With this privacy notice, Laminam SpA, based in Fiorano Modenese (MO), Via Ghiarola Nuova no. 258, informs you that – under the provisions of Art. 13 of European Regulation 2016/679 on the processing of personal data (“GDPR”) – your personal data will be processed using electronic and manual tools, via social networks, in Italy and abroad.

This privacy policy has been prepared under transparency principles and GDPR requirements. It is split into individual sections to make it easier and quicker to read and understand (hereafter, the “Privacy Policy”).

      1. Data Controller

The data controller (hereafter “Controller”) is Laminam SpA, based in Fiorano Modenese (MO) – Via Ghiarola Nuova no. 258.

      2. Processing purpose and legal basis

Purposelegal basis
a) fulfilling pre-contractual, contractual and tax obligations resulting from the contract’s performance;

b) receipt and processing of spontaneous applications for open positions on this Website.

Processing carried out for these purposes is necessary to comply with contractual and legal obligations (Art. 6, letter b) and c) GDPR).
c) Carrying out promotional activity, such as sending advertising material by post, e-mail, telephone, fax, SMS, and MMS (known as direct marketing);

d) Sending communications, responses to clarification requests or information or communication newsletters and not for commercial purposes.

Processing for these purposes is carried out with User and Data Subject consent (Art. 6, letter a) GDPR).
e) Promoting services similar to those involved in the sale, subject to the possibility of opposing the processing at any timeProcessing carried out for these purposes is aimed at pursuing the Controller’s legitimate interest (Art. 6, letter f) GDPR).

Provision of your personal data is necessary for the indicated purposes.

The lack, partial or incorrect provision of your personal data will make it impossible to provide the requested services.

Providing your data for the purposes indicated in letter c) is optional and any processing refusal will make it impossible to provide the requested services.

       3. Disclosure of personal data

Your personal data will be processed exclusively by authorised persons and those designated as Processors to carry out all processing necessary for the purposes identified in this Privacy Policy, under GDPR. Personal data may be disclosed to public bodies or the judicial authority, if required by law or to prevent or supress the commission of a crime.

        4. Data retention period

The personal data collected will be processed by the Controller for the time necessary to pursue the purposes indicated in point 3).


  • purposes indicated in point 2) letter a) until the end of the contractual relationships, subject to any further retention period that may be imposed by legal obligations;
  • purposes indicated in point 2) letter b) up to a maximum of 24 months from sending the application;
  • purposes indicated in point 2) letters c) and d) until express consent withdrawal;
  • purposes indicated in point 2) letter e) until any opposition from the data subject.

       5. Consent withdrawal

The data subject has the right to withdraw the consent at any time completely or partially. This will not prejudice the lawfulness of the processing based upon consent provided before withdrawal.

To withdraw your consent, contact the Controller at the addresses published in this privacy policy. If you are registered on the internet website, you can access your profile and modify the consent provided.

      6. Processing regional scope

Your personal data will be processed by the Controller within the European Union.

If, for technical or operational reasons, it is necessary to use entities located outside the European Union, those entities will be appointed as Processors and personal data will be transferred to those entities, limited to the conduct of processing, under GDPR provisions.

Safeguards necessary to guarantee personal data protection will be adopted. Processing will be based upon the assessment of appropriate safeguards, including, European Commission decisions on the recipient third-party countries adequacy; adequate safeguards taken by the recipient third party under Article 46 of the GDPR.

If your personal data has been processed outside the European Union, you may obtain further details from the Controller, requesting evidence of the safeguards adopted.

       7. Data subject rights

Under Articles 15 et seq. of the GDPR, you may, at any time, exercise the data subject rights and obtain:

  • confirmation if your data is being processed, access to personal data and the following information (processing purposes, personal data categories, recipients and categories of recipients to whom the personal data has been or will be disclosed, and retention period);
  • rectification of inaccurate personal data and the right to have incomplete data completed, by providing a supplementary statement;
  • personal data deletion, in the cases envisaged by the GDPR;
  • processing restriction in the circumstances envisaged by the privacy legislation;
  • data portability, request your data provided to the Controller and the direct transmission of your data to another controller;
  • the right to oppose, on grounds relating to your situation, the processing of your data under the privacy legislation and for marketing and profiling purposes.


You may exercise your rights by contacting the following email address, attaching a copy of your identity document:

You have the right to lodge a complaint with the Supervisory Authority (in Italy, the Garante per la Protezione dei Dati Personali), under Art. 77 GDPR, if you believe that the processing of your data is contrary to the Privacy legislation.

This privacy policy may be amended over time following the entry into force of new industry regulations, updates or the provision of new services or technological innovations. Please consult this page often.


Date of last update: June 2020