The purpose of this document is to inform the natural persons to whom the Personal Data being processed refer (hereinafter the "Data Subjects") with regard to the Personal Data collected by the Data Controller , as subsequently identified.

The Data Controller may modify or simply update, in whole or in part, this Information by informing the interested parties.


Data Controller

The Data Controller is Da.Ri.Pa. S.r.l. with registered office in Via G. Leopardi, 48 Tax Code / VAT Number < span style="font-size: 12pt; font-family: 'Times New Roman', serif;">02320050756  ZIP code 73100 e-mail address, telephone 0832 390531


We also inform you that your personal data will also be known by the collaborators of Da.Ri.Pa. S.r.l. which, for various reasons by virtue of a specific appointment or authorization, will process your data for the purposes for which they were collected in compliance with the provisions of the GDPR 2016/679.


To get an updated list of Data Processors and Data Processors, you can send an email to


Personal Data collected

The Data Controller collects the following types of Personal Data:

User identification data requested when registering on the site: such as name, surname, date of birth, city of origin, mail, telephone number, etc.

Navigation data: The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment. This data is used on this site for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site. For these data, and limitedly for the aforementioned purpose, it is not necessary to request consent.

Data provided voluntarily by the user: The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site or completing the form in the specific sections with the mandatory and optional fields, involves the subsequent acquisition of information and the sender's address, necessary to respond to requests for services and/or information. For these data, and limitedly for the aforementioned purpose, it is not necessary to request consent.

Data relating to customer activities: such as, for example, tracking of purchases, tracking habits of customer, etc.

The failure by the interested party to provide Personal Data, for which there is a legal, contractual obligation or if they constitute a necessary requirement for the use of the service or for the conclusion of the contract will make it impossible for the Data Controller to provide all or part of its services.
The interested party who communicates third party Personal Data to the Data Controller is directly and exclusively responsible for their origin, collection, treatment, communication or dissemination.


Purpose of the Processing

The Personal Data collected can be used for the execution of contractual and pre-contractual obligations, for legal obligations and for the following purposes:

  • follow up requests or reports from the interested party, offer commercial assistance and customer care services;
  • carry out the administrative and accounting management by communicating the Data to the Tax Consultant;
  • comply with the obligations incumbent on the Data Controller and provided for by current legislation;
  • Security of systems, goods and people;
  • Management of suppliers and partners (supplier administration, orders, payments, etc.);
  • User database management;
  • Management of payments by credit card, bank transfer or other instruments;
  • Sending of advertising or commercial communications by any suitable means;
  • Business affiliation;
  • Comments and feedback.


Legal basis of the treatment

The legal basis of the processing for all the purposes indicated above is the consent of the interested party.


Treatment Methods

The Processing of Personal Data is carried out using paper, computerized and/or telematic tools, all in compliance with the provisions of the GDPR 2016/679, with organizational methods and with logic strictly related to the purposes indicated.

In some cases, individuals involved in the organization of the Data Controller may also have access to Personal Data (such as, for example, personnel management, sales area employees, administrators system, etc.) or external subjects (such as IT companies, service providers, postal carriers, hosting providers, etc.). When necessary, these subjects may be appointed as Data Processors by the Data Controller, access the Personal Data of the Data Subjects whenever necessary and will be contractually obliged to keep the Personal Data confidential.

The updated list of Managers can be requested via email at

Place of treatment

Personal Data is processed at the Data Controller's operating offices and in any other place where the parties involved in the Processing are located. For further information, the interested party can contact the Data Controller at the following email address and at the postal address < br />Via G. Leopardi, 48 – 73100 Lecce

Automated decision-making processes

All the Data collected will not be subject to any automated decision-making process, including profiling, which may produce legal effects for the person or which may significantly affect him .


Transfer of personal data

His data will not be transferred to third countries outside the European Union.


Security measures

The Processing is carried out according to methods and with tools suitable for guaranteeing the security and confidentiality of Personal Data, since the Data Controller has adopted adequate technical and organizational measures which guarantee, and allow to demonstrate that the Processing is carried out in compliance with the relevant legislation.

Retention period of Personal Data

The Data Controller will process the Personal Data for the time necessary to fulfill the purposes connected with the execution of the contract between the Data Controller and the Data Subject and no later than the duration of years 10 from the termination of the relationship with the interested party and in any case until the completion of the limitation period established by the regulations in force.

When the Processing of Personal Data is necessary for the pursuit of a legitimate interest of the Data Controller, the Personal Data will be kept until such interest is satisfied.
If the Processing of Personal Data is based on the consent of the interested party, the Data Controller may keep the Personal Data until it is revoked by the interested party.

Personal Data may be kept for a longer period if necessary to fulfill a legal obligation or by order of an authority.

All Personal Data will be deleted upon expiry of the retention period.

At the expiry of this term, the right of access, cancellation, rectification and the right to the portability of Personal Data can no longer be exercised.


Rights of the interested party

The interested parties can exercise certain rights with reference to the Personal Data processed by the Owner.

In particular, the interested party has the right to:

  • revoke consent at any time;
  • object to the Processing of your Personal Data;
  • access your Personal Data;
  • verify and ask for rectification;
  • obtain the limitation of the Processing;
  • obtain the cancellation of their Personal Data;
  • receive their Personal Data or have them transferred to another holder;
  • propose a complaint to the Personal Data Protection Supervisory Authority and/or take legal action.

To exercise their rights, interested parties can send a request to the contact details of the Data Controller indicated in this document (email address

Requests are made free of charge and processed by the Data Controller as soon as possible, in any case within 30 days.

Last Updated: 6/06/2021