PRIVACY

Privacy Statement

The term Mansueto Group (hereinafter also referred to as “Mansueto”) shall cover a group of professional firms, composed by Mansueto s.r.l. and Mansueto Marine s.r.l., including their subsidiary companies, providing a broad range of products and services for the maritime and transportation industry, building and property sector, customs, accounting and fiscal divisions. Mansueto is committed to protecting your privacy. This commitment reflects the value we place on earning and keeping the trust of our customers, suppliers, employers, business partners and others who share their personal information with us.

What does this Privacy Statement do?

This Privacy Statement ("Statement") explains Mansueto’s information processing practices. It applies to any personal information you provide to Mansueto and any personal information we collect from other sources. This Statement is a statement of our practices and of your rights regarding your personal information. This is not a contractual document, and it does not create any rights or obligations on either party, beyond those which already exist under data protection laws. This Statement does not apply to your use of a third party site linked to on this website.

Who is responsible for your information?

Throughout this Statement, "Mansueto" refers to Mansueto Marine s.r.l., including its affiliated companies and subsidiaries (also referred to as "we", "us", or "our"). The Mansueto entity responsible for your personal information (and the controller for the purposes of data protection laws) will be the member of Mansueto that originally collects information from or about you. This may also be explained in separate privacy notices made available when your personal information are first collected by that Mansueto entity, for example where you or the business you work for engages us to provide a service. Some of the services which Mansueto provides to its clients are provided as a processor, which means that the Client remains primarily responsible for your information. In these circumstances, we may re-direct a query about our use of your information to our client.

Quick read:

Mansueto collects personal information from or about its clients to provide the supply of goods and services in the industries and branches of the market where Mansueto operates, including the contractual, pre-contractual, commercial, logistics, technical and consulting activities. Mansueto also collects some personal information directly, for example over its websites and applications. Mansueto uses personal information to deliver supplies and services to clients. For its own purposes, it also uses personal information to analyze and improve how it delivers those supplies and services, to contact representatives of its clients or prospective clients and to market to them. If Mansueto uses your personal information, you will have certain important rights which you can exercise. The rights you will be able to exercise will depend on how and why Mansueto uses your information. If you have any questions, would like further information about our privacy and information handling practices, would like to discuss opt-outs or withdrawing consent, or would like to make a complaint about a breach of the Act or this Statement, please contact the Privacy Officer: privacy@mansuetomarine.it. Alternatively, you have the right to contact your local Data Protection Authority. If you have any questions relating to this Statement, please contact us at Mansueto Marine s.r.l. , Via Volta n. 125 – 18038 Sanremo (IM), Italy, VAT n. IT 01315680080. Email address: privacy@mansuetomarine.it.

When and how do we collect your information?

Mansueto collects personal information in the following ways: When we perform services for our clients. When we supplies goods and products. When you request a service from us. When you request goods and products from us. When you register with or use any of our websites or applications. When you attend a Mansueto site or event. When you apply for a position at Mansueto. If you contact us with a complaint or query. When you engage with us over social media.

What information do we collect?

Information you provide to us For purposes of this Statement, "website" includes our mobile applications. When you request services, we ask that you provide accurate and necessary information that enables us to respond to your request. When a visitor provides personal information to us, we use it for the purposes for which it was provided to us as stated at the point of collection or as obvious from the context of collection, for example providing a quote for goods to supply or services to perform, applying for a position at Mansueto or creating a profile on a website or application.

1. Information we collect from clients or third parties

By way of example and without any limitation you can voluntarily provide your personal information to us through the fulfillments of digital and papers forms to request for and avail of certain kind of specific services or by voluntarily sending an email to the email addresses listed onto our websites or mobile applications. The kind of information collected through the forms are necessary to allow you to request and access the services available on our websites and we will not use it for any other purposes. Some of the information requested by the forms are mandatory (required fields) as necessary for Mansueto to complete the service required by you. You are always able to recognize the mandatory information required as the relevant field is marked with a [*] (or any other highly-distinctive identification symbol). When we provide the services listed above for our clients, we may collect personal information such as but with no limitation to your name, contact details, email address, telephone number, date of birth, job, position, gender, marital status, bank and financial details, credit card details, identification document number and validity, driver’s license number and validity, nationality and spoken languages. We may also collect (in each case as strictly relevant to the services we provide) sensitive information about you, such as criminal convictions or health information in relation to life, health and professional liability. Most of the personal information we receive relates to your specific need to obtain a special service from us. More information about the personal information collected for each of our services, together with the purpose and legal basis for collecting the information, will be provided to you in separate privacy notices which are relevant to the services which affect you. Mansueto could request you to provide your preferences of contact about the possible sending of newsletter, as per required by you. We will not collect any sensitive information through our website unless this is required. Sensitive information includes a number of types of data relating to: race or ethnic origin; political opinions; religious or other similar beliefs; trade union membership; physical or mental health; sexual life or criminal record. We suggest that you do not provide sensitive information of this nature unless we specifically request this information. If you provide us with sensitive personal information, you understand and give your explicit consent that we may collect, use and disclose this information to appropriate third parties for the purposes described in this Statement. If you provide personal information about other individuals such as employees or dependents, you must obtain their consent prior to your disclosure to us.

2. Information we collect over Mansueto websites, mobile applications and social media

We may ask you for some or all of the following types of information when you register for events, request products or services, manage accounts, access various content and features or directly visit our websites. This includes, but is not limited to: Contact information, such as name, e-mail address, postal address, phone number and mobile number; User name, password, password reminder questions and password answers; Communication preferences, such as which newsletters you would like to receive; Search queries; Contact information about others when you refer a friend to a particular site or service (note: this information is used solely to facilitate requested communications); and Information posted in community discussions and other interactive online features. In some instances, we automatically collect certain types of information when you visit our websites and through e-mails that we may exchange. Automated technologies may include the use of web server logs to collect IP addresses, "cookies" and web beacons. Further information about our use of cookies can be found in our Cookie Notice.

3. Social Media

You can engage with us through social media websites or through features such as plug-ins or applications on Mansueto websites that integrate with social media sites. You may also choose to link your account with us to third party social media sites. When you link your account or engage with us on or through third party social media sites, plug-ins, or applications, you may allow us to have ongoing access to certain information from your social media account (e.g., name, e-mail address, photo, gender, birthday, the posts or the 'likes' you make). If you post information when you interact with our websites through social media sites, plug-ins or other applications, depending on your privacy settings, this information may become public on the Internet. You can control what information you share through privacy settings available on some social media sites. For more information about how you can customize your privacy settings and how third party social media sites handle your personally identifiable information, please refer to their privacy help guides, privacy notices and terms of use.

4. Mobile Devices

If you access our websites on your mobile telephone or mobile device, we may also collect your unique device identifier and mobile device IP address, as well as information about your device's operating system, mobile carrier and your location information. We may also ask you to consent to providing your mobile phone number (for example, so that we can send you push notifications).

How do we use your personal information?

The following is a summary of the purposes for which we use personal information. More information about the personal information collected for each of our services, together with the purpose and legal basis for collecting the information, will be provided to you in separate privacy notices which are relevant to the services which affect you.

1. Performing services for our clients

We process personal information which our clients provide to us or about them in order to perform the supply of goods and services in the industries and branches of the market where Mansueto operates, including the contractual, pre-contractual, commercial, logistics, technical and consulting activities. This may impact you, for example, where you are the employee of our client. The precise purposes for which your personal information is processed will be determined by the scope and specification of our client engagement, and by applicable laws, regulatory guidance and professional standards. It is the obligation of our client to ensure that you understand that your personal information will be disclosed to Mansueto (or to service providers such as Mansueto). For the hereinbefore provided purposes only, your personal information could be shared with: collaborators and employee of the companies under the Mansueto Group; suppliers of goods and services available on our websites; other companies of the Mansueto Group; and partner network of Mansueto. Mansueto also collects some personal information directly, for example over its websites and applications.

2. Administering our client engagements

We process personal information about our clients and the individual representatives of our corporate clients in order to: carry out "Know Your Client" checks and screening prior to starting a new engagement; carry out client communication, service, billing and administration; deal with client complaints; administer claims.

3. Contacting and marketing our clients and prospective clients

We process personal information about our clients and the individual representatives of our corporate clients in order to: contact our clients in relation to current, future and proposed engagements; send our clients newsletters, know-how, promotional material and other marketing communications; invite our clients to events (and arrange and administer those events).

4. Conducting data analytics

Mansueto is an innovative business, which relies on developing sophisticated products and services by drawing on our experience from prior engagements. Mansueto is not concerned with an analysis of identifiable individuals, and we take steps to ensure that your rights and the legitimacy of Mansueto's activities are ensured through the use of aggregated or otherwise de-identified data.

5. Legal basis

All processing (i.e. use) of your personal information is justified by a "lawful basis" for processing. In the majority of cases, processing will be justified on the basis that: the processing is necessary for the performance of a contract to which you are a party, or to take steps (at your request) to enter into a contract, according to art. 6 co. 1 letter b) General Data Protection Regulation UE 2016/679, hereinafter also referred to as just “GDPR”. the processing is in our legitimate commercial interests, subject to your interests and fundamental rights (e.g. where we use personal information provided to us by our clients to deliver our products and services, and that processing is not necessary in relation to a contract to which you are a party); or the processing is necessary for us to comply with a relevant legal obligation (e.g. where we are required to collect certain information about our clients for tax or accounting purposes, or where we are required to make disclosures to courts or regulators) according to art. 6 co. 1 letter c) GDPR. In limited circumstances, we will use your consent as the basis for processing your personal information, for example, where we are required to obtain your prior consent in order to send you marketing communications. Before collecting and/or using any special categories of data, or criminal record data, we will establish a lawful exemption which will allow us to use that information. This exemption will typically be: your explicit consent; the establishment, exercise or defense by us or third parties of legal claims; or a context specific exemption provided for under local laws of EU Member States and other countries implementing the GDPR, such as in relation to the processing of special category data for insurance purposes, or for determining benefits under an occupational pension scheme.

Do we collect information from children?

Our websites are not directed to children and we do not knowingly collect personal information from children on our websites. Children are prohibited from using our websites. In the light of this and despite we do not provide any products or services directly to children, we could process children’s personal information only insofar as strictly necessary to provide the required goods and services and solely if consciously agreed by the children’s parents and shared by them.

How long do we retain your personal information?

How long we retain your personal information depends on the purpose for which it was obtained and its nature. We will keep your personal information for the period necessary to fulfill the purposes described in this Statement unless a longer retention period is permitted by law, in accordance with the Mansueto policy of Record Retention. In specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.

Do we disclose your personal information?

We may share your personal information with other Mansueto entities, companies, brands, divisions, subsidiaries, partners, collaborators and employee of these entities under or connected to the Mansueto Group, including suppliers of goods and services, to serve you, including for the activities listed above. We do not rent, sell or otherwise disclose personal information about our online visitors with unaffiliated third parties for their own marketing use. We do not share your personal information with third parties except in the following circumstances discussed below. Business Partners We disclose personal information to business partners who provide certain specialized services to us, or who co-operate with us on projects. These business partners operate as separate controllers, and are responsible for their own compliance with data protection laws. You should refer to their privacy notices for more information about their practices. Examples include: Maritime and Port services – maritime and transport agencies, shipping companies, customs agencies, ports and port offices, tourist and travel agencies, shore services agencies, fiscal representatives and tax agents, real estate agencies and agents; Fuel and Energy Products trading – refineries, fuel and energy products producers, producers and suppliers of lube oils and greases, bunker companies, bunker traders and brokers, providers of bunker services, carriers and forwarders, ports and port offices, maritime agencies, service agencies. Authorised Service Providers We may disclose your information to service providers we have retained (as processors) to perform services on our behalf (either in relation to services performed for our clients, or information which Mansueto uses for its own purposes, such as marketing). These service providers are contractually restricted from using or disclosing the information except as necessary to perform services on our behalf or to comply with legal requirements. These activities could include any of the processing activities that we carry out as described in the above section, ‘How we use your personal information.’ Examples include: IT service providers who manage our IT and back office systems and telecommunications networks; marketing automation providers; contact center providers. These third parties appropriately safeguard your data, and their activities are limited to the purposes for which your data was provided. Legal Requirements and Business Transfers We may disclose personal information (i) if we are required to do so by law, legal process, statute, rule, regulation, or professional standard, or to respond to a subpoena, search warrant, or other legal request. (ii) in response to law enforcement authority or other government official requests, (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, (iv) in connection with an investigation of suspected or actual illegal activity or (v) in the event that Mansueto is subject to a merger or acquisition to the new owner of the business. Disclosure may also be required for company audits or to investigate a complaint or security threat.

Do we transfer your personal information across geographies?

We are an organization which operates globally and may transfer certain personal information across geographical borders to Mansueto entities, authorized service providers or business partners in other countries working on our behalf in accordance with applicable law. Our affiliates and third parties may be based locally or they may be overseas some of which have not been determined by the European Commission to have an adequate level of data protection. When we do, we use a variety of legal mechanisms to help ensure your rights and protections travel with your data: we ensure transfers within Mansueto are covered by agreements based on the EU Commission's standard contractual clauses, which contractually oblige each member to ensure that personal information receives an adequate and consistent level of protection wherever it resides within Mansueto; where we transfer your personal information outside Mansueto or to third parties who help provide our products and services, we obtain contractual commitments from them to protect your personal information. Some of these assurances are well recognized certification schemes like the EU - US Privacy Shield for the protection of personal information transferred from within the EU to the United States, or the standard contractual clauses; or where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information are disclosed. Examples of countries we transfer personal information to include, but are not limited to, the United States of America, the United Kingdom, France, Spain, Germany, The Netherlands, Greece, Croatia, Singapore, Maldives, Seychelles. If you would like further information about whether your information will be disclosed to overseas recipients, please contact us as noted below. You also have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments, which may be redacted for reasons of commercial confidentiality) to ensure the adequate protection of your personal information when this is transferred as mentioned above.

Do we have security measures in place to protect your information?

The security of your personal information is important to us and Mansueto has implemented reasonable physical, technical and administrative security standards to protect personal information from loss, misuse, alteration or destruction. We protect your personal information against unauthorized access, use or disclosure, using security technologies and procedures, such as encryption and limited access. Only authorized individuals access your personal information, and they receive training about the importance of protecting personal information. Our service providers and agents are contractually bound to maintain the confidentiality of personal information and may not use the information for any unauthorized purpose.

What choices do you have about your personal information?

We offer certain choices about how we communicate with our customers and what personal information we obtain about them and share with others. When you provide us with personal details, if we intend to use those details for marketing purposes, we will provide you with the option of whether you wish to receive promotional e-mail, SMS messages, telephone calls and postal mail from us. At any time, you may opt out from receiving interest-based advertising from us by contacting us as per listed under the “Contact” paragraph below. You may also choose not to receive marketing communications from us by clicking on the unsubscribe link or other instructions in our marketing e-mails, visiting the “Account” section on our website, or contacting us as noted below in the “Contact” paragraph.

How can you update your communication preferences?

We take reasonable steps to provide you with communication about your information. You can update your communication preferences in the following ways. Profile If you have created a profile or account on one of our websites, you can update your contact information after you log into your account. Newsletters If you request electronic communications, such as an e-newsletter, you will be able to unsubscribe at any time by following the instructions included in the communication. Mobile Devices If you previously chose to receive push notifications on your mobile device from us but no longer wish to receive them, you can manage your preferences either through your device or the application settings. If you no longer wish to have any information collected by the mobile application, you may uninstall the application by using the uninstall process available on your mobile device. E-mail Contact us by e-mail or postal address as noted below. Please include your current contact information, the information you are interested in accessing and your requested changes. If we do not provide you with access, we will provide you with the reason for refusal and inform you of any exceptions relied upon.

Other rights regarding your data

According to GDPR, subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal information. We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal information requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. You can exercise your rights by contacting us. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly or inform you if we require further information in order to fulfill your request. We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way. Right to Access (art. 15 GDPR) You have right to access personal information which Mansueto holds about you. If you have created a profile, you can access that information by visiting your account. Right to Rectification (art.16 GDPR) You have a right to request us to correct your personal information where it is inaccurate or out of date. Right to be Forgotten (Right to Erasure) (art. 17 GDPR) You have the right under certain circumstances to have your personal information erased. Your information can only be erased if your data is no longer necessary for the purpose for which it was collected, and we have no other legal ground for processing the data. Right to Restrict Processing (art. 18 GDPR) You have the right to restrict the processing of your personal information, but only where: its accuracy is contested, to allow us to verify its accuracy; or the processing is unlawful, but you do not want it erased; or it is no longer needed for the purposes for which it was collected, but you still need it to establish, exercise or defend legal claims; or you have exercised the right to object, and verification of overriding grounds is pending. Right to Data Portability (art. 20 GDPR) You have the right to data portability, which requires us to provide personal information to you or another controller in a commonly used, machine readable format, but only where the processing of that information is based on (i) consent; or (ii) the performance of a contract to which you are a party. Right to Object to Processing (art. 21 GDPR) You have the right to object the processing of your personal information at any time, but only where that processing is has our legitimate interests as its legal basis. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

Contact Us

If you have any questions, would like further information about our privacy and information handling practices, would like to discuss opt-outs or withdrawing consent, or would like to make a complaint about a breach of the Act or this Statement, please email us to privacy@mansuetomarine.it or the following postal address: Mansueto Marine s.r.l., Via Volta 125 – 18038 Sanremo (IM), Italy. Alternatively, you have the right to contact your local Data Protection Authority.

Changes to this Statement

We may update this Statement, from time to time, according the current laws and regulations in force. When we do, we will post the current version on our websites, and we will revise the version date located at the bottom of this page. We encourage you to periodically review this Statement so that you will be aware of our privacy practices.

Version

In case of disparity between the Italian and the English version of the Statement, the Italian version shall prevail, inasmuch as the English version is a mere transltion.

Update

This Statement was last updated on May 25th, 2018.

Privacy | Design Ellellestudio