Privacy Policy for the SCAI Group websites

In questa paginThis page describes how the SCAI Group websites are managed and how personal data belonging to users is processed. Pursuant to Article 13 of European Regulation No. 679/2016 (hereinafter referred to as the “GDPR”), this policy is provided to individuals who interact with SCAI Group web services, accessible online at or via the Group’s individual company websites. This policy only covers the SCAI Group websites and does not cover external websites that may be navigated to by users via links.

Il “Titolare” del trattamento e il Responsabile della protezioThe Data Controller and the Data Protection Officer (DPO)

Data relating to identified or identifiable persons may be processed following visits to this website. The Data Controller is SCAI SpA for the SCAI Group website, which has its registered office at 223 Corso Tazzoli, Turin, 10137.

The Data Controller for subsidiary website(s) is the company that owns the website(s) in question.

Data connected to web services on these websites are only processed by employees of the SCAI Group appointed to process data. No personal data deriving from said web services are disclosed. Personal data provided by users is collected for the sole purpose of providing requested services, and are only sent to third parties if necessary for this purpose.

The contact details of the Data Protection Officer (DPO) are:

Types of data processed
Web browsing data

The IT systems and software procedures used to run this website acquire various kinds of personal data during routine activities. The transmission of said data is implicit in the use of the Internet, which employs the TCP/IP protocol.

Said information is not collected with the intent of associating it with identified users. However, given its nature, visiting users could be identified through the processing of and/or association with data held by third parties.

This category includes the IP addresses or domain names of the computers used to connect to the website, the URI (Uniform Resource Identifier) addresses of the requested resources, request timestamps, the method(s) used to submit requests to the webserver, the size of the file(s) obtained in response, numerical codes indicating the web server’s response status (successful, error etc.), and other parameters pertaining to the user’s operating system, and IT environment. Such data is only used to compile anonymous statistics on website use and to verify its proper operation.

Please note that the aforementioned data could be used to establish liability in the case of computer crimes committed against the SCAI Group website or other websites connected to it. Data on web contacts are only stored for a few days in all other situations.

Dati forniti volontariamente dall’utente

La richiesta di invio di posta elettronica agli indirizzi indicati nell’apposita sezione del sito web, comporta la successiva acquisizione di alcuni dati personali del richiedente, compreso l’indirizzo e
– m

The request to send emails to the email addresses provided in the appropriate section of this website involves the subsequent acquisition of some personal user data, including

email addresses, which are needed to respond to requests.


The SCAI Group website uses “cookie” technology. For information on the cookies we use, their purposes of use, and our management methods, please refer to the Cookie Policy in the footer of the main web page.

Facoltatività dell’inserimento dei dati personali

Aside from the indications provided on navigation data, users are free to provide the personal data requested in the online request forms housed in the special “on request” services section of this website. Please note that a failure to provide personal data might make it impossible for requests to be fulfilled.

Data processing methods and security measures

I dati personali sono trattati con strumenti automatizzati e non, per il solo tempo strettamente necessario a conseguire gli scopi per cui Personal data are processed using automated and non-automated methods, and only for the time strictly necessary to fulfil the purposes for which they were collected. Specific security measures have been put in place o prevent data loss, the illicit or incorrect use of data, and unauthorised access.

Rights of interested parties

The individuals to whom personal data refer – potentially collected in the aforementioned specific sections – have the right to obtain confirmation of the existence or otherwise of said data at any time and to know its content and origin, verify its accuracy, and request it be added to, updated or corrected pursuant to Article 15 et seq. of the GDPR. Interested parties have the right to request the erasure of their data or their transformation into anonymous form, or to oppose their processing for legitimate reasons. Any requests should be sent to or SCAI SpA at 223, Corso Enrico Tazzoli, Turin, 10137, or to the registered office of the other SCAI Group companies, referring to the data collected by them.


Il Gruppo SCAI non utilizza consapevolmente il prThe SCAI Group does not knowingly use its website to request data from users under the age of eighteen.


We wish to inform you that European Regulation No. 679/16 (“GDPR”) protects persons and other individuals regarding the processing of personal data.

According to the aforementioned legislation, data processing carried out in relation to all relationships and services requested from SCAI SpA or its subsidiaries is based on the principles of fairness, lawfulness and transparency and the protection of your privacy and your rights.

Pursuant to Article 13 of the GDPR 2016/679, we hereby provide the following information:

  1. The data you provide will be processed within the limits and for the purposes specified in this privacy policy and, in particular:
    1. to fully execute contractual relationships and to fulfil obligations established by law, regulations and community legislation (tax legislation, etc…)
    2. to collect the information required for the correct management of intercompany relations
    3. to perform post-sales assistance activities, to verify customer satisfaction, and to perform market analysis and statistics operations using anonymised data
    4. To send information relating to events organised by SCAI SpA and its subsidiaries, in addition to future sales initiatives, and to market products, services and offers similar to the existing customer contract
  2. Personal data is processed using manual, IT and technology devices and using a logic that is strictly related to the purposes indicated above while guaranteeing data security and confidentiality in compliance with current regulations. Data is processed for the entire duration of the contractual relationship and subsequently thereto, in order to satisfy all legal requirements
  3. Without prejudice to the personal autonomy of interested parties, personal data is required to carry out the activities referred to in Letters A, B, and C of Point 1. If you fail to provide said data or object to its processing, you will not be able to sign any contractual agreements with SCAI SpA. The formalisation of contracts and/or job orders constitutes your consent to data processing for the aforementioned purposes. On the contrary, your failure to provide data or your refusal to its processing for the purposes referred to in Letter D of Point 1 will have no consequences on your existing legal relationships or those in the process of being established, not including the potential sending of documentation and sales communications
  4. Without prejudice to communications sent in compliance with legal or contractual obligations, all data collected or processed may also be disclosed to other SCAI Group subsidiaries, to auditing and consulting companies, and law firms
  5. The Data Controller is the SCAI Group subsidiary with which the contract and/or job order is signed, in the person of its legal representative
  6. You may exercise your rights at any time by making contact with the Data Controller, pursuant to Articles 15 et seq. of the GDPR


It should be noted that the data and email address you provide for contractual and sales relationships may be used to send marketing or advertising materials relating to the services requested in a manner that is consistent with the relationships established. If you do not wish to receive sales information, please opt-out by emailing



Pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 concerning the protection of individuals with regard to the processing of personal data (hereinafter the “GDPR”), the Data Controller informs its suppliers – including consultants (hereinafter referred to as “Supplier(s)”) – of the processing1 of the personal data provided to the Group.

Titolare del trattamento è la società del Gruppo SCAI titolare del rapporto contrattuale instaurato con il Fornitore, nella persona del The Data Controller is the SCAI Group subsidiary with whom the Supplier has established a contractual relationship, in the person of its pro tempore legal representative (hereinafter, the “Company”).

DPO contact details

The following Data Protection Officer has been appointed for the SCAI Group:

– Marco Zucchini, Enrico Tazzoli n. 223, 10137 – Turin – ITALY  

Email address:

Data categories and data sourceste dei dati

Purpose of data processing and legal bases

La base giuridica che legittima il trattamento da parte della Società dei Dati del legale rappresentante del Fornitore (persona giuridica) o del Fornitore (persona fisica) è l’esecuzione del contratto; la base giuridica che legittima il trattamento dei Dati dei dipendenti / consulenti del Fornitore, coinvolti nelle attività di cui al contratto, è il legittimo interesseThe legal basis for the processing by the Company of data belonging to the legal representative (legal person) or natural person is the execution of a contract. The legal basis for processing data belonging to employees/consultants involved in the activities referred to in the contract is the Company’s legitimate interest

1 Pursuant to Article 4, Paragraph 1 of the GDPR, “data processing” refers to any operation or set of operations carried out with or without the use of automated tools and applied to personal data or groups of personal data, such as gathering, recording, organising, structuring, storing, adapting or modifying, extracting, consulting, using, sending, distributing or any other form of making available, comparing or inter-connecting, limiting, cancelling or deleting data.

In this case, the legal basis for data processing is the need to fulfil a legal obligation to which the Company is subject.

  1. Data may also be processed by the Company and by SCAI SpA, where necessary, in the capacity of joint Data Controllers to assert and/or defend the Company’s rights in court. The legal basis for data processing in this instance is the legitimate interest of the Data Controller.
  1. Your data will also be processed by the Company and by SCAI SpA, where necessary, as Joint Controllers in order to manage the process of verifying supplier requirements with respect to company policies.

In the instances listed above, the legal basis for data processing is the Company’s legitimate interest (which is considered – with reference to the balancing of interests – to prevail over the rights and freedoms of the data subjects). The provision of data is mandatory for the achievement of the purposes listed above and a failure to provide them, either partially or incorrectly, may result in the Company making it impossible to establish or regularly conduct the contractual relationship in question.

Data storage period

Categories of recipients

Transfer of daa to non-EU Countries

DRights of data subjects

Interested parties have the right to oppose data processing for the pursuit of purposes based on the Company’s legitimate interest for reasons connected to their specific situation.


Notice regarding the processing of personal data pursuant to Articles 13 et seq. of EU Reg. No. 679/2016 (GDPR)

Pursuant to and for the purposes of Article 13 et seq. of EU Reg. 679/2016 (GDPR), your data has been entered into our database for the purpose of sending newsletters and will be processed in accordance with current regulations.

Pursuant to Article 13 of the GDPR Regulation on personal data, please note that the processing of personal data, for the aforementioned purposes, will take place at the registered office of the Data Controller for the specific Group subsidiary, using computerised tools and in the ways and within the limits necessary to pursue the aforementioned purposes.

Data will be processed lawfully, fairly and with the utmost confidentiality, in full compliance with the general principles referred to in Article 5 of the aforementioned GDPR and will be stored for the time required for the aforementioned purposes.

If you do not wish to receive further communications, you can write to As a result, all personal data pertaining to you that has been previously collected will be deleted.

Rights of Interested Parties Interested parties possess the rights referred to in Article 15 et seq. of the aforementioned regulation, and in particular, the right to request access to personal data and the correction or erasure of the same, or the limitation of the processing of personal data concerning them, as well as to oppose their processing, in addition to the right to data portability. You can exercise your rights as an interested party by writing to