Last updated: May 15, 2026
1. Data controller
The controller for data collected through mpgcantieri.it, contact forms, demo requests and commercial communications is MPG di Giovannoni Mario, VAT 02730460462, email [email protected].
2. Controller and processor roles
For data collected directly through the website, MPG acts as controller. When a customer company uses the platform for its employees, sites, attendance, activities, reports, BOQs, cables, drums or GPS data, the customer generally acts as controller and MPG acts as processor according to the customer's instructions and a data processing agreement.
3. Data processed
- identification and contact data such as name, email, phone, company and role;
- company data, account credentials, user roles, permissions and access status;
- demo request details, selected plan, notes, preferred date and uploaded files;
- technical BOQs, site documents and operational software data;
- attendance, clock-in and GPS data when enabled by the customer company;
- technical data such as IP address, logs, browser/device information and technical cookies.
4. Purposes
Data is processed to reply to information or demo requests, configure demos, create and manage accounts, provide the software service, manage sites and reports, ensure security and maintenance, comply with legal obligations and send service or commercial communications where applicable.
5. Legal bases
Processing may be based on pre-contractual or contractual measures, legal obligations, legitimate interest in security and technical management, consent where required and customer instructions when MPG acts as processor.
6. Geolocation and GPS data
Some functions may use GPS position to verify presence within a site perimeter, support operational management and correctly associate activities and clock-ins to a site. These functions must be configured by the customer company according to applicable law and worker notices.
7. Retention
Data is retained for the time needed for the purposes for which it was collected. Contact and demo requests may be kept for up to 24 months unless a commercial relationship follows; contractual and tax data is kept for legal periods; operational data is kept according to the customer agreement.
8. Recipients and transfers
Data may be processed by authorized personnel and technical suppliers needed for hosting, email, backup, security, databases and platform services. Data is not sold. If suppliers outside the EEA are used, transfers are based on GDPR safeguards.
9. Security
MPG applies technical and organizational measures including access control, authentication, role permissions, reserved areas, uploaded file protection, backups and technical logs.
10. Data subject rights
Where provided by the GDPR, data subjects may request access, rectification, erasure, restriction, objection, portability and withdrawal of consent by writing to [email protected].
11. Complaints and updates
Data subjects may lodge a complaint with the competent supervisory authority. MPG may update this notice in case of legal, technical or organizational changes.