Privacy Policy

Information regarding the processing of personal data



In compliance to EU Regulation 2016/679, art. 13 (GDPR), we wish to describe how we handle personal data, which is always processed in compliance with the applicable regulations.



Data Controller and Data Protection Officer


The Data Controller is Sandalj Trading Company S.p.A., having its registered office in Trieste, Via Gioacchino Rossini 14, ph. +390406767911, fax +39040360636, email:, pec: The Data Controller can be contacted directly for any questions relating to this privacy policy.
A Data Protection Officer has not been appointed.



Type of processed data, procedures and disclosure scope


The data processed by Sandalj Trading Company S.p.A is exclusively that of individuals it has commercial relationships with, existing or potential. Examples of the type of data processed, are as follows: company name, name, surname, date of birth, address, VAT number, IBAN, commercial references, email addresses, telephone numbers, products ordered, and such. Special categories of personal data, as referred to in Article 9 of the European Regulation EU Privacy 2016/679, are not processed. The treatment of the data that is processed is limited to what is strictly necessary for the purposes described in this privacy policy to ensure that Sandalj Trading Company S.p.A can fulfill commercial services required and contractual agreements.



Data is processed on paper, computer and telephone, and with support of external software houses, and is protected by adequate security measures that guarantee confidentiality and integrity. There are organizational protection measures in place such as firewall, antivirus and other, to protect against loss, theft, and unauthorized disclosure or modification.
The data is retained for the time required to achieve the purposes of processing, and in compliance with applicable regulations. When the storage period expires, the data is deleted; it may also be deleted, with specific request, in which case Sandalj Trading Company S.p.A will be unable to give further course to contracts and any commercial relationship.



Customer and supplier data, such as identification and administrative company details, is required for execution and management of both purchase and sale contracts of goods and services. Data is processed for sending updated price lists, as well as managing financial and credit protection.
With prior consent (subject to withdrawal at any time), the data is processed for the promotion of Sandalj Trading Company S.p.A products and services, through advertising material, marketing communications, market research and sales activities on line, by paper mail, SMS, e-mail, telephone, social networks and other means of communication.



The data may be disclosed to:



• subjects for which there is an obligation pursuant to law;
• subjects delegated by Sandalj Trading Company S.p.A. to provide assistance with accounting, administrative, legal and financial matters, in accordance with the applicable legislation;
• subjects delegated to carry out any activity related to the goods or services purchased (ie. freight forwarders, port operators, conveyors, couriers, laboratories, technical offices, etc.);
• banks, credit and financial institutions that operate within the financial management of the company;
• subjects delegated by Sandalj Trading Company S.p.A, each for their own role (ie. employees, IT staff, etc.) in charge of commercial, technical, administrative, financial and accounting services.



Transfer of data


Data will not be sold or communicated to third parties. The servers that store this data are currently located within the European Union. The Data Processor, if necessary, has the right to move servers outside the EU, ensuring that the move will occur within the legal framework of applicable EU regulation.



Retention of data


The data collected is retained until revocation of consent, except when the data is subject to other processes. Contractual data is retained for the length of time prescribed by applicable regulations. The personal data required for the execution of contracts are retained for the duration period of the aforementioned contracts and for the duration prescribed by applicable fiscal regulations.





GDPR provides the possibility for the data subject to ask the Data Controller to:
• access personal data;
• correct and update data;
• cancel personal data (ie. oblivion) meeting conditions specified in art.17, paragraph 1 of GDPR and exceptions specified in paragraph 3 of the same article;
• limit its processing as per art.18, paragraph 1 of GDPR;
• exercise the right to data portability, if the legal basis is a contract or consent through an automatic format;
• oppose the processing of personal data in case of specific situations;
• withdraw consent at any time, when the legal basis is consent of processing special categories of personal data such as date of birth, birthplace, place of residence, and data that can disclose information on race, political opinions or religious beliefs, health status, etc.;
• lodge a complaint to a supervisory authority (Authority for the protection of personal data –



Consent to the use of cookies.



For our website to function properly we use cookies. To obtain your valid consent for the use and storage of cookies in the browser you use to access our website and to properly document this we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands. Website: referred to as CookieFirst.



When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.



CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is article 6(1)(c) of the General Data Protection Regulation (GDPR).



Data processing agreement



We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.



Server log files



Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:

• Your consent status or the withdrawal of consent

• Your anonymised IP address

• Information about your Browser

• Information about your Device

• The date and time you have visited our website

• The webpage url where you saved or updated your consent preferences

• The approximate location of the user that saved their consent preference

• A universally unique identifier (UUID) of the website visitor that clicked the cookie banner



Trieste, October 2022
Sandalj Trading Company