PRIVACY NOTICE PURSUANT TO ARTICLES 13–14 OF THE GDPR
GENERAL DATA PROTECTION REGULATION 2016/679

Data Controller: SERPELLONI SRL, sole shareholder company
Registered office: Via Brigata Regina 18A – 37139 Verona (VR) – Italy
Tax Code and VAT No.: 04857480232
Phone number: +39 347 018 6548
Email: sales@wegreen.info
PEC (certified email): serpelloni_srl@pec.it
Website: https://www.wegreen.info

Types of Data Collected

Among the Personal Data collected by this Application, either independently or through third parties, are: Cookies; Usage Data; first name; last name; email address; message.
Full details on each type of Data collected are provided in the dedicated sections of this Privacy Policy or by means of specific information notices displayed prior to the Data collection.

Personal Data may be freely provided by the User, or, in the case of Usage Data, collected automatically during the use of this Application.
Unless otherwise specified, all Data requested by this Application are mandatory. Failure to provide them may make it impossible for this Application to provide its Services. In cases where this Application specifically indicates certain Data as optional, Users are free to refrain from communicating such Data without affecting the availability or functionality of the Service.

Users who are uncertain about which Personal Data are mandatory are encouraged to contact the Data Controller.
Any use of Cookies – or other tracking tools – by this Application or by the third-party service providers used by this Application, unless otherwise stated, serves the purpose of providing the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy, if available.

The User assumes responsibility for the Personal Data of third parties obtained, published, or shared through this Application and declares to have the right to communicate or disclose them, releasing the Controller from any liability towards third parties.

Methods and Place of Processing the Collected Data
Processing Methods and Recipients

The Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data.

Processing is carried out using IT and/or telecommunication tools, with organizational methods and logics strictly related to the stated purposes. In addition to the Controller, in some cases, the Data may be accessible to certain categories of persons involved in the operation of this Application (administrative, commercial, marketing, legal, system administration staff) or to external parties (such as third-party technical service providers, postal carriers, hosting providers, IT companies, communication agencies), also appointed, if necessary, as Data Processors by the Controller. The updated list of Data Processors may be requested from the Data Controller at any time.

Legal Basis of Processing

The Controller processes Personal Data relating to the User if one of the following applies:

  • the User has given consent for one or more specific purposes;
    (Note: In some jurisdictions, the Controller may be allowed to process Personal Data without the User’s consent or another of the legal bases described below, until the User objects – “opt-out” – to such processing. This does not apply where the processing of Personal Data is subject to European data protection law);

  • processing is necessary for the performance of a contract with the User and/or for any pre-contractual obligations thereof;

  • processing is necessary for compliance with a legal obligation to which the Controller is subject;

  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.

It is always possible to request the Controller to clarify the specific legal basis for each processing, and in particular to specify whether the processing is based on law, required by a contract, or necessary to enter into a contract.

Place of Processing

Data are processed at the Controller’s operational offices and in any other place where the parties involved in the processing are located. For further information, please contact the Controller.

The User’s Personal Data may be transferred to a country other than the one in which the User is located. To obtain further information on the place of processing, the User may refer to the relevant section of this document or request information directly from the Controller.

The User is entitled to obtain information regarding the legal basis of Data transfers outside the European Union or to an international organization governed by public international law or set up by two or more countries (such as the UN), as well as regarding the security measures adopted by the Controller to protect the Data.

The User may verify whether one of the above-mentioned transfers takes place by examining the relevant section of this document or by asking the Controller.

Data Retention Period

Data are processed and stored for as long as required by the purposes for which they have been collected.
Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Controller and the User shall be retained until such contract has been fully performed, and in any case for no longer than 10 years from its termination.

  • When processing is based on the User’s consent, the Controller may retain Personal Data for longer until such consent is withdrawn. In addition, the Controller may be obliged to retain Personal Data for a longer period to comply with a legal obligation or an order of an authority.

At the end of the retention period, Personal Data shall be deleted. Therefore, the right of access, erasure, rectification, and the right to Data portability can no longer be exercised after expiry of this period.

Purposes of Processing Collected Data

The User’s Data are collected to allow the Controller to provide its Services, as well as for the following purposes:

  • displaying content from external platforms;

  • receiving CVs spontaneously submitted by applicants for the purpose of establishing an employment relationship;

  • sending newsletters, commercial communications and/or advertising material via email regarding products and/or services, similar and/or different from those already purchased, offered by the Controller;

  • contacting the User in response to information requests.

For detailed information on the purposes of processing and on the specific Personal Data used for each purpose, Users may refer to the relevant sections of this document.

Details on the Processing of Personal Data
Contacting the User – Contact Form (This Application)

By filling in their Data in the contact form, the User consents to their use for replying to requests for information, estimates, or any other kind of request as indicated by the form’s header, for the potential establishment of an employment relationship, and for the sending of newsletters, commercial communications and/or advertising material regarding products and/or services, similar and/or different from those already purchased, offered by the Controller.
Personal Data collected: last name; first name; phone number; email.

Displaying Content from External Platforms

This type of service allows you to view content hosted on external platforms directly from the pages of this Application and to interact with them.
In the event that such a service is installed, it may still collect traffic data relating to the pages where it is installed, even when Users do not use it.

Google Maps Widget (Google Inc.)
Google Maps is a maps visualization service provided by Google Inc. that allows this Application to incorporate such content within its pages.
Personal Data collected: Cookies; Usage Data.
Place of processing: USA – Privacy Policy . ( https://policies.google.com/privacy?hl=it&gl=it )

Users’ Rights

Users may exercise certain rights regarding their Data processed by the Controller.

In particular, Users have the right to:

  • withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data;

  • object to the processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent;

  • access their Data. Users have the right to learn if Data are being processed by the Controller, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing;

  • verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected;

  • restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Controller will not process their Data for any purpose other than storing it;

  • have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Controller;

  • receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data are processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of, or on pre-contractual obligations thereof;

  • lodge a complaint. Users have the right to bring a claim before their competent data protection authority or to take legal action.

Details on the Right to Object

Where Personal Data are processed for a public interest, in the exercise of an official authority vested in the Controller, or for the purposes of the legitimate interests pursued by the Controller, Users may object to such processing by providing a ground related to their particular situation.

Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification. To learn whether the Controller is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.

How to Exercise Rights

To exercise their rights, Users may submit a request to the Controller using the contact details provided in this document. Users may also use the standard form for exercising data protection rights made available by the Italian Data Protection Authority at the following address:
https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1089924

Requests can be exercised free of charge and will be processed by the Controller as soon as possible and always within one month (which may be extended to three months in cases of particular complexity).

Additional Information on Processing

Legal Defence
The User’s Personal Data may be used by the Controller in legal proceedings or in the preparatory stages leading to possible legal action arising from the improper use of this Application or the related Services by the User.
The User declares to be aware that the Controller may be obliged to disclose Personal Data upon request of public authorities.

Specific Information
Upon the User’s request, in addition to the information contained in this Privacy Policy, this Application may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.

System Logs and Maintenance
For operation and maintenance purposes, this Application and any third-party services used by it may collect system logs, i.e. files that record interactions and which may also contain Personal Data, such as the User’s IP address.

Information Not Contained in this Policy
More details concerning the collection or processing of Personal Data may be requested from the Controller at any time using the contact details provided.

“Do Not Track” Requests
This Application does not support “Do Not Track” requests.
To determine whether any of the third-party services it uses support such requests, Users are invited to consult the respective privacy policies.

Changes to this Privacy Policy
The Controller reserves the right to make changes to this Privacy Policy at any time by giving notice to Users on this page and, if possible, within this Application as well as, when technically and legally feasible, by sending a notification to Users via one of the contact details held by the Controller. Users are therefore advised to check this page regularly, referring to the date of the last modification indicated at the bottom.

Where changes affect processing whose legal basis is consent, the Controller shall collect the User’s consent again, if necessary.

Definitions and Legal References

Personal Data (or Data)
Any information that, directly or indirectly, also in connection with any other information, including a personal identification number, allows the identification or identifiability of a natural person.

Usage Data
Information collected automatically through this Application (or through third-party services integrated into this Application), including: the IP addresses or domain names of the computers used by the User, the URI (Uniform Resource Identifier) addresses, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s response (successful outcome, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various time details of the visit (e.g., the time spent on each page), and the details relating to the path followed within the Application, with particular reference to the sequence of pages consulted, and other parameters regarding the User’s operating system and IT environment.

User
The individual using this Application who, unless otherwise specified, coincides with the Data Subject.

Data Subject
The natural person to whom the Personal Data refers.

Data Processor (or Processor)
The natural or legal person, public authority, agency, or other body that processes Personal Data on behalf of the Controller, as described in this Privacy Policy.

Data Controller (or Controller)
The natural or legal person, public authority, service, or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the owner of this Application.

This Application
The hardware or software tool by which the User’s Personal Data are collected and processed.

Service
The service provided by this Application as described in the relative terms (if available) on this website/application.

European Union (or EU)
Unless otherwise specified, any reference in this document to the European Union includes all current member states of the European Union and the European Economic Area.

Cookie
A small piece of data stored within the User’s device.

Legal References

This Privacy Policy has been prepared based on multiple legislative systems, including Articles 13 and 14 of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR).
Unless otherwise specified, this Privacy Policy relates exclusively to this website

last change: 27 August 2025