Privacy Policy

The Data Controller is 3M Consulting S.r.l., with registered office at Via Orzinuovi 129, 25125 Brescia (BS), Italy, VAT No. 04335750982, PEC: 3mconsulting1221@pecditta.com.

Through the contact form on this website, we collect the following personal data voluntarily provided by the user:

• First and Last Name
• Email address
• Phone number (optional)
• Message content

Personal data is processed exclusively for the following purposes:

• Responding to information and contact requests submitted by the user.
• Managing and following up on requests for advisory or professional services.
• Fulfilling legal, regulatory, or statutory obligations.

Data will never be used for direct marketing, profiling, or transferred to third parties without the explicit and separate consent of the data subject.

The processing of personal data is based on the explicit consent of the data subject (Art. 6(1)(a) GDPR), expressed by selecting the appropriate checkbox in the contact form, as well as on the performance of pre-contractual measures taken at the request of the data subject (Art. 6(1)(b) GDPR).

Personal data collected through the contact form is transmitted and managed via the Netlify, Inc. platform (based in the United States), which acts as Data Processor pursuant to Art. 28 GDPR. Data transfer to the United States is based on Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring an adequate level of protection.

Beyond the above, personal data will not be disclosed to third parties or disseminated, except where required by law.

Personal data will be retained for the time strictly necessary to fulfil the purposes for which it was collected and, in any event, no longer than 24 months from the date of collection, unless otherwise required by law.

Pursuant to Articles 15-22 of the GDPR, the data subject has the right to:

• Access their personal data and obtain a copy.
• Request rectification of inaccurate or incomplete data.
• Request erasure of data (right to be forgotten).
• Restrict the processing of data.
• Object to processing.
• Request data portability.
• Withdraw consent at any time, without affecting the lawfulness of processing based on consent given prior to withdrawal.
• Lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali).

To exercise these rights, the data subject may send a written communication to 3mconsulting1221@pecditta.com or to the registered office address.

The Data Controller implements appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with Art. 32 GDPR.