top of page

Privacy Policy

 INFORMATION ON THE PROCESSING OF PERSONAL DATA
(EU Regulation No. 679 of 27 April 2016 – hereinafter “GDPR”)
 

Dear Customer,

Protecting privacy and the security of personal data are matters to which D&D S.N.C. pays particular attention in every professional relationship. We take our responsibility for safeguarding your information and personal data very seriously.

D&D S.N.C. respects the confidentiality of personal and special-category data and always acts in accordance with all applicable laws, undertaking to protect such data and to guarantee maximum transparency about how it is collected, processed and stored.

Pursuant to the European General Data Protection Regulation (EU Regulation 679/2016, “GDPR”), D&D S.N.C. issues this notice to inform you that your data are processed in the ways and for the purposes described below.
 

Categories of Data Processed

  • Special-category data – e.g. racial or ethnic origin, religious or philosophical beliefs, political opinions, trade-union membership, health or sex-life information. Processing requires the data subject’s explicit consent.

  • Ordinary personal data – e.g. contact or identification details. These may be processed on the basis of this prior information notice, in compliance with the GDPR.


Purpose of the Processing

D&D S.N.C. processes personal data, including any special-category data supplied freely and knowingly, solely for the professional services requested and accepted. In accordance with the GDPR, processing is carried out under the principles of fairness, lawfulness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, confidentiality and accountability, while safeguarding the privacy and rights of the data subject.

Providing the requested data—and the related processing—is mandatory for contractual and fiscal purposes. Failure to provide complete data for these purposes may make it impossible to perform the processing and thus to begin or continue the professional relationship or fulfil the assigned mandate.

Any optional, explicit and voluntary e-mail sent to the addresses of D&D S.N.C. entails acquisition of the sender’s address (needed to reply), as well as any other personal data included in the message or its attachments.
 

Direct Marketing and Right to Object

Personal data may be used for marketing purposes (sending advertising material, direct sales, market research, commercial communications) by automated means (SMS, MMS, fax, automated voice calls, e-mail, web apps) and traditional means (operator-assisted phone calls). Under Article 21 GDPR, the data subject has the right to object at any time to processing for direct-marketing purposes, including profiling related to such marketing.


Detailed Purposes of Processing

Data are processed lawfully, fairly and transparently—using manual, IT and telematic tools strictly related to the purposes below—in order to:

  • fulfil pre-contractual, contractual and fiscal obligations arising from existing relationships;

  • comply with legal, regulatory, EU or Authority orders (e.g. anti-money-laundering, anti-terrorism);

  • exercise D&D S.N.C.’s right of defence in court;

  • detect and prevent security threats, fraud and other harmful activities, and protect/enforce the rights of D&D S.N.C. or third parties.


Methods of Processing

Processing operations may include collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure and destruction. Data are processed on paper and electronically, with or without automated procedures.

D&D S.N.C. retains data for as long as needed to achieve the stated purposes, for the retention period of the documents containing them, and in any case no longer than 10 years after the end of the relationship for service purposes.


Access to Data

Data may be made accessible, solely for the purposes indicated, to:

  • our employees and collaborators, in their capacity as authorised personnel and/or internal processors;

  • third-party companies or other subjects performing outsourced activities on our behalf, each providing independent guarantees of GDPR compliance.

Data Recipients

Without needing express consent, D&D S.N.C. may communicate data to judicial authorities and to any parties to whom disclosure is obligatory by law for the stated purposes and for performance of the mandate. These parties will process the data as independent controllers. Your data will not be disseminated to others.


Data Controller

D&D S.N.C.
Registered office: Sestiere Cannaregio 5101, 30121 Venice, Italy
Tax/ VAT No.: 04897560274

Documentation is available at the D&D S.N.C. secretariat.

Contact details
E-mail: derosevenice@gmail.com
Tel.: +39 340 555 2204
Certified e-mail (PEC): ddvenice@pec.it


Data Processors

The processors are Mr Carlo Donà dalle Rose and Mr Tommaso De Pietri.
Contact: derosevenice@gmail.com


Rights of the Data Subject

You may exercise the following rights at any time:

  • Request written information about the data stored or held by D&D S.N.C.

  • Access, rectify or erase your data; restrict or object to processing.

  • Data portability.

  • Withdraw consent without affecting the lawfulness of processing based on consent before withdrawal.

  • Lodge a complaint with the Supervisory Authority.

  • Obtain confirmation of the existence of personal data concerning you—even if not yet recorded—and receive them in intelligible form, including their origin, purposes and methods of processing.



Venice, 24 April 2025
D&D S.N.C.

bottom of page