Skip to main content

Privacy Policy

Information on the processing of personal data pursuant to the GDPR.

Personal Data Processing Policy

Pursuant to Regulation (EU) 2016/679 (GDPR) and Italian Legislative Decree 196/2003, as amended by Legislative Decree 101/2018, Systema360 S.r.l. provides the following information on the processing of personal data of users who visit this website.

1. Data controller

The data controller is:

  • Systema360 S.r.l.
  • Registered office: 85100 Potenza (PZ)
  • VAT number / Tax code: 02227730765
  • Certified email (PEC): systema360@pec.it
  • Email: info@systema360.it

1bis. Privacy Contact

For any questions regarding the protection of personal data, please contact the Privacy Officer at: privacy@systema360.it.

2. Types of data collected

Browsing data

The IT systems used to operate this website automatically collect certain personal data whose transmission is implicit in the use of Internet communication protocols (e.g. IP addresses, browser type, operating system, pages visited, time of request). IP addresses are anonymized (last octet masked) before storage.

Data voluntarily provided by the user

Sending messages via the website contact form entails the collection of the following data: name, email address, phone number (optional), company (optional), subject and message text. Upon submission, the timestamp of the privacy consent given by the user is also recorded.

3. Purposes of processing

Personal data are processed for the following purposes:

  • Responding to contact and information requests sent through the form on the website
  • Complying with legal, regulatory and EU obligations
  • Improving the functioning and security of the website

4. Legal basis for processing

Data processing is based on the following legal grounds under Article 6 of the GDPR:

  • Art. 6.1.a — Consent: the user consents to the processing of their personal data when submitting the contact form
  • Art. 6.1.b — Pre-contractual measures: processing is necessary to respond to the user's requests prior to the possible conclusion of a contract
  • Art. 6.1.f — Legitimate interest: the processing of browsing data is necessary to ensure the proper functioning and security of the website

5. Data recipients

Personal data may be shared with:

  • IT service providers (hosting, email, technical maintenance) acting as data processors pursuant to Article 28 of the GDPR
  • Entities to whom disclosure is required by law or regulation

Personal data will never be sold or transferred to third parties.

6. Transfer of data outside the EU

Should it become necessary to transfer personal data to countries outside the European Union, the transfer will be carried out solely in compliance with the appropriate safeguards set out in Article 46 of the GDPR (e.g. European Commission adequacy decisions, standard contractual clauses).

7. Retention period

  • Contact form data: retained for a maximum period of 24 months from collection, unless otherwise required by law. Deletion is performed automatically via a scheduled procedure
  • Browsing data: retained for a maximum period of 12 months

8. Rights of the data subject

Pursuant to Articles 15-22 of the GDPR, the user has the right to:

  • Access — obtain confirmation of the existence of processing and access to their data
  • Rectification — obtain correction of inaccurate data or completion of incomplete data
  • Erasure — obtain deletion of their data in cases provided for by law
  • Restriction — obtain restriction of processing in cases provided for by law
  • Portability — receive their data in a structured, commonly used and machine-readable format (Art. 20 GDPR). A data export function is available in the website's reserved area
  • Objection — object to the processing of their data on legitimate grounds
  • Withdrawal of consent — withdraw consent at any time, without affecting the lawfulness of processing based on consent given before its withdrawal

To exercise these rights, the user may send a written request to privacy@systema360.it, to the general address info@systema360.it or via certified email (PEC) to systema360@pec.it.

The user also has the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).

9. Statistical analysis

This website uses Umami, a self-hosted web analytics platform (installed on the data controller's own servers, with no data transferred to third parties). Umami operates in cookieless mode: it does not install cookies on the user's device and does not perform profiling. The collected data (pages visited, referrer, device type, country of origin) are aggregated and anonymous.

Additionally, the website internally records browsing events for statistical purposes (pages visited, time of access). IP addresses are anonymized (last octet masked for IPv4, /48 prefix for IPv6) before storage.

The legal basis for the processing of this data is the legitimate interest of the data controller (Art. 6.1.f GDPR) in improving the functioning of the website, in compliance with the principle of data minimization.

10. Cookies

This website uses only technical cookies necessary for proper functioning (session and CSRF). No profiling, marketing or analytics cookies are used.

For detailed information, please refer to our Cookie Policy.

11. Security measures

To protect users' personal data, the data controller has adopted the following technical measures:

  • HTTPS connection with TLS encryption for all communications
  • HTTP security headers (Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy)
  • IP address anonymization before storage
  • Encryption of user sessions

12. Changes to this policy

The data controller reserves the right to amend this policy at any time. Users are invited to check this page periodically.

Last updated: 10/04/2026

Next step

Have a project in mind?

Tell us about your needs.

Let's talk Prenota una call di 30 min

One contact from start to finish. Zero handoffs.