Market Value

PRIVACY POLICY

(Last updated on May 12, 2026 in accordance with Regulation (EU) 2016/679 – GDPR)

1 - INTRODUCTION

This page describes the privacy policy of Market Value with regard to the processing of personal data of users who interact with the website www.marketvalue.it. This information notice is provided pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”) and applies exclusively to this website, not to other websites that may be consulted via external links.

2 – TITOLARE DEL TRATTAMENTO DEI DATI

The Data Controller is Market Value di F. Giuttari, with registered office at Via Baragiola 19, 51016 Montecatini Terme (PT), Italy, VAT number IT04803440488, e‑mail info@marketvalue.it.

For any request regarding the processing of personal data or in order to exercise the rights granted by the GDPR, users may contact the Controller directly using the above contact details.

Data Protection Officer (DPO)

As of the date of this Privacy Policy, the Controller is not required to appoint a Data Protection Officer (DPO) pursuant to Article 37 GDPR and has therefore not made such appointment.

3 - TYPES OF DATA COLLECTD

The following categories of personal data may be collected by this website, either directly or through third parties: name, surname, e‑mail address, any additional data voluntarily entered in contact forms, usage data, browsing data, cookies and other tracking technologies.

Full details of each type of data collected are provided in the relevant sections of this Privacy Policy or by specific information notices displayed before the data are collected. Personal data may be freely provided by the user or, in the case of usage of data, collected automatically during the use of the website.

Unless otherwise specified, all data requested through the website forms and marked as mandatory are necessary to enable the Controller to provide the requested service or to respond to the user’s requests. Failure to provide such data may make it impossible to provide the requested service.

The possible use of cookies or other tracking tools by this website or by the owners of third‑party services used by this website is aimed at providing the service requested by the user, in addition to the other purposes described in this document and in the Cookie Policy.

Users are responsible for any third‑party personal data obtained, published or shared through this website and confirm that they have the third party’s consent to provide the data to the Controller, releasing the Controller from any liability towards third parties.

4 – MODALITÀ4 - METHODS, LEGAL BASIS AND PLACE OF PROCESSING

Methods of processing

The Controller adopts appropriate technical and organizational security measures to prevent unauthorized access, disclosure, alteration or destruction of personal data. Processing is carried out by means of IT and/or telematic tools, with organizational methods closely related to the purposes indicated in this Privacy Policy and in compliance with the principles of lawfulness, fairness, transparency, data minimization and storage limitation set out in the GDPR.

In addition to the Controller, in some cases, personal data may be accessed by external parties involved in the organization and technical operation of the website (such as IT service providers, hosting providers, administrative, tax or legal consultants, providers of communication and web analytics services), appointed, where necessary, as data processors pursuant to Article 28 GDPR.

Legal basis of processing

The Controller processes personal data relating to users where one of the following conditions applies:

  • the user has given consent for one or more specific purposes;
  • processing is necessary for the performance of pre‑contractual measures adopted at the user’s request or for the performance of a contract to which the user is party;
  • the processing is necessary to comply with a legal obligation to which the Data Controller is subject;
  • processing is necessary for the purposes of the legitimate interests pursued by the Controller, within the limits permitted by applicable law, for example for security needs, technical maintenance of the website and defence in legal proceedings.

Users may request the Controller clarify the specific legal basis that applies to each processing operation.

Place of processing

Data is processed at the Controller’s registered office and at the premises of the technical and organizational service providers involved in the operation of the website and related activities.

Where some personal data are transferred to entities located in countries outside the European Economic Area, such transfers will be carried out in accordance with Articles 44 et seq. GDPR, based on adequacy decisions, Standard Contractual Clauses or other instruments provided for by applicable data protection legislation.

5 - DETAILS ON THE PROCESSING OF PERSONAL DATA

Personal data may be processed for the purposes described below, in connection with the services actually used on the website.

Contacting the user. By filling in contact forms or sending e‑mails to the addresses indicated on the website, the user voluntarily provides their personal data in order to request information, commercial contacts, details about services or other communications. The data processed may include name, surname, e‑mail address, company, professional role, telephone number and the content of the message, where requested by the form or spontaneously provided by the user.

Mailing list or newsletter. If a mailing list or newsletter service is activated on the website, the user’s e‑mail address may be used to send information, updates or promotional communications relating to the Controller’s services, exclusively in cases permitted by law or based on the user’s consent.

Statistics and traffic analysis. The website may use tools for traffic and statistical analysis in order to monitor the use of its pages, collect aggregated data on user behaviour and improve website performance. Where non‑technical analytics tools are used, the related processing will also be governed by the Cookie Policy and, where required, will be subject to the user’s consent.

Hosting and backend infrastructure. This website is hosted on a managed WordPress infrastructure provided by Aruba S.p.A., which supplies the servers and technical services necessary for the operation of the site. In performing these activities, Aruba may process personal data (for example IP address, access logs and browsing data) as a data processor, under a data processing agreement pursuant to Article 28 GDPR and in compliance with applicable data protection law.

Optional services and third parties . Any additional services referred to in previous versions of the policy – such as payment processing, user registration and authentication, access to accounts on third‑party services, interaction with social networks, user database management, embedded content, live chat, remarketing, affiliation or advanced support – shall only apply if they are actually active on the website. Where such functionalities are not present, the related processing operations are not carried out.

6 - RETENTION PERIOD

Personal data are processed and stored for as long as required by the purposes for which they were collected, in accordance with the principles of storage limitation and data minimization.

In particular

  • data collected through contact forms or information requests are stored for the time necessary to handle the request and, as a rule, no longer than 24 months from the last contact, without prejudice to further storage required for legal protection;
  • data processed for contractual, administrative, tax and accounting purposes are retained for the duration of the relationship and thereafter for the period mandated by law, generally up to 10 years;
  • data processed for marketing purposes are retained until consent is withdrawn or, in any case, for a period consistent with the purpose pursued;
  • browsing data, technical logs and data collected through cookies are retained as specified in the Cookie Policy or for the time technically necessary for the operation and security of the website

Once the applicable retention periods have expired, personal data will be deleted or anonymized, unless further retention is required by law.

7 - PURPOSES OF PROCESSING

Users’ data are collected to allow the Controller to:

  • respond to requests submitted through contact forms, e‑mail or other channels available on the website;
  • provide information on its market research, marketing analysis and consulting services;
  • manage pre‑contractual and contractual relationships;
  • comply with legal, tax, administrative and accounting obligations;
  • ensure the technical operation of the website, system security and the prevention of unlawful use;
  • perform statistical and usage analysis of the website, within the limits permitted by applicable law and as specified in the Cookie Policy;
  • send, where permitted, informational or promotional communications relating to the Controller’s services.

Users may contact the Controller to obtain further details about the purposes of processing and the specific personal data used for each purpose.

8 – COOKIE POLICY

This website uses cookies and other tracking technologies. For detailed information on the categories of cookies used, their purposes, storage periods and how to manage consent, users are invited to consult the dedicated Cookie Policy, which forms an integral part of this Privacy Policy.

9 – LINKS TO SOCIAL NETWORKS AND EXTERNAL WEBSITES

This website may include links to pages or profiles of the Controller on social networks or external platforms (for example LinkedIn). By clicking on such links, the user is redirected to the relevant social network’s website or app, where personal data are processed by the service provider as an independent controller, in accordance with its own privacy policy and the user’s account settings. This website does not implement social login features and does not request access permissions to users’ social network profiles. Any interaction with content published on Market Value’s social pages takes place directly on the external platforms and is governed by their respective privacy policies.

10 - USERS' RIGHTS

Users may exercise, where applicable, the rights granted by Articles 15–22 GDPR. In particular, they have the right to obtain access to their personal data, rectification of inaccurate data, erasure, restriction of processing, data portability in the applicable cases, objection to processing based on legitimate interests and withdrawal of consent where processing is based on consent.

The Controller does not sell or transfer users’ personal data to third parties for purposes other than those described in this Privacy Policy.

11 - EXERCISE OF RIGHTS BY USERS

To exercise their rights, users may send a request to the Controller using the contact details provided in this Privacy Policy. Requests are handled free of charge and the Controller will provide information on action taken within the timeframes set out in the GDPR, generally within one month, save for cases of particular complexity.

In particular, the user has the right to:

  • lodge a complaint with the competent Supervisory Authority or bring legal proceedings before the competent courts;
  • withdraw consent at any time, where processing is based on consent;
  • object to the processing of personal data in the cases provided for by Article 21 GDPR;
  • access their personal data and obtain information on the processing;
  • verify the accuracy of the data and request their update or rectification;
  • obtain erasure of personal data when the relevant conditions are met;
  • obtain restriction of processing in the cases provided by law;
  • receive the data in a structured, commonly used and machine‑readable format and, where technically feasible, have them transmitted to another controller in the cases provided for by the GDPR.

12 - DETAILS OF THE RIGHT TO OBJECT

Where personal data are processed for the purposes of the legitimate interests pursued by the Controller, users have the right to object to such processing on grounds relating to their particular situation.

Where personal data are processed for direct marketing purposes, users may object at any time to such processing, without providing any reasons.

13 - FURTHER INFORMATION ON PROCESSING

Legal defence. The user’s personal data may be used by the Controller in legal proceedings or in the preparatory stages for their possible establishment for the defence against misuse of this website or related services.

Specific information notices. Upon request, in addition to the information contained in this Privacy Policy, the Controller may provide users with additional and context‑specific information regarding particular services or specific processing operations.

System logs and maintenance. For operation and maintenance purposes, this website and any third‑party services may collect system logs, i.e. files that record interactions and may also contain personal data, such as the user’s IP address.

Information not contained in this policy. Further information relating to the processing of personal data may be requested at any time from the Controller using the contact details provided in this document.

“Do Not Track” requests. This website may not support “Do Not Track” requests. To determine whether any third‑party services used support “Do Not Track” requests, users are invited to consult the respective privacy policies.

Changes to this Privacy Policy. This Privacy Policy has been drawn up on the basis of Articles 13 and 14 of Regulation (EU) 2016/679. The Controller reserves the right to modify or update this document at any time, including as a result of changes in applicable law or in the processing activities carried out through the website.

Users are invited to consult this page periodically, checking the date of the latest update indicated at the beginning of this document.