Home|Privacy policy – Customers and suppliers


Ponti has always considered privacy protection of the utmost importance when processing data provided by individuals or legal entities having business relations with the company, whether suppliers, employees or consumers. Namely, Ponti S.p.A. complies with the provisions set forth in European Regulation no. 2016/679 (“General Data Protection Regulation”, hereinafter, “GDPR” o “Regulation”) on personal data protection. The company adopts all the required measures concerning information systems and organizational procedures and aiming at the protection of third-party personal data, pursuant to the current applicable regulations. Please send us an e-mail to report any inconsistencies in company activities whereby personal data privacy is not ensured – we shall do our best to solve the issue.


Ponti S.p.A. (hereinafter,  “Ponti”) would hereby like to inform you that European Regulation no. 2016/679 (“General Data Protection Regulation”, hereinafter,  “GDPR” or “Regulation”) provides all individuals with the basic right to the protection of their personal data being processed. Therefore, pursuant to Articles 13 and 14 of GDPR, we would hereby like to inform you that:

Data Controller.

The Data Controller is Ponti S.p.A., whose registered office is at  7, Via Erasmo Ferrari,  Ghemme (NO). You can apply to the Data Controller to exercise all the rights provided for by Articles 15 to 22 of GDPR and hereinafter set forth by sending your request by e-mail to the Controller’s address,, or registered mail, return receipt requested, to:
PONTI S.p.A. – Via Erasmo Ferrari, 7 – 28074 GHEMME (NO), ITALY.

Purpose of data processing

The Customer/Supplier’s personal data can be processed for the following purposes:

  1. In order for Ponti to perform their company administration activities and fulfil all the applicable obligations arising from the law and/or imposed by public authorities;
  2. Providing pre- and after-sale services and general information on Ponti products and services and purchase network, as well as constant updates to Customers/Suppliers on our new service developments;
  3. Protecting and enforcing Ponti’s rights, including property rights, and operating with a view to our Website protection;
  4. In order for Ponti to ensure constantly improved and customer-oriented quality levels in the performance of their business activities, including through the collection of statistical information.

The data voluntarily provided by you by filling out e-forms on Ponti Website will be handled by Ponti  through electronic or automated systems in order to respond to your enquiries on Ponti products, advertising or the Website, according to your selections.

Providing the aforesaid personal data is optional but it is partly mandatory (when required data fields are marked with a star) in order for Ponti to meet your requests. Providing partial or incorrect personal data, or failure to provide data in the fields marked by a star, which are mandatory to perform the requested service, makes it impossible to respond to the query, whereas providing partial or incorrect personal data or failure to provide non-compulsory data in optional fields does not involve any consequences.

Please be reminded that personal data processing with a view to the provision of customized services is optional. For any queries thereon, any users of Websites managed by or on behalf of Ponti S.p.A. may exercise their rights through the procedures set forth in the sections below. Should you wish to receive further information on the collection and use of said data please refer to our Cookie Policy.

Personal data being processed

Due to technical and security reasons as well as for statistical purposes, any visitor’s use of the Website involves the collection and processing of several types of personal data referring to the user:

Browsing data 

During their ordinary course of operation, the IT systems and software procedures required to run our website acquire certain personal data, whose transfer is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified Data Subjects but, by its very nature, it might enable identification of the users through the processing and matching of data held by third parties. This data category includes IP addresses or domain names of computers used by the users who visit the site. Furthermore, information referring to Website registration and use, or inferable from user behaviour on website, may be collected by means of cookies or similar technology. For further information on the use of cookies please refer to our Cookie Policy.

Data Provided by the User

These personal data are requested when sending an enquiry or an application, during the registration procedure – when applicable, or to use our services. You will be requested to consent to personal data processing pursuant to GDPR.

The following personal data are requested:

  • Data to be entered to subscribe to our newsletter.
  • Data to be entered to access the reserved trade area: Username and Password.
  • Data referring to the page Trade – Work With Us ( Name, Surname, Date of Birth, Place of Birth, E-mail, Home Address, Town or City, Postcode, Province, Phone Number. Data included in the resume uploaded on the website.

Providing Ponti with the aforesaid data is optional and not mandatory by law. However, your refusal to provide said data will prevent us from providing the services offered via Ponti website.

Please be assured that the purpose of said processing is strictly linked to company activities and their use is restricted, avoiding any occurrences which might jeopardize personal dignity and propriety.

Data processing procedure.

Data handling involves filing records – whether in hard copy or electronic form – containing personal data and entering the said personal data in the relevant software forms.

Providing personal data.

Providing personal data is optional, but it is essential to fulfil contract obligations and comply with all the applicable laws and regulations.

Consequences of failure to provide personal data.

Failure to provide personal data may prevent or hinder the fulfilment of contract obligations.

Personal Data Retention

Data are collected in compliance with the provisions of the reference regulations, with special regard to the security measures provided for by GDPR (Art. 32), and processed  manually or with the aid of information or communication technologies, according to procedures strictly connected with the required purposes and adequate to ensure data security and confidentiality.

The data shall be retained at the relevant Ponti offices for as long as required for the  achievement of their processing purposes.

Scope of disclosure  

The data collected within the scope of the provision of services can be disclosed to the following entities:

  • Ponti Marketing Dept. staff who operate under the direct authority of the Data Controller and are appointed Data Processor pursuant to Art. 28 of the Regulation, thereby receiving appropriate operating instructions to that regard.
  • Companies providing support services strictly connected to the technical operation of our website services, such as hosting service suppliers, companies providing filing, administrative, payment and invoicing services, suppliers of technical components for the provision of certain operation function of our Website.
  • Entities and administration or judicial authorities for the fulfilment of the relevant legal obligations.

Your personal data may be transferred to non-EU countries to be processed by some of our service providers. In this case we shall ensure that the transfer fully complies with the applicable law provisions and the proper personal data protection level is guaranteed, based on our adequacy decisions or standard clauses as established by the European Commission.

Your personal data will never be assigned or sold to any third-party entities.

Rights of the Data Subjects

Please be reminded that, pursuant to Articles 15 to 22 of GDPR, data subjects shall be entitled to apply to the Data Controller to exercise the following rights:

  1. Receiving information on the existence of their personal data, their source, the purposes and procedures of their processing and, where present, obtaining access to their personal data;
  2. Obtaining the updating, amendment, integration, cancellation and restriction of the personal data being processed;
  3. Anonymization or blocking of unlawfully processed data, including the data whose retention is unnecessary for the purposes of the relevant collection and/or subsequent processing.
  4. On legitimate grounds,  to fully or partly oppose the processing of personal data concerning you, even though  applicable to the purpose of the collection and processing of personal data for  the  purpose of providing trade information or sending  advertising  material  or  direct  sale,  or  else  for  the  performance  of  market  surveys or  commercial communication. Each user is also entitled to revoke their consent at any time without prejudice to the lawfulness of personal data processing based on the consent given before its revocation.
  5. Receiving your personal data – knowingly and willingly provided or given by using the service – in a structured, commonly used format, readable from any electronic device, and transferring them to another Data Controller without hindrance.
  6. Putting forward a claim to the Italian Personal Data Protection Authority.

When using the services provided by Ponti, the Customer/Supplier shall fully release the Company from any liability concerning any objection, claim, request for indemnification for damages arising from the processing and the like, that Ponti might receive from any third-party data subjects whose personal data had been processed through their use of the services, in breach of the applicable personal data protection regulations. In any case, should you provide or else process third-party personal data in your use of our services, you shall henceforth ensure – and be fully liable therefor – that the special data processing case being concerned arises from an appropriate legal basis (such as the data subject’s consent) pursuant to Art. 6 of GDPR, which fully justifies the lawfulness of the relevant data processing.

This policy was updated on 30 July 2019 and may be amended and/or periodically updated due to the enforcement of  new regulations on the matter. Any updates will always be published on this page. Should the use of user data be significantly amended by the Data Controller, the latter shall inform users by publishing and highlighting said amendments in their website or through similar alternative media.

Please note that you should contact our address for any further enquiries or requests concerning your personal data and compliance with the privacy law.