Privacy Policy

(in accordance with Articles 13 and 14 of Regulation (EU) 2016/679 – GDPR)

 

1. Introduction

This privacy policy is provided in compliance with Regulation (EU) 2016/679 (GDPR) and applicable national data protection laws. Our goal is to ensure maximum transparency on how we collect, use, and protect users’ personal data when they visit our website www.iithydrogen.it

2. Data Controller

The Data Controller is IIT Hydrogen Ltd, with registered office in Enrico Mattei Str. 1, 39100 Bolzano, Tax Identification Number/VAT Number IT 2274870217, who can be contacted at the following addresses:

• E-mail: info@iithydrogen.it
• PEC: iit.bz@pec.it
• Telefon: +39 0471 1964880

3. Types of Data Collected

When browsing and interacting with the site, we may collect and process the following categories of personal data:

a) Browsing Data

The computer systems and software operating the site automatically acquire certain information, the transmission of which is implicit in the use of Internet communication protocols. This data includes:

• IP address
• Browser type and device
• Operating system
• Date, time, and duration of the connection
• Referral URL and visited pages

These data are used solely for statistical and security purposes.

b) Data Provided Voluntarily by Users

Through form submissions, emails, or interactions with our services, users may provide:

• Name and surname
• Email address
• Phone number
• Other voluntarily provided information

c) Cookies and Tracking Technologies

Our website uses technical and tracking cookies. For more details, please refer to our [Cookie Policy].

4. Purpose and Legal Basis of Processing

Providing requested services	Responding to inquiries
Compliance with legal obligations	Performance of a contract or pre-contractual measures (Art. 6.1.b GDPR)
Sending newsletters and promotional communications	Performance of a contract or pre-contractual measures (Art. 6.1.b GDPR)
Compliance with legal obligations	Legal obligation (Art. 6.1.c GDPR)
Statistical analysis and website improvement	Legitimate interest (Art. 6.1.f GDPR)
Sending newsletters and promotional communications	User’s consent (Art. 6.1.a GDPR)
Content personalization and targeted advertising	User’s consent (Art. 6.1.a GDPR)

5. Processing Methods and Data Security

Personal data are processed using computerised and paper-based tools, taking appropriate security measures to prevent unauthorised access, loss or unlawful disclosure. Such measures include:

• Encryption and firewall protection
• Restricted access to data for authorized personnel
• Backup and disaster recovery procedures.

6. Data Sharing and Transfers

Data may be shared with:

• IT service providers for website operations
• Legal and tax consultants to comply with legal obligations
• Public authorities when required by law

No data are transferred outside the European Economic Area (EEA) without adequate safeguards under GDPR.

7. Data Retention Period

Personal data are kept for the time strictly necessary for the purposes for which they were collected:

• Browsing data: 12 months
• User-provided data: Until consent withdrawal or contract termination
• Data for legal obligations: As required by law
• Data for marketing purposes: Until consent withdrawal, max 24 months.

8. User Rights

Users have the right to:

• Access to one’s own data (Art. 15 GDPR);
• Request rectification or updating (art. 16 GDPR);
• Obtain deletion of data (art. 17 GDPR – “Right to be forgotten”);
• Limit the processing (art. 18 GDPR);
• Object to the processing (art. 21 GDPR);
• Request data portability (art. 20 GDPR);
• Withdraw consent at any time.

Requests can be sent to [Holder’s e-mail address]. It is also possible to lodge a complaint with the Data Protection Authority.

1. Changes to this Privacy Policy

We reserve the right to amend this policy at any time. Users will be informed via the website or other appropriate channels.

Date of last update
06 March 2025