Privacy & Policy

Privacy & Policy

Regulation EU No. 679/2016 and Legislative Decree No. 101/2018

Privacy Statement

1. Introduction

This Privacy Statement describes how Duplomatic MS Spa undertakes to protect the security and privacy of any personal data or information collected. We conduct our business in accordance with applicable laws on privacy protection and data security.

Any questions you have regarding privacy issues involved in the collection, processing and storage of your personal data should be directed to the Data Controller:

Osaka Umeda Twin Towers South, 1-13-1 Umeda, Kita-ku, Osaka, Japan 530-0001

2. Information we collect through the website

When you visit the Duplomatic MS Spa website ( no specific data (e.g. name, company, address, phone, email address) is collected unless you voluntarily agree to provide it (e.g. by filling in a form on the site, registering on the site or via the newsletter, etc.). You may withdraw your consent at any time. You will be entitled to exercise the rights provided by Articles 15 to 21 and 77 of Regulation (EU) 2016/679, hereinafter “Regulation” or “GDPR” (access, rectification, erasure, restriction of processing, data portability, objection or complaint).

Details of your visits to our website may also be collected, including site traffic data, position data, weblogs and other communication data and the resources that you access.

We do not collect any particular data about you through our website. The particular data concerns personal information including racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic or biometric data or information regarding your health, mental well-being or sexual orientation.

3. Use of your information

By law, we may process your information only if we are able to demonstrate the legal reasons obliging us to do it.

Duplomatic MS Spa currently applies the following legal bases for the processing of your personal information for activities concerning the website:

  • explicit consent
  • legitimate interest, but only if that interest has precedence over your interests or your rights and fundamental freedoms
  • legal obligation.

We may use the personal information held about you in the following ways:

Activity or purpose of data processing

Types of data processed

What is our legal basis for doing it?

Registration as Customer or Partner

Contact details

Explicit consent

Legitimate interest

Maintain relationship with you

Contact details and interests

Explicit consent

Legitimate interest

Managing applications and requests received on the web

Contact details and interests

Explicit consent

Legitimate interest

Communication of updates (catalogues, events, ...) and commercial initiatives

Contact details and interests

Explicit consent

Legitimate interest

Website technical administration

Contact information and technical data (cookies)

Legal obligations

Legitimate interest

Sharing your data with third parties in order to give you a better service. Third parties may be both Duplomatic MS Group SpA companies and business work partners, resellers or distributors inside and outside the EU.

Contact details and interests

Explicit consent


We will retain your personal information only for as long as necessary, in line with the purposes for which it was originally requested or collected, or where we are required to do so for legal or reporting purposes.

We retain personal data for a length of time that depends on the type of data involved, the purpose of the processing, the sensitivity or confidentiality of the data and legal and commercial considerations, including any legal obligations that we have.

If you have any questions regarding retention periods or want more details on the purpose of processing or the particular reason or legal grounds, contact us via email at

4. Transfer and sharing of your data

We will not sell the personal information that we collect from you and we will use it only for the purposes specified in this privacy policy. We may share your personal information with the following entities:

  • Service providers who provide us with IT and administrative services as our IT support and backup provider and web hosting companies, and providers of marketing and social media services;
  • Regulatory authorities that require the reporting of our activities by law, such as tax authorities;
  • Group companies and business partners, but only for purposes consistent with this Privacy Statement;

All third parties with whom we share your information are required to protect your personal data and to process it confidentially and in accordance with the law.

5. IP address, technical cookies

We may collect information about your computer, including, where available, your IP address, operating system and browser type, for system administration. This is statistical data on the actions and browsing patterns of our users and is not aimed at the identification of any individual. Where we use third-party providers such as Google Analytics, these services may record third-party data such as geographical location, device, browser and operating system, but none of this information will be used to identify you.

We also use tracking technology – Google Analytics – to understand how website visitors interact with site content and with other communication and promotional activities aimed at increasing traffic to the website, such as email marketing, social media marketing and online advertising.

Below are the specifications of the Technical Cookies on the Duplomatic MS SpA website.






Technical cookie

browse closure

The PHPSESSID cookie is a PHP native cookie and allows websites to store session status data. On the website it is used to establish a user session and to communicate status data through a temporary cookie, commonly referred to as a session cookie. Since the PHPSESSID cookie does not have a time limit, it disappears when the client is closed.


Google Analytics with anonymised IP

2 years

Used for distinguishing users. 


Google Analytics with anonymised IP

24 hours

Used for distinguishing users.


Google Analytics with anonymised IP

1 minute

Used to limit the frequency of requests. If Google Analytics is used through Google Tag Manager, this cookie will become _dc_gtm_.

Google Fonts


Google Fonts is a service that allows characters (fonts) to be loaded to improve the look of the site through the use of style sheets. The service is managed by Google Inc. Use of the Google Font does not require identification. No cookies are sent by visitors of the website Google Fonts API.

Google Maps


The website includes a map provided by Google Maps. Google Maps is a map display service managed by Google Inc. and provides detailed geographical location information.



Our website pages show YouTube videos. The “Youtube-nocookie” syntax will be used to block YouTube cookies.


Social network cookies


The site displays buttons to “Share” news on LinkedIn


6. Marketing and commercial data

We provide information on the services and products that we can provide and their updates. We will send communications only if:

  • you have requested marketing/commercial information via the request forms available on the site;
  • you have previously purchased similar services/goods from us;
  • you have given your consent by ticking a box or agreeing to receive marketing/commercial communications from us.

Every time we send you commercial and marketing information, you will have the option to unsubscribe and request the erasure or rectification of your data. You have the right at any time to defend your interests by sending an email to

7. Security of personal data

We take information security very seriously. Your information and records will be securely stored to ensure the privacy of your personal information. We take all reasonable measures to ensure that security procedures are implemented to protect your personal information from unauthorised access or unauthorised disclosure and to protect against accidental loss or damage or unauthorised alteration.

The staff that processes your personal data is also duly trained in matters of compliance with personal data processing legislation.


8. Transfer of persona data outside the EU

  • Personal data may be transferred outside the EU provided that one of the following guarantees apply:
  • The transfer is allowed if the European Commission has decided that the third country, a territory or one or more specific sectors within that third country, or the international organisation in question ensures an adequate level of protection. In such a case, the transfer shall not require any specific authorisation (Article 45, para. 1 of the GDPR);
  • The transfer is subject to adequate safeguards in accordance with Article 46 of the GDPR (binding corporate rules, data protection clauses adopted by the European Commission, data protection clauses adopted by a Regulatory Authority and approved by the Commission, a code of conduct and a certification mechanism).


9. Access your personal data

You can make a request to access to your data at any time. Requests must be in writing and are not subject to any charges or commission.

We will meet your requests for access as soon as possible as provided by current legislation

If you believe the information we hold about you is incorrect or incomplete, please email us at

11. Requests and complaints

We would prefer to resolve any issues or concerns you might have with you directly. If you feel that you will not be able to resolve the issues by contacting us directly, you have the right to lodge a complaint to the national data protection authority at


12. Contacts

Questions, comments and requests regarding the Privacy Statement and the processing of your personal data should be directed to
Osaka Umeda Twin Towers South, 1-13-1 Umeda, Kita-ku, Osaka, Japan 530-0001


Privacy policy update

We update this document periodically. Last updated on: February 2023.