Privacy Policy

1. General information

Your privacy is very important to Casadei Industria Wood S.r.l. and to best protect you, we provide you with these notes in which you will find information on the type of information collected online and on the options afforded to you in terms of the collection and use of such information on the website.

This document serves as disclosure which, pursuant to Art. 13 of EU Regulation no. 2016/679 (the “GDPR”) of the European Parliament and of the Council of 27 April 2016, “on the protection of natural persons with regard to the processing of personal data, as well as the free movement of such data, which repeals Directive 95/46/EC (General Data Protection Regulation)”, is provided to those who interact with the web services of Casadei Industria Wood S.r.l., accessible electronically from the website.

This disclosure also includes, as a specific regulatory reference, Resolution no. 229 of 8 May 2014, issued by the Italian Personal Data Protection Authority on the “identification of simplified methods for providing information and obtaining consent for the use of cookies – 8 May 2014”, as published in the Official Journal of the Italian Republic no. 126 of 3 June 2014, and any related clarifications available at the following link:

This disclosure is provided only for the Casadei Industria Wood S.r.l. website, and not for other websites that may be consulted by the user via links.

The Data Controller pertaining to data collected by the website is Casadei Industria Wood S.r.l. (hereinafter, the “Data Controller”) with registered office on via Guardia di Rocca, 14 47899 Galazzano – Serravalle, Republic of San Marino, in the person of its pro-tempore Legal Representative.

The Data Controller can be contacted at: or by standard mail to the mailing address provided above, or by calling +39 0549 960011

2. Nature of data

Browsing data

The IT systems and software procedures provided to operate this website acquire, during their normal operation, certain personal data which are implicitly transmitted when using the Internet communication protocols. This information is not collected for the purpose of being associated with identified persons, but by its very nature could result in the identification of users through processing and matching with information held by third parties.

This category of data includes IP addresses or domain names of computers utilized by users connecting to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment.

These data are used only to track traffic generated by the site, to gather anonymous statistical information on site usage, and to check that the site is functioning properly. Only upon request of the supervisory bodies in charge, the data could be used to ascertain responsibility in the event of hypothetical cyber crimes against the site.

Data collected through cookies

A “cookie” is a small text file transferred from the web server to the user’s computer, the purpose of which is to inform the server about the user’s accesses to that specific web page, and any other information it gathers from parameters readable of the system via functions contained in the web page.

Cookies can be “temporary” (or session cookies, deleted at the end of the connection) or “permanent” (stored on the user’s hard drive, unless the user deletes them).

Persistent cookies can store personal identifying data only if the user has registered or consented to the storage of personal identifying data entered on the site itself. Otherwise, the Data Controller’s server only recognises that an unidentified visitor, with that specific cookie, has returned to the site. These data are not provided to third parties and are not disseminated. Depending on the browser used, the user has the possibility to disable or selectively accept the use of cookies: in this case, navigation may be difficult, some functions of the site may not be available and some web pages may be displayed incorrectly. For complete information on cookies, please refer to the specific cookie policy.

Data provided voluntarily by the user

The optional, explicit and voluntary sending of email communication to addresses on the site or through the contact forms or calls made to the company point of contact entail the subsequent processing of data necessary to follow-up on the user’s request for information. Users are invited not to send names or other personal data of third parties that are not strictly necessary, but rather, when possible, use fictitious names.

2. Purpose of processing of personal data and legal bases thereof

Personal data collected from the user are processed for the following purposes and in compliance with the following legal bases:

Data typePurposeLegal Bases
Identification and contact data (Name, email address)   Any other information contained in the messageProcessing and reply to requests for information from UsersExplicit, free and specific consent expressed at the bottom of the contact form. The Data Controller processes personal data for these purposes based on its legitimate interest in responding to requests for information from users interested in the products offered.
Identification and contact data (email, name, telephone number)Email marketing and periodic newsletters relating to promotions or commercial initiatives    Explicit, free and specific consent expressed at the bottom of the contact and registration form, as well as the form dedicated to the newsletter on the site  
Browsing data and data collected by third-party cookiesMonitoring, analysis of traffic on the website and processing of statisticsExplicit, free and specific consent expressed through the cookie option tool on the website. The user can freely and at any time elect not to participate in these advertising methods by opting out.
Browsing dataDefense in court against abuses in the use of the website Routine maintenance of the site and monitoring of its functioningLegitimate interest of the Data Controller

4. Method, place of processing

Personal data are processed using automated means only for as long as it is strictly necessary to achieve the purposes for which they have been collected. Specific security measures will be observed to prevent loss of data, its illicit or incorrect use, and unauthorised access.

Data processing connected to the web services of this site (physically hosted on the servers owned by Aruba) is carried out at the headquarters of the Company that owns the servers, in the name and on behalf of the Data Controller, and handled only by employees and authorised staff, as well as by any persons in charge of occasional maintenance operations.  In addition to the Data Controller, in some cases, other parties involved in the organisation of this website or external parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies, and communication agencies), as well as Data Processors appointed by the Data Controller may have access to the Data, on an as-needed basis. The updated list of Data Processors can always be requested from the Data Controller.

The User’s Personal Data may be transferred to a country other than the one in which the User is located.  The User has the right to obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organisation, as well as regarding the security measures adopted by the Data Controller to protect the Data.

5. Minors

In compliance with the provisions of Art. 8 of the GDPR, no persons under the age of 16, without the prior consent of their parents or guardians, will be able to send information to this website, nor will they be able to make purchases or complete legal documents on this site without the aforementioned consent, unless such restrictions are not permitted by the regulations in force.

6. Data retention period or policy

Data are processed for the period strictly necessary to achieve the purposes for which they were collected:

– personal data collected for purposes related to the implementation of a contract between the Data Controller and the User will be retained until the contract has been duly executed.

– personal data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until such interest is satisfied.

– personal data collected on the basis of the user’s consent are retained until such consent is revoked.

The Data Controller may be required to retain personal data for a longer period, in compliance with a legal obligation or by order of an authority.

The Personal Data will be deleted at the end of the retention period. Therefore, upon expiry of the retention period the right to access, delete, amend and to data portability can no longer be exercised.

7. Rights of Data Subjects

Persons to whom the personal data refer have the right to obtain, at any time, confirmation of the existence or otherwise of such data, and to know their content and origin, as well as verify their accuracy or request that data be made complete, updated or amended. Data Subjects also have the right to request the deletion or transformation into anonymous form, or limited access or inaccessibility to any data processed in violation of the law, as well as to revoke or object, for legitimate reasons, to data processing. The user has the right to revoke the consent given at any time, without prejudice to any processing that has taken place previously.

Anyone who has doubts regarding compliance with the privacy protection policy adopted by Casadei Industria Wood S.r.l., as well as its application, the accuracy of one’s personal data or the use of the information collected, can contact the Data Controller in writing by using any of the addresses indicated above.