Last updated: June 2026
Privacy Notice pursuant to Art. 13 of EU Regulation 2016/679 (GDPR)
1. Identity and Contact Details of the Data Controller
The Data Controller for the personal data collected through this website is:
EIIP – Engineering & Industrial Improvement Partners
P.IVA: IT[número]
Sede operativa: [dirección], Italy
Website: eiip.it
Email: info@eiip.it
For any privacy-related request, you may contact the Data Controller directly at: info@eiip.it
2. Data Protection Officer (DPO)
No Data Protection Officer has been appointed. This website does not meet the thresholds requiring mandatory DPO designation under Art. 37 GDPR, as it does not carry out large-scale systematic monitoring or large-scale processing of special category data.
3. Data Collected
When you submit the contact form on this website, we collect the following personal data:
- First Name and Last Name
- Position / Role
- Email address
- Phone number
- Region / Country
- Company Name
- Industry Type
- Your message / request
4. Purposes and Legal Basis for Processing
Your personal data is collected exclusively to respond to your business inquiry.
The applicable legal bases are:
- Art. 6(1)(b) GDPR — processing is necessary to take steps at your request prior to entering into a contract, when your inquiry relates to a specific service offered by EIIP.
- Art. 6(1)(f) GDPR — legitimate interest of the Data Controller in responding to professional outreach from potential B2B clients. The specific legitimate interest pursued is: managing and responding to professional inquiries in order to develop business relationships. This interest does not override the data subject’s fundamental rights and freedoms, given the strictly B2B and voluntary nature of the contact form submission, the limited categories of data collected, and the absence of any profiling or automated decision-making.
5. Recipients and Data Processors
Your data may be processed by the following third-party service providers acting as data processors under Art. 28 GDPR, each with a formal Data Processing Agreement in place:
- Hostinger International Ltd. — website hosting provider. Servers located within the EU (Lithuania, Germany, France, Netherlands). Privacy policy: hostinger.com/legal/privacy-policy
- Elementor Ltd. — page-building and form technology provider. Israeli company covered by the EU adequacy decision for Israel (Commission Decision 2011/61/EU).
No personal data is sold, rented, or shared with third parties for marketing, advertising, or profiling purposes.
6. International Data Transfers
Data is hosted on EU-based Hostinger servers. Elementor Ltd. is based in Israel, a country recognized by the European Commission as providing an adequate level of data protection. Any other third-party processors located outside the EU/EEA operate under Standard Contractual Clauses (SCCs) as per Art. 46(2)(c) GDPR.
7. Data Retention Period
- Inquiries that do not lead to a contract: personal data is retained for 24 months from the date of submission.
- Inquiries that lead to a contractual relationship: data is retained for 10 years, in accordance with the Italian Civil Code statute of limitations (Art. 2946 c.c.).
After the applicable retention period, your data is permanently and securely deleted.
8. Whether Providing Data is Mandatory and Consequences of Refusal
Submitting the contact form is entirely voluntary. However, the fields marked as required (First Name, Last Name, Email, and Your Request) are necessary to process and respond to your inquiry. If you choose not to provide this information, we will be unable to respond to your request. All other fields are optional and their omission will not prevent us from processing your inquiry.
9. Automated Decision-Making and Profiling
No automated decision-making or profiling is carried out using the personal data collected through this contact form. All inquiries are reviewed and handled manually by the Data Controller.
10. Your Rights Under GDPR (Arts. 15–21)
You have the following rights regarding your personal data:
- Right of access (Art. 15) — to obtain confirmation of whether your data is being processed and to receive a copy of it.
- Right to rectification (Art. 16) — to request correction of inaccurate or incomplete data.
- Right to erasure / “right to be forgotten” (Art. 17) — to request deletion of your data where legally applicable.
- Right to restriction of processing (Art. 18) — to request that processing be limited in certain circumstances.
- Right to data portability (Art. 20) — to receive your data in a structured, commonly used, machine-readable format.
- Right to object (Art. 21) — to object at any time to processing based on legitimate interest (Art. 6.1.f). Upon objection, the Data Controller will cease processing unless compelling legitimate grounds exist that override your interests, rights, and freedoms.
If consent is used as a legal basis for any specific processing activity, you may withdraw it at any time without affecting the lawfulness of processing carried out prior to withdrawal.
To exercise any of these rights, contact the Data Controller at: info@eiip.it
We will respond to your request within one month of receipt, in accordance with Art. 12 GDPR. This period may be extended by a further two months in complex or high-volume cases, with prior notification to you.
11. Right to Lodge a Complaint
You have the right to lodge a complaint with the competent supervisory authority:
Garante per la Protezione dei Dati Personali
Piazza Venezia 11, 00187 Roma – Italy
Tel: +39 06 696771
Email: protocollo@gpdp.it
Website: garanteprivacy.it
12. Security Measures
The Data Controller implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, in accordance with Art. 32 GDPR, including secure HTTPS transmission and access controls on stored data.
13. Cookies
This website may use technical cookies strictly necessary for its operation. No profiling or marketing cookies are used without your explicit prior consent. For detailed information, please refer to our Cookie Policy.
14. Changes to This Policy
This Privacy Policy may be updated periodically to reflect changes in data processing practices or applicable legal requirements. The date of the last update is indicated at the top of this document. Material changes will be communicated to affected data subjects before the new processing begins.
15. Additional Information for Mexican Data Subjects (LFPDPPP)
This section applies upon the establishment of a legal entity in Mexico.
When EIIP operates through a legal entity established in Mexico, the processing of personal data of Mexican residents will additionally be governed by the Ley Federal de Protección de Datos Personales en Posesión de los Particulares (LFPDPPP) and its Regulations.
Responsable del tratamiento:
[Nombre o razón social — pendiente]
[Domicilio], México
RFC: [pendiente]
Email: info@eiip.it
In accordance with the LFPDPPP, Mexican data subjects have the right to exercise their ARCO rights:
- Acceso — to know what personal data we hold about you and how it is used.
- Rectificación — to correct inaccurate or incomplete data.
- Cancelación — to request deletion of your personal data when no longer necessary.
- Oposición — to object to the processing of your personal data for specific purposes.
To exercise your ARCO rights, send a written request to: info@eiip.it
A separate Aviso de Privacidad in Spanish will be published upon establishment of the Mexican entity, in compliance with Art. 15 LFPDPPP.
This document constitutes the privacy notice required under Art. 13 of EU Regulation 2016/679 (GDPR) and the Italian Personal Data Protection Code (D.Lgs. 196/2003, as amended by D.Lgs. 101/2018).