Privacy Policy

Information notice pursuant to Articles 13 and 14 of EU Regulation 2016/679 (GDPR).
Last updated: 7/14/2026

Data Controller

SDLABCOMO S.r.l.
Registered Office: Via Recchi 2, 22100 Como (CO)
Operating Headquarters: Via Pitagora 2, 22070 Casnate con Bernate (CO)
C.F. / P.IVA: 03298870134
Email: info@sdlabcomo.it
PEC: sdlabcomo@legalmail.it
Tel: 031 443 6990

Personal Data Processed

We process the data you voluntarily provide through the contact form (name, company, email, phone, message content) and the data you send us via email or phone for information requests, quotes, or laboratory services. We also process technical navigation data (IP address, server logs, browser) necessary for the operation and security of the site.

Purposes and Legal Basis

Data is processed to: (a) respond to your requests and handle received communications (Art. 6.1.b GDPR – pre-contractual measures); (b) manage the business relationship and provide the requested services (Art. 6.1.b GDPR); (c) comply with legal, accounting, and tax obligations (Art. 6.1.c GDPR); (d) ensure the security of the site (Art. 6.1.f GDPR – legitimate interest).

Method and Duration of Retention

Data is processed using electronic tools and stored for the time strictly necessary for the stated purposes. Specifically:
  • Contact form data: up to 24 months from the last contact.
  • Contractual and tax data: 10 years pursuant to Art. 2220 of the Italian Civil Code.
  • Technical logs: up to 12 months.

Data Recipients

Data may be disclosed to entities that perform activities functional to the provision of services (hosting providers, email services, management software), appointed as Data Processors pursuant to Art. 28 GDPR. Data is not disseminated or transferred to third parties for marketing purposes.

Third-Party Services

The site integrates Google Maps (Google Ireland Ltd.) to display the location map. The map is loaded only with prior consent via the cookie banner. Please also consult our Cookie Policy.

Data Transfer outside the EU

Some providers (e.g., Google) may also process data outside the European Economic Area. In such cases, the transfer is based on the Standard Contractual Clauses approved by the European Commission or other adequate safeguards pursuant to Articles 44 et seq. of the GDPR.

Rights of the Data Subject

You can exercise the rights provided by Articles 15-22 of the GDPR at any time: access, rectification, erasure, restriction of processing, portability, objection, and withdrawal of consent. You also have the right to lodge a complaint with the Data Protection Authority. To exercise your rights, please write to info@sdlabcomo.it.

Security

We adopt appropriate technical and organizational measures to protect personal data against unauthorized access, loss, destruction, or disclosure, pursuant to Art. 32 GDPR. The site uses an encrypted HTTPS connection.