1. Data Controller
The Data Controller is:
MITO POLIMERI S.R.L.
Via Venezia, 79
31028 Tezze di Vazzola (TV) - Italy
Tel: +39 0438 488255
Email: info@mitopolimeri.it

2. Scope of Application
This Privacy Policy describes the processing of personal data carried out through:

• the corporate website www.mitopolimeri.it

• the external platform prodotti.mitopolimeri.it

This Policy does not apply to third-party websites that may be accessed through external links.

3. Categories of Data Processed

3.1 Browsing Data
The IT systems and software procedures used to operate the website collect certain personal data whose transmission is implicit in the use of Internet communication protocols.
Such data may include:

• IP address

• Device identifiers

• Browser type

• Operating system

• Date and time of access

• Technical parameters relating to the user’s IT environment

These data are processed for the purposes of:

• ensuring proper technical operation of the website

• preventing fraudulent access

• guaranteeing system security

• generating aggregated and anonymous statistical information

Legal basis:
Article 6(1)(f) GDPR – legitimate interest of the Data Controller.

3.2 Data Provided Voluntarily by the User
When users contact the company, request information, access the product platform, download technical PDF sheets, or interact with the AI agent, the following data may be processed:

• Name and surname

• Company name

• Email address

• Telephone number

• Information entered in free text fields

• Login credentials (where applicable)

Purposes:

• Responding to technical or commercial enquiries

• Providing access to technical documentation (PDF files)

• Enabling use of the AI agent

• Managing pre-contractual and contractual relationships

Legal basis:

• Article 6(1)(b) GDPR – performance of pre-contractual or contractual measures

• Article 6(1)(f) GDPR – legitimate interest in managing B2B commercial relationships
   

3.3 AI Agent Usage
The platform prodotti.mitopolimeri.it provides access to an AI agent for technical consultation purposes.
Data entered by users:

• are processed solely for the purpose of generating the requested response

• are not used for profiling activities

• are not disclosed to third parties for marketing purposes

Any technology providers involved in delivering this service act as Data Processors pursuant to Article 28 GDPR.

4. Cookies and Similar Technologies
The website uses only strictly necessary technical cookies.
Consent management is handled through the Usercentrics Consent Management Platform (CMP).
No analytical, profiling, or marketing cookies are currently active.
For further details, please refer to the Cookie Policy.

5. Methods of Processing
Personal data are processed using electronic and organisational measures appropriate to ensure security, confidentiality, and integrity, in compliance with Article 32 GDPR.

6. Data Retention
Personal data are retained only for as long as necessary to fulfil the purposes for which they were collected.
In particular:

• Contact data: up to 24 months unless a contractual relationship is established

• Contractual data: 10 years in accordance with civil and tax regulations

• Technical logs: retained in accordance with security and compliance requirements

7. Recipients of the Data
Personal data may be processed by:

• Authorised personnel of the Data Controller

• IT service providers

• Hosting providers

• Wix platform services

• Providers managing the product platform

• Providers supporting the AI agent infrastructure

Where required, such parties are appointed as Data Processors pursuant to Article 28 GDPR.

8. International Data Transfers
Where certain technology providers are located outside the European Union, data transfers are carried out in compliance with Articles 44 et seq. GDPR, through:

• Standard Contractual Clauses (SCCs)

• Adequacy Decisions adopted by the European Commission

• Additional safeguards where required

9. Data Subject Rights
Data subjects may exercise their rights at any time pursuant to Articles 15–22 GDPR, including:

• Right of access

• Right to rectification

• Right to erasure

• Right to restriction of processing

• Right to object

• Right to data portability

Requests may be submitted to:
info@mitopolimeri.it
Data subjects also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali).

10. Nature of the Provision of Data
Providing personal data is voluntary; however, failure to provide such data may prevent the company from responding to enquiries or delivering the requested services.

11. Minors
The website is intended for professional users and business operators (B2B).
The company does not knowingly collect personal data relating to minors.

12. Updates
This Privacy Policy may be updated to reflect regulatory changes or technological developments.
Last updated: February 2026