Art. 13 D. Lgs. n. 196/2003 and art. 13 Regulation UE n. 2016/679

Dear Visitor,

please be informed that the Data Controller and Data Processor is FLESSYA s.r.l. and in accordance with article 13 of Legislative Decree n. 196/2003 (hereinafter “Data Protection Code”) and article 13 of Regulation EU n.679/2016 (hereinafter “GDPC”), provides the following information:


The Data Controller processes identifying and non-sensitive personal data – including name, surname, tax code, VAT number, email address, telephone number, etc. – (hereinafter “data”), provided by you when requesting information or registering on the Data Controller’s website, or subscribing to the newsletter service offered by the Data Controller, or provided by you in writing or verbally.


Your data are processed: A. With your express consent (art. 24, letters a), b) and c), of the Data Protection Code, and art. 6, letter b) and e), of the GDPR) for the following business-related purposes: – to answer your requests for information; – to finalise contracts for services offered by the Data Controller; – to fulfil pre-contract, contract and tax obligations relating to the relationship with you; – to fulfil legal obligations set by laws, regulations, EU regulations or orders issued by an Authority (e.g. anti-money-laundering); – to exercise the Data Controller’s rights (e.g. right of defence in court for breach of contract); – to prevent or identify fraudulent activities or harmful abuse on the website. B. Exclusively with your specific and separate consent (articles 23 and 130 of the Data Protection Code and article 7 of the GDPR), for the following information and marketing purposes: – to allow registration on the website; – to allow subscription to the newsletter service provided by the Data Controller and any other services you may request; – to send via email newsletters, commercial communications and/or advertising material about the products and services offered by the Data Controller and customer satisfaction surveys; In any case, you may revoke the consent you provided for the purposes in point B. at any time, by sending a simple email at the address provided in point 10 herein. Please be informed that, if you are already our customer, we may send you commercial communications regarding services and products offered by the Data Controller that are similar to those you have already received, unless you do not consent (article 130, paragraph 4, Data Protection Code). If the Data Controller intends to use your data for purposes other than those described in this paragraph, you will be informed before the processing for the additional purposes starts.


The legitimate interests of the Data Controller consist in complying and honouring the contractual obligations between the parties. In accordance with article 6 of the GDPR, the processing is based on the data subject’s clearly expressed consent.


For the purposes in point 2 herein, your data may be accessed by: A. Employees and collaborators of the Data Controller in their capacity as in-house officers and/or data processors and/or system administrators; B. Third parties (credit institutions, transport companies, external professionals and consultants – e.g. accountants – for the only purpose of carrying out credit checks and improving the management of the company’s rights in relation to the individual commercial relationships) outsourced by the Data Controller, acting as external, autonomous Data Controllers, or Data Processors appointed by the Data Controller. Without your express consent (article 24, letters a), b) and d), of the Data Protection Code and article 6, letters b) and c), of the GDPR), the Data Controller may communicate your personal data for the purposes in point 2.A herein, to supervision organs, judicial authorities and any other subjects to whom communication is required by law for the above-mentioned purposes. Said subjects will process the data in their capacity as autonomous data controllers. Your data will not be divulged. Data will be managed and stored in servers (located within the European Union) by the Data Controller and/or third-party companies appointed and authorised to act as Data Processors. Data will not be transferred outside of the European Union.


Data provision for the purposes in point 2.A herein is mandatory, as the data is required to fulfil legal and contractual obligations. Refusal to provide said data, or the future failure to authorise their processing, may lead to the Data Controller’s inability to execute the contract (the data subject will not receive the service/product, unfulfillment of the contract and consequent liability, impossibility to comply with legal obligations and consequent sanctions, etc.). Data provision for the purposes in point 2.B herein is optional and failure to provide data or authorise their processing will result in the impossibility of sending newsletters, commercial communications and or advertising materials, or customer satisfaction surveys on products or services offered by the Data Controller.


Without prejudice to the five-year and ten-year data retention terms applicable to contractual, fiscal and accounting documents set by the applicable laws, any other data will be retained for 10 years from the end of the provision/supply of the service/product, unless you revoke your consent or request their cancellation.


With the exception of legal obligations, public interest or the exercise of official authority, you have the right, at any time, to revoke your consent to the processing of your data, without prejudice to the processing carried out before you withdrew your consent. As data subject, article 7 of the Data Protection Code and article 15 of the GDPR, give you specific rights, including the right to obtain from the Data Controller confirmation on whether or not data regarding you exist and your right to obtain them in readable format; the right to know the origin of the data, the purposes, methods and logic of processing; the right to identify the Data Controller and the individuals to whom the data may be communicated; the right to obtain the update, rectification and integration of the data, the cancellation or transformation in anonymous format or block data unlawfully processed; the right to object, for legitimate reasons, to the processing of your data. The GDPR recognises the right to be forgotten (article 17), right to limit data use (article 18), data portability right (article 20) and, in the event of automated processing (so called profiling), the right to human processing (article 22). Rights may be exercised with no format constraints and for free.


Should you submit a request in relation to your data, the Data Controller will process your request as soon as possible – as long as this does not require a disproportional effort – and, in any case, within 30 days from receiving the request. The impossibility to fulfil the request and any delays will be motivated. 9. DISPUTES AND APPEALS. Should you believe your rights, as listed in point 7 herein, have been violated, you may complain to the Data Protection Authority (following the procedures and instructions published on the Authority’s website – or via an administrative or judicial remedy.


The Data Controller is FLESSYA s.r.l., with registered office in Via dell’artigianato 13, Monte Roberto (AN), Italy. Any queries and requests, including the exercise of the rights set in point 7 herein, should be submitted to the Data Controller.

Artt. 13 and 122 D.Lgs. 30/06/2003 – 196
“Codice in materia di protezione dei dati personali”.

Dear Visitor,
According to and for the effects of Provv. 8 May 2014 [3118884], of the Authority for the Protection of Personal Data, concerning the use of cookies, we inform you, with reference to the domain of ‘FLESSYA SRL’ as follows

The website of “FLESSYA SRL” stores information in small text files on the user’s computer.
These files are called cookies.

Information about cookies
Cookies are small text files that visited sites send to the terminal (computers, tablets, smartphones, notebooks) of the user, where they are stored, and then retransmitted to the same sites at the next visit.
They are used to perform computer authentication, session tracking, and site information storage (without using “technical” cookies, some operations would be very complex or impossible to do).
Through cookies you can also monitor your navigation, collect data on tastes, habits, personal choices that allow you to reconstruct detailed consumer profiles.
Most cookies are “session cookies” and are then deleted from the hard drive at the end of the session (when you log off or close the browser).

There are different types of cookies:
Session cookies expire at the end of your browser session and allow us to link your actions during that particular browser session.
Persistent cookies are stored on your device between browser sessions, allowing you to remember your preferences or actions
First-party cookies are set from the site you are visiting.
Third party cookies are set up by a third site separated by the site you are visiting.

Cookies used on this site
Log files: like many other websites, this also makes use of log files that records the history of operations as they are performed. The information contained within the log files includes IP addresses, browser type, Internet Service Provider, date, time, entry and exit page and number of clicks.
All this to analyze trends, to administer the site, to monitor the user’s movement inside the site and to collect demographic data, IP addresses and other information.
This data can not be attributed in any way to the user’s identity.

Use of Google Analytics on this site
Analytics cookies are considered technical if used only for optimization purposes and if users’ IPs are kept anonymous. We inform the user that this site uses the free service of Google Analytics.
Remember that the data are used only to have data about the most visited pages, the number of visitors, to aggregate data about visits by operating system, browser, etc.
These parameters are stored on  Google server that govern their privacy according to these guidelines

Cookies from other companies
“FLESSYA SRL” integrates, within their own pages, third party services that may set up and use their own cookies and / or similar technologies. The use of such cookies and similar technologies by such companies is governed by the privacy statements of those companies and not by this notice, as “Flessya” is totally unrelated to the management of such tools and to the processing of data deriving therefrom.
Below is a list (not exhaustive) of some of the companies that could use cookies while browsing our site
Google Analytics (disclosures)
Google Adsense (disclosures)
Google+ (disclosures)
Facebook (disclosures)
Twitter (disclosures)
YouTube (disclosures)

Configuring browsers
Browsers can be configured to control the arrival of cookies, generally the configuration option that allows you to disable the arrival of cookies is related to privacy management.

Disable cookies
You can configure your browser to accept or reject all cookies or specialty types of cookies (such as third-party cookies), or you can choose to be alerted whenever a cookie is set within your computer.
It is important to know that refusal of all cookies may prevent you from accessing the products and services “FLESSYA SRL” that require that you access, through username and password, to areas reserved for registered users.
In fact, all these services require cookies to work properly and, as a result, blocking cookies would make it impossible to use them.
Below is the instructions for most popular browsers to make a custom configuration about cookies:

Microsoft Internet Explorer
click on “Tools” at the top of the browser window;
select “Internet Options”;
click on the “Privacy” tab;
to enable cookies, the Privacy level must be set to “Medium” or below;
setting the Privacy level above “Medium” the use of cookies will be disabled.

Mozilla Firefox
click on the “Tools” at the top of the browser window;
select “Options”;
click on the “Privacy” tab;
click on the “Cookies”;
select whether or not the items “Accept cookies from sites” and “Accept third-party cookies”

Google Chrome
click the menu icon;
select “Options”;
at the bottom of the page, select “Show Advanced Settings”;
in the “Privacy” section, select “Content Settings”;
select whether or not the “Prevent sites from setting data” option.

Apple Safari
click the “Safari” label at the top of the browser window;
select the “Preferences” option;
click on the “Privacy”;
Set your choice to “Cookies and Website Data”.