Privacy Policy

Pursuant to EU Regulation 2016/679 on protection of physical persons with regard to the processing of personal data and free circulation of said data and additional applicable European and national regulations

CORMACH SRL with registered headquarters in Montichiari (BS), via Madonnina n.27, VAT No. 00681780987 and Tax ID 02075000170, telephone 030/9656811, email, certified email, as Data Controller (hereinafter “Controller”), please note that this Privacy Policy describes the ways this website manages the personal data of its users/visitors.
Your data will be processed pursuant to regulations.
This Privacy Policy does not apply to other websites – not belonging to the Controller – which you may access through links, banners or any other connections present on this website.
The data processing connected with the web services of this website take place mainly at said operative headquarters and is performed by persons authorised to process.
The updated list of the persons responsible can be requested by email at

I. Type and Origin of the Personal Data Collected – Your personal data might be requested every time you come into contact with the Controller to identify you or to contact you.
Aside from cases exclusively required by law, the Controller does not collect personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, union membership, genetic data or biometric data used to unequivocally identify a physical person, health-related data, sex life, or sexual orientation of the person.
Aside from cases required by law, the Controller does not collect the personal data relative to criminal convictions or felonies or related safety measures. The Controller invites you not to provide said data.
The consent of minors to the processing of their personal data is valid as of the age of 16 years.
The Controller will not process the personal data of children under the age of 16 years, unless their parents or their guardian consents to the collection, use and disclosure activity of the information of the children by the Controller.
Please note that you are not required provide the personal data we request: if you decide not to provide it, however, in many cases you cannot use the services accessible via the website.
Navigation data – The computer systems and the software procedures for the functioning of this website collect, through normal use, some personal data that are then sent implicitly in the use of Internet communication protocols.
Data provided voluntarily by the user – The Controller collects and processes data gathered voluntarily from the interested party following access, registration, consultation and/or use of the website, including registration to the Newsletter service and use of the Live Chat service.

II. Purpose of Data Processing – On the basis of your freely given, explicit and informed consent – or in the other ways of legal processing compulsorily required by law, including Art. 6 Reg. (EU) 2016/679 – the Controller hereby informs you that your data will be processed for the following purposes:
a. a. Operative management and purposes strictly connected for access to the website, in particular to reserved areas of it.
Purpose of the processing: fulfilment of contractual obligations.
b. b. Processing for statistical purposes, in anonymous and aggregate form, on the use of the website and control of the proper functioning of it.
Purpose of the processing: legitimate interest of the Controller.

III. Cookie Policy – The details on the cookies used by the website are available on the “Details on Cookies“.

IV. Use of Social Media – You can use the Controller’s platform, which includes various blogs, forums, wikis and other social media (Social Media Platform) put at your disposal. The main objective of said social media is to enhance and enable sharing of content. However, the Controller cannot be held responsible if personal data is shared that is subsequently used properly or improperly by third parties via said social media.

V. Processing methods and data protection – The personal data of the interested parties will be processed using hard and/or soft tools for the time needed to achieve the purposes for which they were gathered or for any other related legitimate purpose, but not beyond the term set by law for protecting the rights and/or for legal obligations, adopting adequate security measures to prevent data destruction or loss, any disallowed use and unauthorised accesses, pursuant to Art. 32 of EU Regulation 2016/679.
Your data will not be disseminated in any manner and it may be notified to third parties whose activity is necessary and related to achieve the purposes herein. The updated list of the persons responsible can be requested by email at

VI. Rights of the interested party – As interested party subject to processing, you may, at any time, exercise your rights pursuant to Art. 13 et seq. of EU Regulation 2016/679. In particular, you can ask the Controller to confirm whether or not your personal data exist, access your personal data and rectify or delete it, or limit its processing, or oppose its processing, in addition to request a portable copy and the right to file a claim with a control authority. You may obtain information on the source from which the personal data originated and, if applicable, the possibility that the data come from sources accessible to the public. Moreover, if the processing is based on explicit consent, the interested party has the right to revoke consent at any time without prejudicing the lawfulness of the processing based on the consent given before its revocation.