Privacy Policy

Pursuant to Art. 13 of Regulation (EU) 2016/679 (GDPR), this page describes the methods of processing the personal data of users who visit the website of Bertolutti S.r.l., accessible at the following address: www.bertolutti.com.

Users are invited to read this Privacy Notice carefully before submitting any personal data through the website or using any of its services.

Data Controller

The Data Controller is Bertolutti S.r.l., with registered office at Via Crosade, 41 – 33040 Faedis (UD), Italy, VAT No. 01700230301.

The Data Controller may be contacted at:
E-mail: info@bertolutti.com
Telephone: +39 0432 728213

Types of data processed, purposes of the processing and legal basis

Browsing data

The IT systems and software procedures used to operate this website acquire, in the course of their normal operation, certain data whose transmission is implicit in the use of Internet communication protocols. This category includes: IP addresses or domain names of the computers used by users, URI/URL addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server's response, and parameters relating to the user's operating system and IT environment.

Such data, necessary for the use of the web services, are also processed in order to:

  • obtain statistical information on the use of the services (most visited pages, number of visitors by time slot or day, geographical areas of origin, etc.);
  • monitor the correct functioning of the services offered.

Browsing data are generally retained for no longer than seven days, except where retention is necessary for the investigation of criminal offences by the competent judicial authorities.

Data provided voluntarily by the user

Users may voluntarily provide personal data by contacting the Data Controller through the contact details available on the website or by sending private messages through corporate social media profiles and pages where such functionality is available.

The provision of such data entails the acquisition of the sender's contact details and any additional personal data contained in the communication, solely for the purpose of responding to the request received.

The website also contains a dedicated contact form, for which a specific privacy notice is made available on the relevant page.

Legal basis of the processing

The personal data collected through the website are processed:

  • on the basis of Art. 6(1)(f) of the GDPR, insofar as they are necessary to pursue the Data Controller's legitimate interest connected with the technical operation of the website, the security of communications and the production of aggregate statistics on the use of the pages;
  • on the basis of Art. 6(1)(b) of the GDPR, where the user sends communications to the Data Controller's contact details to request information or assistance, this being, in such cases, pre-contractual activity carried out at the user's request.

Recipients of Personal Data

Personal data may be processed by employees and collaborators specifically authorised by the Data Controller.

Where necessary, personal data may also be processed by external service providers acting on behalf of the Data Controller and formally appointed as Data Processors pursuant to Article 28 GDPR, including providers of hosting services, IT support, website maintenance and related technological services.

Personal data are not disclosed to the public and are not communicated to third parties for marketing or profiling purposes.

The use of third-party services integrated into the website may entail the transfer of personal data to countries located outside the European Economic Area. Such transfers take place in compliance with the safeguards provided for by Articles 44 et seq. of the GDPR, such as, in particular, the adoption of standard contractual clauses approved by the European Commission.

For further information on the processing carried out by means of cookies and on any related transfers, please refer to the cookie policy available on the website.

Rights of Data Subjects

Data subjects may exercise at any time the rights granted under Regulation (EU) 2016/679, including:

  • the right to withdraw consent where processing is based on consent (Article 7(3));
  • the right of access to personal data (Article 15);
  • the right to rectification of inaccurate or incomplete personal data (Article 16);
  • the right to erasure of personal data (Article 17);
  • the right to restriction of processing (Article 18);
  • the right to data portability (Article 20);
  • the right to object to processing (Article 21).

The exercise of the above-mentioned rights is subject to the limits, rules and procedures provided for by Regulation 679/2016, which the user must be aware of and comply with.

In accordance with Art. 12(3) of that Regulation, the Data Controller shall, moreover, provide the data subject with information on action taken without undue delay and, in any event, at the latest within one month of receipt of the request. That period may be extended by two months where necessary, taking into account the complexity and number of the requests. The Data Controller shall inform the Data Subject of any such extension, and of the reasons for the delay, within one month of receipt of the request.

To exercise the above rights, you may use the form available on this page, to be sent to the Data Controller duly completed and signed.

Changes to this notice

The Data Controller reserves the right to modify or update this notice at any time, including as a result of regulatory changes. Changes are published on this page, with an indication of the date of update. The current version is the one dated May 2026.


Privacy Notice for Customers, Suppliers and Quote Requests