INFORMATION NOTICE PURSUANT TO ARTICLES 13–14 OF THE GDPR (GENERAL DATA PROTECTION REGULATION) 2016/679
ArquiGreen, VAT no. , as the Data Controller, informs you that your personal data will be processed in accordance with the methods and purposes outlined below.

The Data Controller is committed to protecting the privacy and confidentiality of Personal Data, in compliance with the principles of fairness, lawfulness, transparency, and the protection of your rights.

1) TYPES OF DATA PROCESSED
We process personal data provided by you (name, email, company name, phone number, etc.) when submitting requests voluntarily, as well as data collected automatically through our website.

• Data you provide: personal, identifying, and non-sensitive data communicated via email, contact forms, or by phone regarding our products/services.
• Data we collect automatically: anonymous data collected via cookies or similar technologies. For more information, see the Cookie Policy below.

Note: Users under the age of 16 may not provide any personal data without parental or guardian consent.

2) PURPOSES AND LEGAL BASES OF PROCESSING
We process your personal data:

A) to fulfill our contractual obligations; to respond to your information requests; to provide estimates; to execute product purchase contracts or service agreements; and to provide necessary support for purchased products and services.
B) to perform aggregated statistical analysis on an anonymous basis in order to improve our services.
C) for administrative purposes and to fulfill legal obligations such as accounting, tax compliance, or to respond to requests from judicial authorities.
D) in the case of submitted CVs, exclusively for recruitment purposes.

3) IS THE PROVISION OF DATA MANDATORY?
Providing your data is always optional, but failure to do so may prevent us from performing certain services or fulfilling contractual obligations.

4) LOCATION, PROCESSING METHODS AND RETENTION PERIOD
Your personal data is processed through operations defined in Article 4 of the Italian Privacy Code and Article 4(2) of the GDPR, including collection, recording, organization, storage, consultation, processing, modification, selection, retrieval, comparison, use, interconnection, blocking, communication, erasure, and destruction.

Your personal data is stored at the Data Controller’s registered office and processed both on paper and electronically/automatically, using methods strictly aligned with the purposes above, and always ensuring data security and confidentiality.
The data you provide is not stored on our website.

The Data Controller will retain personal data as long as necessary for the aforementioned purposes and, in any case:

no longer than 10 years from the end of the relationship (for the purposes under point C),

and no longer than 38 months from collection (for the purposes under point B).

5) DATA ACCESS
Your data may be accessible for the purposes listed in point 2:

• to employees and collaborators of the Data Controller, in their capacity as data processing appointees and/or system administrators;
• to third-party companies or entities (website providers, cloud services, e-payment services, suppliers, hardware/software technicians, couriers and carriers, banks, professional firms, etc.) acting on behalf of the Data Controller as Data Processors.

6) DATA TRANSFER
Data will not be disseminated, sold, or exchanged with parties other than the Data Controller, appointed Processors, or authorized personnel without your explicit and informed consent.

7) YOUR RIGHTS
You have the right to know what personal data is being processed. Specifically, you have the right to access, rectify, delete, or port your data, as well as to restrict or object to its processing under certain conditions.

Here’s a brief explanation of your rights:

• Right of access: obtain confirmation of whether your personal data is being processed and, if so, access it and related information.
• Right of rectification: request the correction of inaccurate personal data and completion of incomplete data.
• Right to erasure: request deletion of your data without undue delay when it’s no longer necessary for the purposes collected, except where retention is legally required.
• Right to data portability: receive your data in a structured, commonly used, machine-readable format and transmit it to another controller, where legally permitted.
• Right to restriction of processing: request limitation of processing under certain conditions, in which case processing may occur only in specific circumstances (e.g., legal defense).
• Right to object: object to the processing under certain legal conditions unless there are legitimate overriding grounds.

To receive more information or to exercise your rights, please contact us directly.

8) CHANGES TO THIS NOTICE
This Privacy Notice may be updated over time. We recommend checking it regularly and referring to the latest version available.

Last update: August 2025