top of page

Privacy policy

General information

The data subjects are hereby informed (pursuant to Art.4(1) of the GDPR) of the following general profiles, valid for all areas of processing:

  • all data are processed in accordance with current privacy regulations (Reg. (EU) 2016/679 and Italian Legislative Decree 196/2003, as amended and supplemented by Legislative Decree 101/2018);

  • all data are processed in a lawful, correct and transparent manner in relation to the data subject, in compliance with the general principles set out in Article 5 of the GDPR;

  • specific security measures are observed to prevent the loss of data, its illegal or incorrect use and unauthorised access (GDPR, Art.32).



The Controller is the undersigned Company (represented by the pro-tempore legal representative) that can be contacted for any privacy request or to exercise the rights listed below, at the following addresses:

Contact details


Pagani Geotechnical Equipment Srl

Tel: 0523-771535 – Email:

Data Protection Officer

Name: Galli Data Service Srl Email:


Rights of the Data Subjects

  • right to request the existence of and access to personal data concerning him or her (Art.15 “Right of access”)

  • right to obtain the rectification/integration of inaccurate or incomplete data (Art.16 “Right to rectification”)

  • right to obtain, if there are justified reasons, the erasure of data (Art.17 “Right to erasure”)

  • right to obtain the restriction of processing (Art.18 “Right to restriction of processing”)

  • right to receive data concerning him or her in a structured format (Art.20 “Right to data portability)

  • right to object to processing and automated decision-making processes, including profiling (Art.21, 22)

  • the right to withdraw previously given consent;

  • the right to lodge a complaint with the Data Protection Authority in the event of failure to reply.

The following specific information is given below, referring to:

  1. data processing related to the operation of the website

  2. processing of data of customers/suppliers of the Controller




1.1Navigation data


The IT systems and software processes responsible for the operation of this website acquire certain personal data during the course of their normal operations, the transmission of which is an integral and essential part of the Internet communication protocols. This is information which is not gathered in order to be associated with identified parties, but due to its nature could, through processing and association with data held by third parties, permit identification of the users. This category of data includes the IP addresses or domain names of the computers used by visitors to the site, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to issue the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, failure etc.) and other parameters concerning the user's operating system and IT environment.



Purposes and legal basis for the processing (GDPR-Art.13(1)c)

These data are used only to obtain anonymous statistical information on use of the site and to check it is operating correctly. These data could also hypothetically be used to determine responsibility in the event of attacks or other criminal acts carried out on the site (legitimate interests of the Controller).


Scope of communication (GDPR-Art.13(1)e and f)

The data may only be processed by internal personnel, duly authorised and instructed in the processing (GDPR-Art.29) or by any subjects in charge of the maintenance of the web platform (in this case appointed external data processors) and will not be disclosed to other subjects, disseminated or transferred to non-EU countries (unless with the prior compliance with the requirements of Chapter V of the GDPR). Only in the event of an investigation may they be made available to the competent authorities.

Data retention period (GDPR-Art.13(2)a)

The data are normally kept for short periods of time, with the exception of any extensions related to investigation activities.

Provision of data (GDPR-Art.13(2)f)

The data are not provided by the data subject but acquired automatically by the technological systems of the website.


1.2 Cookies


What are Cookies? Cookies are short fragments of text (letters and/or numbers) that allow the web server to store information on the client (browser) to reuse during the same visit to that website (session cookies) or later (persistent cookies). Cookies are stored, based on your preferences, by the browser on the specific device used (computer, tablet, smartphone). Similar technologies, such as, for example, web beacons, transparent GIFs, and all forms of local storage introduced with HTML5, can be used to collect information about user behaviour and the use of the services. Below, the term "cookies” is used to refer to cookies and all similar technologies.


Possible types of first-party cookies and how to manage preferences



Criteri di codifica

Tecnici di navigazione, di sessione, di funzionalità

Garantire la normale navigazione e fruizione del sito

Sono codificati come tecnici poiché sono utilizzati al solo fine di “effettuare la trasmissione di una comunicazione su una rete di comunicazione elettronica, o nella misura strettamente necessaria al fornitore di un servizio della società dell'informazione esplicitamente richiesto dal contraente o dall'utente a erogare tale servizio”.

Analitici (equiparabili ai tecnici)

Raccogliere informazioni sul numero dei visitatori e sulle pagine visualizzate

COOKIE DI PRIMA PARTE Sono codificati come equiparabili ai cookie tecnici, poichè sono utilizzati unicamente per produrre statistiche aggregate in relazione al singolo sito (anche eventualmente con IP in chiaro, nel rispetto del vincolo di finalità).

COOKIE DI TERZA PARTE Sono codificati come equiparabili ai cookie tecnici, poichè sono utilizzati con mascherazione dell’indirizzo IP, senza combinazione con altre elaborazioni e senza trasmissione ad ulteriori soggetti terzi.

Profilativi e analitici identificativi

Definire dei profili identificativi delle preferenze e delle abitudini dell’utente

Sono codificati come profilativi poichè vengono utilizzati per ricondurre a soggetti determinati, identificati o identificabili, specifiche azioni o schemicomportamentali ricorrenti nell’uso delle funzionalità offerte (pattern) al fine del raggruppamento dei diversi profili all’interno di cluster omogenei di diversa ampiezza, in modo che sia possibile anche modulare la fornitura del servizio in modo sempre più personalizzato, nonchè inviare messaggi pubblicitari mirati, cioè in linea con le preferenze manifestate dall’utente nell’ambito della navigazione in rete.

The website may contain links to third-party sites and third-party cookies; for more information, please see the privacy policy of any linked sites.


Managing preferences using the main browsers

You can decide whether or not to accept cookies using your browser settings (note that by default almost all web browsers are set to automatically accept cookies). The settings can be changed and defined specifically for different websites and web applications. In addition, the best browsers allow you to define different settings for “proprietary” cookies and for “third party" cookies. Usually, cookies are configured from the “Preferences”, “Tools” or “Options” menu.


The links to the cookies management guides of the main browsers are as follows:

Internet Explorer:
Internet Explorer [versione mobile]:
Safari [versione mobile]:


More information

1.3 Website-specific functions


Some pages of the website may involve requesting information from the browser in relation to specific services (e.g. request information, user registration, work with us, etc.).

Purposes and legal basis for the processing (GDPR-Art.13(1)c)    

Only the data necessary for the correct provision of the service and necessary to give a correct and exhaustive response to the data subjects will be requested. The processing is subject to the acceptance of specific, free and informed consent (GDPR-Art.6(1)a)

Scope of communication (GDPR-Art.13(1)e and f)    The data are only processed by personnel duly authorised and instructed in the processing (GDPR-Art.29) or by any subjects in charge of the maintenance of the web platform (in this case appointed external data processors). The data will not be disclosed or transferred to non-EU countries (unless in compliance with the requirements of Chapter V of the GDPR).


Data retention period (GDPR-Art.13(2)a)  

The data are retained for periods compatible with the purpose of collection

Provision of data (GDPR-Art.13(2)f)  

The provision of data referring to mandatory fields is necessary in order to obtain a response, while the optional fields are aimed at providing staff with additional useful elements to facilitate contact.

1.4 Data provided voluntarily by the user


The optional, explicit and voluntary sending of e-mails and/or ordinary mail to the addresses listed on this site will result in acquisition of the sender's email address, which is essential for responding to the requests, as well as any other personal data included in the message. If the sender submits his/her CV with a professional application, he/she remains solely responsible for the relevance and accuracy of the data sent. Please note that any CVs without authorisation for data processing will be deleted immediately.


2.1 Purpose of the processing

The company processes personal identification data of customers/suppliers (for example, name, surname, company name, personal/tax data, address, telephone, e-mail, bank and payment references) and any operational contacts (name, surname and contact details) acquired and used in the provision of the products/services provided.


2.2 Purposes and legal basis for the processing

The data are processed for:

  • concluding contractual/professional relationships and providing services;

  • fulfilling pre-contractual, contractual and tax obligations arising from existing relationships, as well as managing the necessary communications related to them;

  • fulfilling obligations imposed by laws, regulations, Community legislation or an order of the Authority;

  • exercising a legitimate interest as well as a right of the Controller (for example: the right of defence in court, the protection of credit positions; ordinary internal operational, management and accounting requirements).

Failure to provide the above data will make it impossible to establish a relationship with the Controller. Pursuant to Art.6(1)b,c and f, the aforementioned purposes represent suitable legal bases for the lawfulness of processing. If processing is intended for different purposes (e.g. marketing communications, production of photo/video content, etc.), a specific consent will be requested from the data subjects.


2.3 Methods of processing and retention time

The personal data is processed by means of the operations indicated in Art. 4(2) of the GDPR and specifically: collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure and destruction of data. Personal data are processed both on paper and electronically. The Controller will process the personal data for the time necessary to fulfil the purposes for which they were collected and related legal obligations.


2.4 Scope of processing

The data are processed by internal personnel, duly authorised and instructed pursuant to Art. 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise indications on any external Data Processors or Independent Controllers (consultants, technicians, banking institutions, carriers, etc.). The data may be transferred outside the EU as part of the management of international contracts, in compliance with the conditions of Chapter V of the GDPR, aimed at ensuring that the level of protection of the data subjects is not affected (“Art.45 Transfers on the basis of an adequacy decision, Art.46 Transfers subject to appropriate safeguards, Art.47 Binding corporate rules, Art.49 Derogations for specific situations”). The data are not subject to automated processes that produce significant consequences for the data subject.






Please note that this policy may be subject to periodic review, also in relation to the relevant legislation and case law. Appropriate highlighting of any significant changes will be given on the homepage of the website for a reasonable period of time. Data subjects are in any case invited to periodically consult this policy.

bottom of page