Full privacy policy for telephone sales service customers


This privacy policy applies exclusively to data supplied in connection with the sale of products purchased by telephone, therefore it does not apply to data supplied in connection with our e-commerce website, for which a different and specific privacy policy can be found here.


Who are we and what do we do with your personal data?

The data controller, Santoni S.p.A. with its registered office at Via Monte Napoleone 9, Milan and an operative/administrative office at Via E. Mattei n. 59, Corridonia (MC), (hereinafter also The Data Controller), takes the confidentiality of your personal data very seriously and strives to protect it from any potentially compromising event.

For this reason, the Data Controller has policies and practices in place regarding the collection and use of personal data and the exercise of your rights under applicable legislation.  The Data Controller shall update personal data protection policies and practices as often as necessary and in the event of regulatory and organisational changes that may affect the processing of your personal data.


The Controller has appointed a data protection officer (DPO), whom you can contact if you have any questions about the policies and practices in place by emailing the following address: privacy.santoni@legalmail.it


How does the Data Controller collect and process your data?

The Data Controller collects and/or receives data relating to you, such as: the IP address given when browsing the site, in connection with the Data Controller's Store Locator and personal identification data (such as telephone number and email) and any further personal data that may be obtained from any chat session with the Data Controller. The data is used by the Data Controller to respond to your request to receive information by telephone and via the WhatsApp chat facility.  Your personal data is disclosed primarily to third parties and/or recipients whose involvement is necessary for the performance of activities relating to the aforementioned purposes, and also to comply with certain legal obligations. Any disclosure that does not fit these criteria will be subject to your prior consent.

Your personal data will in no way be shared or disclosed to unspecified persons.

The Data Controller will not transfer your personal data abroad.  Your personal data will in no way be shared or disclosed to unspecified and unidentifiable persons, including third parties.


What happens if you do not provide your data?

Personal data relating to you and which identifies you is required in order to fulfil the request you have made by telephone or via WhatsApp chat; if not provided it will make it impossible for the Data Controller to fulfil your request.


How and for how long is your data stored?

Your personal data is processed using both electronic and manual means and equipment provided to persons acting under the authority of the Data Controller and authorised and trained for this purpose.

Where necessary, personal data is stored in electronic archives protected by effective and adequate security measures to guard against the risk of breaches, as identified by the Data Controller, for the time necessary to fulfil requests for information and to send communications of this exclusive nature carried out by the Data Controller following your request, and in any event for no longer than 24 months, except in circumstances involving the intervention of relevant Authorities, also in cooperation with third parties/recipients entrusted with the Data Controller's data security activities, to investigate the causes of such circumstances. 


What are your rights?

In accordance with the limits imposed on the processing of your personal data, particularly in terms of time limits, your rights allow you to retain control of your data at all times. Your rights are those of:

  • access;
  • rectification;
  • erasure;
  • limitation of processing;
  • opposition to processing;
  • portability.

You are granted your rights without any special charges or formalities, exercising them is essentially free of charge.

 You have the right:

  • to obtain a copy, also in electronic format, of the data to which you have requested access. Should you require further copies, the Data Controller may charge you a reasonable fee;
  • to obtain the erasure of your personal data or the limitation of its processing or the updating and rectification of your personal data, and for third parties/recipients to comply with your request in the event that they should receive your data, insofar as no legitimate reasons prevail that are more compelling than those that motivated your request (e.g. environmental investigations and emergency risk containment handled by the Data Controller using the same);
  • to obtain any relevant communication concerning the activities carried out following the exercise of your rights without delay and, in any case, within one month of your request, unless a you are duly informed of a substantiated extension of up to two months.


Who can you complain to?

Without prejudice to any other administrative or judicial action, you may file a complaint with the relevant supervisory authority, i.e. the authority discharging its duties and exercising its powers in Italy where you have your permanent residence or place of work or, if otherwise, in the Member State where the breach of EU Regulation 2016/679 occurred.

For any further information and to submit your enquiry please write to privacy.santoni@legalmail.it