legislative Decree 101/2018). In particular, these subjects are required to:

  • use the personal data of which they may become aware exclusively for purposes strictly connected to the performance of the tasks received, refraining from any form of improper use (which may be prosecuted in accordance with the law);
  • bind the personnel supplied (or any sub-suppliers) to specific confidentiality clauses, as well as disseminate adequate instructions to guarantee lawful and secure processing;
  • in the case of use of electronic tools provided by SL, take steps to ensure their integrity and safety, avoiding behaviors that could compromise their functionality, settings and security;
  • in the case of using own tools, adopt adequate security measures (Art.32), as well as ensure compliance with the principles of privacy by default and by design (Art.25), with particular reference to
  • use of authentication and authorization procedures,
  • use of perimeter defense solutions and computer malware prevention
  • use of patching solutions to fix system vulnerabilities
  • adoption of adequate back-up and recovery procedures
  • always use secure transmission channels for the communication/sharing of personal data;
  • promptly notify SL of any violations / incidents (data breach) that may compromise data security;
  • promptly notify SL of any exercise requests from the interested parties;
  • collaborate with SL in the event of inspections by the Supervisory Authorities;
  • agree to audits of compliance systems required by SL;
  • consent, at the end of the relationship with SL, to agree on the return or cancellation of the data.

It should be noted that this information may be subject to periodic review, also in relation to the relevant legislation and jurisprudence. In the event of significant changes, appropriate evidence will be given on the home page of the site for a reasonable time. In any case, the interested party is invited to periodically consult this policy.

Find out more

You have other questions to ask us


Via G. Matteotti, 1
27042 Bressana Bottarone PV

Via Abruzzi, 1
60032 Monsano (AN)