Privacy Policy





Pursuant to art. 13 of the EU Regulation n. 2016/679 (GDPR), laying down provisions for the protection of persons and other subjects regarding the processing and protection of personal data, we wish to inform you that the personal data you provide are processed in compliance with the aforementioned legislation and the obligations of confidentiality and protection to which the individual company Xtransfer di Stefano Forti is required.

Holder of the treatment

The Data Controller carried out is the individual company Xtransfer di Stefano Forti (VAT number: 03882730231) with registered office in Riva del Garda (TN), Via Grez 64. Any requests for information and / or clarifications regarding the processing of data may be requested by sending an email to the following address: [email protected]

Data Protection Officer (DPO)

At any time, you can contact the Data Controller at the e-mail address: [email protected]

Treatments carried out and purposes

The processing will be carried out in an automated and / or manual form, in compliance with the provisions of art. 32 of the GDPR 2016/679 on security measures, by persons specifically appointed and in compliance with the provisions of art. 29 of the GDPR and in general by the EU Regulation 2016/679 and the principles of accoutability, privacy by design and privacy by default. We point out that, in compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 GDPR 2016/679, subject to your free and explicit consent, your personal data will be kept for the period of time necessary to achieve the purposes for which they are collected and processed. The data collected may be subject to cataloging, processing, comparison, interconnection, communication, dissemination, cancellation and destruction, in compliance with the provisions of the law.

The Stefano Forti company wishes to inform you that the personal data communicated to it will be processed for the obligations required by law, as well as for the following purposes: estimate and booking of transport services, customer management and customer satisfaction; supplier management; activity planning; internal control and quality management services, administrative / accounting requirements as well as for updating activities.

Legal basis of the processing

The processing of personal data is mandatory in order to fulfill the obligations required by law, for the execution of contractual services and legal obligations.

Provision of data

The provision of data is optional.

Data communication and scope of dissemination

The data may be disclosed to the following categories of subjects which Stefano Forti’s sole proprietorship Xtransfer uses for the performance of certain activities functional to the provision of its services and professional services: technical professionals; accountants for accounting / tax obligations; insurance companies; technical – IT service providers; postal couriers; hosting provider; communications and telecommunications agencies, law enforcement agencies for communications required by law.

The data may be transferred to certified cloud storage to a country within the European Union or to a third country for which the European Commission has assessed the adequacy of the level of protection.

Special categories of personal data

Pursuant to articles 9 and 10 of EU Regulation no. 2016/679, you could give Stefano Forti data that can be qualified as “particular categories of personal data”, that is, data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to the health or sexual life or sexual orientation of the person.

These categories of data may be processed by Stefano Forti only with your free and explicit consent, except in cases where it is not necessary, including those provided for by art. 9 of the EU Regulation no. 2016/679.

Retention time

The data will be kept for the time necessary to carry out the aforementioned purposes in compliance with the terms of the law, for the period corresponding to transport, fiscal, accounting, administrative needs and to document our activity and also to respond to your recovery needs. data.

Rights of the interested party

At any time, you can exercise, pursuant to articles 15 to 22 of EU Regulation no. 2016/679, where the conditions exist and within the limits of the law, the right to:


a) ask for confirmation of the existence or otherwise of their personal data;
b) obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the retention period;
<there “>

c) obtain the correction and deletion of data;
d) obtain the limitation of the processing;
e) obtain data portability, i.e. receive them from a data controller, in a structured format, commonly used and readable by an automatic device, and transmit them to another data controller without impediments, if technically feasible also in relation to the systems of automated treatments adopted by the owner;
f) oppose the processing at any time and also in the case of processing for direct marketing purposes;
<strong “> g) oppose an automated decision-making process relating to individuals, including profiling;
h) ask the data controller to access personal data and to correct or delete them or limit their processing or to oppose their processing, in addition to the right to data portability;
i) withdraw the consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the revocation.

These rights can be exercised by sending an e-mail to the Data Controller [email protected]

Complaint to the supervisory authority

The interested party has the right, where the conditions are met, to lodge a complaint with the Supervisory Authority in the event that their requests for information addressed to the Data Controller have not resulted in satisfactory answers.

The reference Authority is the Guarantor for the Protection of Personal Data:


In accordance with the Provision of the Guarantor for the protection of personal data in force since May 8, 2015 pursuant to Legislative Decree 196/2003 as well as EU Regulation 2016/679 (GDPR), we declare the following:

Cookies are lines of text used to perform automatic authentication, session tracking when a user connects for the first time to a website. They are sent from a server to a web client (generally a browser) used for navigation every time the same user accesses the same portion of the web domain with the same device.

It should be noted that cookies are divided into technical and profiling cookies:

1. Technical cookies.

Technical cookies are those used for the sole purpose of “carrying out the transmission of a communication over an electronic communications network, or as strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide this service “(see art. 122, paragraph 1, of Legislative Decree 196/2003).

They are not used for other purposes and are normally installed directly by the owner or manager of the website. They can be divided into navigation or session cookies, which guarantee the normal navigation and use of the website (allowing, for example, to make a purchase or authenticate to access restricted areas); analytics cookies, similar to technical cookies when used directly by the site manager to collect information, in aggregate form, on the number of users and how they visit the site; functionality cookies, which allow the user to navigate according to a series of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided.

The prior consent of users is not required for the installation of these cookies, while the obligation to provide the information remains valid.

2. Profiling cookies.

Profiling cookies are designed to create user profiles and are used in order to send advertising messages in line with the preferences expressed by the user while surfing the net. Due to the particular invasiveness that such devices may have in the private sphere of users, European and Italian legislation provides that the user must be adequately informed about their use and thus express their valid consent.

In this regard, the current legislation provides that the storage of information in the terminal equipment of a contractor or a user or access to information already stored are permitted only on condition that the contractor or user has given his consent after being been informed (Article 122, paragraph 1, of Legislative Decree 196/2003; Recitals 30, 64 and Articles 4 and 22 of EU Regulation 2016/679).

The site owned by the sole proprietorship Xtransfer di Stefano Forti uses this technical tool for the sole purpose of “transmitting a communication over an electronic communications network, or to the extent strictly necessary for the provider of a service from the company information explicitly requested by the contractor or by the user to provide this service “(see art. 122 paragraph 1 of Legislative Decree 196/2003). However, links to external sites (google maps) or any published content may involve the use of third-party cookies, including profiling.

Therefore the cookies used are the following:

technical and session cookies used for the correct navigation of the site for statistics relating to visits to our site, in completely anonymous mode.
third-party cookies for the possible provision of multimedia and social content (in this case, third-party cookies can also be profiling).

In any case, it is always possible to remove, disable or block cookies using the settings of the browser used for navigation (Chrome, Firefox, Explorer, Safari etc.).

For any clarification, it is possible to contact the Data Processing Manager Stefano Forti at the email [email protected]