Privacy policy

This page describes how the site is managed with regard to the processing of the personal data of users who consult it.

This information is also provided pursuant to Article 13 of European Regulation (EU) 2016/679 (hereinafter GDPR) to anyone accessing the pages of the website FNA from the address corresponding to the home page of the company’s official website, or from the addresses of the websites of the various corporate brands.

This information is provided only for the above-mentioned websites and not for any other websites that may be consulted by the user through links from them.

In the interests of transparency, the information notice for the collection of personal data online explains the methods, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.


Data controller

The Data Controller is FNA SPA, via Einaudi, 6, 10070 Robassomanero (TO), Tel. +39 011 9233000, email:


Processing purpose

The User Data is collected to allow the Owner to provide its services, as well as for the following purposes:

  • Website management
  • Process requests for information
  • To promote activities of the Controller’s services and products
  • Perform the obligations established by laws or regulations
  • Protection of the Data Controller in court


Legal basis

The legal bases for processing are the need to provide answers to the Data Subject’s requests, requesting consent to be contacted again, providing the Data Subject with the requested services, obligations under laws and regulations and the legitimate interest of the Data Controller.


Mandatory or optional nature of  data provision

Please be advised that, condisering the purposes of the data processing, data provision is mandatory. Failure, partial or incorrect provision could make impossible to finalise the contract.

In case of providing data by filling forms containing asterisks:

  • The communication of the data marked with an asterisk is necessary and failure to provide it will make impossible for the Data Controller to provide as requested or otherwise handle requests.
  • The communication of data without an asterisk is optional: failure to provide data will still make it possible to provide the information requested.


Data provided voluntarily by the user

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.


Recipients or groups of recipients

The personal data may be processed exclusively by the Controller or persons authorised by the latter.

The data in question may be transferred to the following groups of third parties:

Groups of persons to whom the data or parts thereof may be transferred

  1. Consultants, professionals and service providers, necessary for the purposes indicated, who process data as Data Processors, with whom was stipulated an Agreement pursuant to art. 28 GDPR.
  2. Banks and other data controllers, whose data processing is necessary for the purposes indicated.
  3. Public bodies and other public authorities, to whom the communication is required by law or by order of the Authorit

The data will not be circulated.


Lodging a complaint with the supervisory authority

The data subject is entitled to lodge a complaint with the Supervisory Authority (for Italy: Garante per la protezione dei dati personali


Right of the data subjects

It is possible at any time, to exercise the rights to access personal data, rectify or erase the latter, restrict processing, object thereto or to processing portability according to articles 15-20 of European Regulation 679/2016 by sending an e-mail to the following address:
The exercise of the rights of the interested party could be delayed, limited or excluded in the cases provided by art. 2-undecies Legislative Decree 196/03.


Existence of an automated decision-making process

Processing does not involve any automated decision-making process.


Transfer of data to a third country or an international organisation

The data controller will not transfer personal data to a third country or to an international organization except for those services / components of third-party “embedded” in the site, referred to in the paragraphs below with related policies on the subject.

Last update: 13/03/2024