Privacy Policy

Privacy Policy for the Processing of Personal Data collected through this website

1. Introduction and Legal References
This policy describes the processing of personal data collected through this website, including data acquired via cookies, tracking technologies and — where present — contact forms, reserved areas, digital services and economic transactions carried out electronically.
This policy applies to anyone accessing or using this website, and describes the methods of collection, use and protection of the user’s personal data, as well as the rights granted by law.
These provisions do not cover other websites, pages or online services accessible through external links that may be present on the site; please refer to their respective privacy policies.
This policy is provided in compliance with the main national and international regulations on personal data protection, including:

  • Regulation (EU) 2016/679 (GDPR)
  • Other applicable regulations, where relevant.

2. Who manages your data and how can you contact us?
Your personal data is processed by:
ICM S.r.l.
Via Don Sasselli d’Era, 26 | 37041 Albaredo d’Adige (VR) | Italy
info@icmcave.com
VAT number: 02895560239

For any information regarding the processing of personal data or to exercise the rights provided by applicable law, data subjects may contact the Data Controller.

3. On what legal bases do we process your data?
The processing of personal data collected through this website (including data collected via cookies, similar technologies, contact forms, reserved areas, digital services and transactions, where applicable) is based on one or more of the following legal grounds:

  1. Performance of a service or pre-contractual activity requested by the user through the contact forms provided;
  2. Compliance with legal obligations, regulations or rules;

An additional legal basis, the legitimate interest of the Data Controller, may be used for specific purposes (e.g. ensuring IT security, preventing fraud, protecting the Data Controller’s rights in judicial proceedings).

Failure to consent, or withdrawal of consent, may reduce or limit certain features or personalized services.

4. What data do we collect when you visit the site?
While browsing this website, the following data may be collected, including through cookies and similar technologies such as pixel tags, web beacons, local storage and equivalent technologies:

  • Browsing and technical data: information such as IP address, device identifiers, data relating to operating system and browser, requested URLs, connection times, technical logs, technical preferences, usage data collected through cookies and tracking technologies (pixel tags, web beacons, local storage and equivalent tools).

  • Data communicated through social integrations and third-party platforms: data transmitted through social features (login, plugins, sharing, etc.), processed according to the rules of the relevant platforms in addition to this policy.

5. How do we process your data, how do we protect it, and for how long do we keep it?
Personal data collected through this website is processed mainly using electronic and digital tools, in accordance with the principles of lawfulness, fairness, data minimization, integrity and confidentiality.

Data is retained according to the following timeframes:

  • Cookie preferences and consents: retained for 180 days, as indicated in the Cookie Policy available on this site.
  • Browsing and technical data: retained only for the time necessary to ensure the security, integrity and functionality of the site, and subsequently anonymized or aggregated.
  • Data collected for contractual and transactional purposes: retained for the time required by applicable laws (e.g. tax or accounting regulations).
  • Data processed for marketing purposes: retained until consent is withdrawn or a deletion request is made.
  • Data entered through forms or specific requests: retained for the time necessary to respond to or fulfill the relevant purpose.

6. Who may receive your data?
The following parties may access personal data collected through this website, within the limits of their respective duties and purposes:

  • Authorized internal personnel of the Data Controller, duly trained in privacy and security matters;
  • Suppliers and third parties appointed as Data Processors (e.g. technical providers, IT companies, customer service companies, consultants, payment service providers and logistics providers, where applicable);
  • Business partners, third parties and affiliates, exclusively for promotional/marketing purposes if you have given specific consent or exercised the opt-out where provided;
  • Providers of plugins, social networks and interaction services with external platforms, which may process personal data according to their own rules as independent data controllers (in this case, please also consult the individual privacy policies of such third parties);
  • Competent public authorities and supervisory bodies, within the limits imposed by law or to comply with requests from judicial authorities;

An updated list of external recipients is available upon request by writing to the Data Controller’s contact details.

7. Where may your data be transferred?
Personal data collected through this website may be processed and transferred — according to the purposes indicated — to the following countries:

  • countries within the European Economic Area (EEA), Switzerland, or other countries recognized by the competent authorities as providing an “adequate” level of protection as required by law;

Updated list of “trusted” countries:

 

8. What are your rights regarding the data collected?
Under applicable law, the user has the right to:

  • Obtain confirmation as to whether or not personal data concerning them is being processed and, if so, obtain access to such data and related information (right of access).
  • Request the rectification, updating or erasure of inaccurate or no longer necessary data (right to rectification and erasure).
  • Request the restriction of, or object to, the processing of data, including for promotional/profiling purposes, where applicable.
  • Request data portability in a structured and interoperable format (where technically possible).
  • Withdraw consent given for the use of non-technical cookies and for the processing of data collected through tracking tools.
  • Report any irregularities or abuses to the competent supervisory authorities.

To exercise these rights, simply send a request to the Data Controller’s contact details, who will respond within the timeframes set out by the applicable local regulation.

 

9. How is children’s data processed?
The protection of minors is a fundamental priority.

The services and content of this website are not intended for individuals under 18 years of age.

We do not knowingly collect personal data from minors without the verifiable consent of a parent or legal guardian.

Should a parent or guardian believe that a minor has provided personal data without authorization, they may request its removal, updating, or restriction of processing by writing to the contact details indicated in this policy.

 

10. How to file reports or complaints with the authorities?
If you believe that the processing of your personal data through this website does not comply with applicable regulations, you may file a complaint free of charge with the competent supervisory Authorities, including:

 

How will we inform you of changes to this policy?
This policy is subject to periodic review to reflect regulatory updates or changes to the services offered through the website. Any significant changes will be communicated via this page.