Privacy policy

Information on the processing of personal data according to the provisions of articles 13 and 14 of EU Regulation 2016/679 addressed to Customers and Suppliers Isla Solutions Srl

Isla Solutions Srl in its capacity as Data Controller of your personal data, pursuant to and for the purposes of EU Regulation 2016/679 hereinafter 'GDPR', hereby informs you that the aforementioned legislation provides for the protection of interested parties with respect to processing of personal data and that such processing will be based on the principles of correctness, lawfulness, transparency and protection of your privacy and your rights.

Your personal data will be processed in accordance with the legislative provisions of the aforementioned legislation and the protection obligations set out therein.

Purpose of processing : in particular, your data will be processed for the following purposes related to the implementation of obligations relating to legislative or contractual obligations such as:

  • Pre-contractual agreements
  • Drafting, drafting and/or signing contract
  • Management of purchase and sales orders and post-purchase/sales assistance
  • Digital archiving

And more generally, your data will be processed for:

  • legal obligations related to civil, fiscal, accounting rules, community regulations and regulations, etc.;
  • obligations deriving from provisions given by authorities legitimized to do so by law and by supervisory bodies;
  • execution of contracts stipulated with you and related obligations;

The processing of functional data for the fulfillment of these obligations is necessary for the correct management of the relationship and their provision is mandatory to implement the purposes indicated above. The Data Controller also informs that any non-communication, or incorrect communication, of any of the mandatory information may make it impossible for the Data Controller to guarantee the adequacy of the processing itself.

Processing methods: your personal data may be processed in the following ways:

  • entrusting order processing and management operations to third parties;
  • treatment by means of electronic calculators
  • manual processing using paper archives

All processing takes place in compliance with the methods set out in the articles. 6 (Lawfulness of processing), 32 (Security of processing) of the GDPR and through the adoption of the appropriate security measures envisaged.

Communication : your data will be communicated exclusively to competent and duly appointed subjects for the performance of the services necessary for the correct management of the relationship, with a guarantee of protection of the rights of the interested party.

  • Your data will be processed only by authorized personnel and, in particular, by the following categories of employees
  • Administrative office;
  • Order management and after-sales office

Your data may be communicated to third parties, in particular to:

  • Consultants and freelancers, also in associated form;
  • Company suppliers;
  • Insurance companies;
  • Public bodies in compliance with legal obligations;

Dissemination : The personal data of customers and suppliers are not disclosed in any way.

Your personal data may also be transferred and stored, limited to the purposes indicated above, in the case of back-up storage of data on cloud services for example: One-Drive, GoogleDrive, Icloud. We have verified compliance with the highest levels of security currently usable on cloud services. The treatment is therefore adequate to European legislation.

Conservation Period: We inform you that, in compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 of the GDPR, the retention period of your personal data is expected to be 10 years in compliance with the provisions of the civil code art. 2220 and in the greatest terms that may be necessary to protect the rights of Isla Solutions Srl

Owner: the Data Controller, pursuant to the Law, is Isla Solutions Srl Corso Filippo Turati, 24 – Turin 10128; e-mail: in the person of its legal representative pro tempore.

You have the right to obtain from the owner the cancellation, limitation, updating, rectification, portability, opposition to the processing of personal data concerning you, and in general you can exercise all the rights provided for by the articles. 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR.

EU Reg. 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22 – Rights of the interested party

  • The interested party has the right to obtain confirmation of the existence or otherwise of personal data concerning him, even if not yet registered, and their communication in an intelligible form.
  • The interested party has the right to obtain the indication:
  1. the origin of the personal data;
  2. of the purposes and methods of processing;
  3. of the logic applied in case of processing carried out with the aid of electronic instruments;
  4. the identification details of the owner, managers and representative designated pursuant to article 5, paragraph 2;
  5. of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as designated representatives in the territory of the State, managers or agents.
  • The interested party has the right to obtain:
  1. updating, rectification or, when interested, integration of data;
  2. the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
  3. the certification that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment proves impossible or involves the use of means that are manifestly disproportionate to the protected right;
  4. data portability.
  • The interested party has the right to object, in whole or in part:
  1. for legitimate reasons to the processing of personal data concerning him, even if pertinent to the purpose of the collection;
  2. to the processing of personal data concerning him for the purposes of sending advertising material or direct sales or for carrying out market research or commercial communication.

You can exercise your rights towards the Data Controller at any time by contacting If you wish to lodge a complaint with the competent authority, you can contact the Guarantor for the protection of personal data, Piazza di Monte Citorio 121, 00186 Rome, email: .

For information and to deactivate profiling cookies provided by third parties go to the website

Isla Solutions SRL – Corso Filippo Turati, 24 – Turin 10128
VAT number: 12156050010