You have logged in on an account that is not able to order. Thus, you will not be able to place any order, nor check any price. Continue, Switch Account or Contact your Customer Service.
Please wait while processing...
Dear customer,
We are processing your request.
Please do not leave the session, this operation can take several minutes.
You will be informed when it is complete.
Thank you for your patience.

Logout
Thank you for your visit, see you soon on Lyreco
PRIVACY POLICY WHISTLEBLOWING
Pursuant to art. 13 of EU Regulation 2016/679 and Legislative Decree 24/2023, Lyreco Italia provides below the privacy policy relating to the processing of personal data carried out in relation to the management of whistleblowing reports, which come to the attention of the workplace.
LYRECO ITALIA S.r.l., with registered office at Via Giovanni Mayr 10, VAT No. 11582010150, subject to the management and coordination of the Sole Shareholder Lyreco SAS, a company incorporated under French law, with registered office at rue du 19 mars 1962, 59770 MARLY (France) (hereinafter, the "Company"), in its capacity as Data Controller, will ensure that all personal data collected through Whistleblowing reports, will be treated securely and used only as described in the following sections.
The Data Controller has appointed an internal team for the management of privacy issues that can be contacted at the following e-mail address: IT.privacy@lyreco.com
1. Scope
This Privacy Policy applies exclusively to Personal Data provided by whistleblowers through the reporting channels made available by the Company and collected by the latter as part of the management of reports.
For more information on the channels and methods of reporting, please refer to the following address: clicca qui>
The data subjects of the processing can be the whistleblower, the person reported, any facilitators and any other person involved or mentioned in the report.
2. What personal data do we collect and use?
Lyreco processes the following categories of Personal Data for the purpose of managing Whistleblowing reports:
Lyreco may also process special categories of data (e.g. data relating to religion, trade union membership, party membership, judicial data, etc.), which will be used only when necessary for the management of the report, in accordance with the applicable legislation.
3. What do we use this information for?
The data collected will be used to:
a) manage the reports received and each phase of the related process (e.g. receipt of the report, management of the investigation, feedback to the whistleblower, feedback to the competent authorities, etc.). In this case, the processing will be carried out to comply with a legal obligation;
b) to comply with obligations under Italian or EU legislation. In this case, the processing will be carried out to comply with a legal obligation;
c) defend themselves or ascertain their rights in civil, administrative or criminal litigation. In this case, the processing will be carried out for the legitimate interest of the Data Controller;
d) manage reports received that do not fall within the scope of applicable legislation, but which follow up on a procedure according to internal policies. In this case, the processing will be carried out for the legitimate interest of the Data Controller;
e) to comply with requests from authorities, in the event that such data is required in the judicial field;
f) your consent, if required under applicable law.
We will ensure that our collection and processing of personal data is always proportionate to your particular situation. Any unnecessary data will be deleted promptly.
4. Who do we share personal data with?
Access to and processing of Data is carried out exclusively by Lyreco's Whistleblowing Team responsible for managing reports and for the purposes described above and consisting of:
Lyreco does not share Personal Data with unauthorized third parties, except as necessary for its legitimate professional and business needs, to fulfill data subject requests, and/or as required or permitted by law. This includes:
5. How and where is Personal Data transferred?
Personal Data collected in the context of whistleblowing reports is mainly processed within the European Economic Area (EEA).
If, for needs strictly related to the management of the report, Personal Data should be transferred to countries located outside the EEA, such transfers will take place in full compliance with the provisions of Articles 44 et seq. of Regulation (EU) 2016/679 (GDPR).
In particular:
In any case, transfers of Personal Data to third countries are carried out only if strictly necessary, in compliance with the principles of minimisation, proportionality and confidentiality inherent in whistleblowing legislation.
Further information on transfers of Personal Data to third countries, as well as a copy of the guarantees applied, can be requested by contacting the Data Controller at the e-mail address: IT.privacy@lyreco.com.
6. How long do we keep Personal Data?
The reports and the related documentation are kept for the time necessary to process the report and, in any case, no longer than 5 years from the date of communication of the final outcome of the reporting procedure.
7. What are the rights of data subjects regarding the processing of Personal Data?
Lyreco grants data subjects the following rights with regard to the processing of Personal Data carried out by or on behalf of Lyreco by writing to the address IT.privacy@lyreco.com:
The exercise of rights may be limited or deferred if the exercise of the same may result in a concrete prejudice to the purposes of the reporting procedure or to the confidentiality of the persons involved.
Lyreco may request additional information to verify the identity of the applicant, if necessary.
8. Protection of the confidentiality of the whistleblower
The identity of the whistleblower and the persons involved and any information from which it can be inferred are processed in compliance with art. 12 of Legislative Decree 24/2023 and cannot be disclosed without the express consent of the whistleblower, except in the cases provided for by law.
9. How can you contact, ask questions and/or make complaints to Lyreco?
To exercise your rights, express a concern, raise a concern, lodge a complaint, or obtain further information about Lyreco's processing of your Personal Data, you may send an email to the following address: IT.privacy@lyreco.com.
Lyreco will endeavour to respond to your request within a period of one month to three months, depending on the complexity of the request and/or the number of requests received by us.
In the event of a dispute, it is possible to lodge a complaint with the local regulatory authority responsible for data privacy - Guarantor for the protection of personal data - Piazza Venezia n. 11 - 00187 ROME - Fax: (+39) 06.69677.3785 - Telephone: (+39) 06.696771 - E-mail: garante@gpdp.it - Certified mail: protocollo@pec.gpdp.it.
Updated on 27 April 2026