1. 1. This section contains information regarding the management methods of Arpeca Spa with reference to the processing of data referred to users of www.arpeca.it.
2. This information is also valid for the purposes of art. 13 of Italian Legislative Decree no. 196/2003, Code for the protection of personal data, and for the purposes of art. 13 of EU Regulation no. 2016/679, concerning the protection of natural persons with regard to the processing of personal data and the free movement of such data, for those who interact with www.arpeca.it and can be found at the address corresponding to the home page: https://www.arpeca.it/privacy-policy-2/
3. The information only applies to www.arpeca.it and not to any other websites that may be consulted by the user through links contained therein.
4. The purpose of this document is to provide information on the methods, timing and nature of the information that data controllers must provide to users when they connect to the web pages of www.arpeca.it, regardless of the purpose of the connection itself, according to Italian and European legislation.
5. The information may be subject to change due to the introduction of new regulations in this regard, we therefore invite the user to check this page periodically.
6. If the user is under sixteen years of age, in accordance with art. 8, para. 1 of EU Regulation 2016/679, parents or guardians shall have to give their authorisation to legitimise his or her consent.
II – DATA PROCESSING
1. Data controller
1. The data controller is the natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data. S/he also takes care of security profiles.
2. With regard to this website, the data controller is Arpeca SpA, piazza S. Benedetto del Tronto, 13 – 55049 Viareggio, Italy. You may contact it at the following e-mail address, for any clarifications or to exercise the user’s rights: RPD@arpeca.it
2. Data processor
1. The data processor is the natural or legal person, public authority, service or other body which processes personal data on behalf of the data controller.
2. Pursuant to article 28 of EU Regulation no. 2016/679, upon appointment by the data controller, the data processor of the website www.arpeca.it is: Arpeca SpA
3. Place of data processing
1. The data generated by the use of www.arpeca.it are processed at Arpeca SpA at piazza S. Benedetto del Tronto, 13 – 55049 Viareggio, Italy
2. In case of need, the data connected to the newsletter service may be processed by the data processor or other entities appointed by him/her for this purpose at their relevant offices.
III – COOKIES
1. Type of cookies
2. A cookie consists of a small set of data transferred by a web server to the user’s browser and can only be read by the server that made the transfer. This is no executable code and does not transmit viruses.
3. Cookies do not record any personal information and no identifiable data will not be stored. If you wish, you can prevent some or all cookies from being saved. However, in this case the use of the web site and the services offered may be compromised. To proceed without changing the cookies options, simply continue browsing.
Below are the types of cookies used in this web site:
2. Technical cookies
1. There are several technologies used to store information on your computer, which is then collected by other sites. Among these, the one most well-known and used is HTML. They are used for navigation and to facilitate access and use of the site by the user. They are necessary for the transmission of communications over an electronic network or to the provider to provide the service requested by the customer.
2. The settings for managing or disabling COOKIES may vary depending on the internet browser in use. In any case, users can manage or request the general deactivation or deletion of cookies by changing the settings of their internet browser. Such deactivation may slow down or prevent access to certain parts of the web site.
3. The use of technical cookies allows the safe and efficient use of the web site.
4. COOKIES that are inserted in the browser and retransmitted through Google Analytics or through the statistics service of bloggers or similar services are considered technical only if used for site optimisation purposes directly by the owner of the web site itself, who can collect information in aggregate form concerning the number of users and how they visit the web site. Under these conditions, Analytics COOKIES are subject to the same rules on information and consent as technical cookies.
5. From the point of view of their duration, there are temporary session cookies that are automatically deleted at the end of the browsing session and are used to identify the user and thus avoid the login to each page visited and permanent cookies that remain active in the PC until expiry or deletion by the user.
6. Session cookies may be installed in order to allow access and stay in the reserved area of the portal as an authenticated user.
7. They are not stored permanently but only for the duration of the navigation until the browser is closed and disappear when the browser is closed. Their use is strictly limited to the transmission of session identifiers consisting of random numbers generated by the server, necessary to allow the safe and efficient navigation in the site.
3. Third-party cookies
1. In relation to their origin, there are cookies sent to the browser directly from the web site you are visiting and third-party cookies, sent to your computer by other sites and not by the one you are visiting.
2. Permanent cookies are often third-party cookies.
3. Most third-party cookies are tracking cookies used to identify online behaviour, understand interests and then customise advertising proposals for users accordingly.
4. Third-party analytical cookies may be installed. They are sent by third-party domains outside the web site.
5. Third party analytical cookies are used to collect information on users’ behaviour within www.arpeca.it. Data collection is carried out anonymously in order to monitor performance and improve the usability of the site. Third-party profiling cookies are used to create user profiles on www.arpeca.it, in order to propose advertising messages in line with the choices made by the users themselves.
6. The use of these cookies is governed by the rules laid down by the said third parties. Therefore, users are invited to read the privacy policies and the instructions for managing or disabling cookies published on the relevant web pages.
4. Profiling cookies
1. Profiling cookies are cookies that create profiles for the user and are used to send advertising messages in line with the preferences expressed by the user when surfing the web.
2. When using these types of COOKIES, the user must give his/her explicit consent.
3. Article 22 of EU Regulation 2016/679 and article 122 of the Italian Code for the protection of personal data will apply.
IV – PROCESSED DATA
1. Data processing methods
1. Like all web sites, this web site also makes use of log files in which information collected automatically during users’ visits is stored. The information collected could include the following:
Internet protocol (IP) address;
– Type of browser and parameters of the device used to connect to the web site;
– Name of the internet service provider (ISP);
– Date and time of visit;
– Web page of the visitor’s origin (referral) and exit;
– If necessary, the number of clicks.
2. The aforesaid information is processed in automated form and collected in an exclusively aggregated form in order to verify the correct functioning of the web site and for security reasons. This information will be processed based on the legitimate interests of the data controller.
3. For security purposes (spam filters, firewalls, virus detection) the automatically recorded data may also include personal data such as the IP address, which could be used, in accordance with the laws in force, to block attempts to damage the web site itself or to cause damage to other users or harmful or criminal activities. These data are never used for the identification or profiling of the user, but only for the protection of the web site and its users, this information will be used according to the legitimate interests of the data controller.
5. The information that users of the web site will consider to make public through the services and tools made available to them, is provided by the user knowingly and voluntarily, exempting this web site from any liability for any violation of the law. It is up to the user to verify that he or she has permission to enter personal data of third parties or content protected by national and international regulations.
2. Purpose of data processing
1. The data collected by the web site during its operation are used exclusively for the purposes indicated above and kept for the time strictly necessary to carry out the specified activities and, in any case, no longer than 2 years.
2. The data used for security purposes (blocking attempts to damage the site) are kept for the time strictly necessary to achieve the purpose previously indicated.
3. Data provided by the user
1. As indicated above, the optional, explicit and voluntary sending of electronic mail to the addresses indicated on this web site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.
2. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request.
4. Support in setting up your browser
1. You can also manage cookies through your browser settings. However, deleting cookies from your browser may remove the preferences you have set for the web site. For more information and support you can also visit the specific help page of the web browser you are using:
– Internet explorer
5. Social network plug-ins
2. The collection and use of information obtained through the plug-in are governed by the respective privacy policies of social networks, to which you should refer:
– Google +
V – USER RIGHTS
1. Art. 13 para. 2 of EU Regulation 2016/679 lists the rights of the user.
2. The rights of the user visiting this web site www.arpeca.it are as follows:
– the right of the data subject to ask the data controller for access to his/her personal data (art. 15 of EU Regulation), their updating (art. 7, para. 3, lett. a of Italian Legislative Decree 196/2003), their rectification (art. 16 of EU Regulation), their completion (art. 7, para. 3 letter a of Legislative Decree 196/2003), the limitation of the processing of data concerning him/her (art. 18 of EU Regulation) or to oppose, for legitimate reasons, their processing (art. 21 of EU Regulation), in addition to the right to data portability (art. 20 of EU Regulation);
– the right to deletion (art. 17 of EU Regulation), transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed (art. 7 para. 3, lett. b of the Italian Legislative Decree 196/2003);
– the right to obtain certification that the operations of updating, rectification, completion, deletion, blocking of data, transformation, have been notified, also as related to their contents, to those to whom the data were communicated or disclosed, unless this requirement proves impossible or involves a manifestly disproportionate effort compared to the protected right (art. 7 para. 3, lett. c of Italian Legislative Decree 196/2003).
3. Requests can be addressed to the data controller at the above-mentioned email address (without formalities) or using the form provided by the Italian Supervisory Authority for the protection of personal data.
4. Where the processing is based on article 6 paragraph 1 letter a – express consent to the use – or on article 9 paragraph 2 letter a – express consent to the use of genetic, biometric, health-related data revealing religious or philosophical beliefs or trade union membership, revealing racial or ethnic origin, political opinions – the user has the right to withdraw consent at any time, without prejudice to the lawfulness of the processing based on the consent given before the withdrawal.
5. Likewise, in case of violation of the law, the user has the right to lodge a complaint with the Supervisory authority for the protection of personal data, i.e. the authority responsible for monitoring the data processing in Italy.
6. For a more detailed examination of your rights, see art. 15 et seq. of the EU Regulation 2016/679 and art. 7 of the Italian Legislative Decree 196/2003.
VI – REQUIREMENTS
1. The data controller shall notify the Supervisory Authority of the processing of personal data to which it intends to proceed, only if the processing concerns:
– genetic, biometric data or data indicating the geographical location of persons or objects by means of an electronic communication network;
– data revealing health status and sex life, processed for the purposes of assisted reproduction, provision of health services by telematic means relating to databases or the supply of goods, epidemiological investigations, detection of mental, infectious and diffusive diseases, seropositivity, organ and tissue transplantation and monitoring of health expenditure;
– data suitable for revealing sexual life or the psychic sphere, processed by associations, bodies and non-profit organisations, even not recognised, of a political, philosophical, religious or trade union nature;
– data processed with the aid of electronic instruments aimed at defining the profile or personality of the data subject or at analysing consumer habits and choices or at monitoring the use of electronic communication services with the exclusion of processing that is technically indispensable for providing such services to users;
– sensitive data recorded in databases for the purposes of personnel recruitment on behalf of third parties as well as sensitive data used for opinion polls, market research and other sample surveys;
– data recorded in special databases managed with electronic instruments and relating to the risk of economic solvency, financial situation, correct fulfilment of obligations, illegal or fraudulent conduct.
VI – SECURITY OF DATA PROVIDED
1. This web site processes user data in a lawful and correct manner, taking appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of data. Processing is carried out by means of computer and/or telematic tools, with organisational methods and logics strictly related to the purposes indicated.
2. In addition to the data controller, in some cases, categories of persons involved in the organisation of the site (administrative, marketing, sales, legal staff, system administrators) or external parties (such as third-party technical service providers, postal carriers, hosting providers, computer companies, communication agencies) may have access to the data.
VIII – AMENDMENTS TO THIS DOCUMENT
1. This document is published at: https://www.arpeca.it/privacy-policy/
2. It may be subject to changes or updates. In the case of material changes and updates, these will be notified to users by means of appropriate notifications.
3. Previous versions of the document will, however, be available on this page.
4. The document was updated on 11/11/2019 to comply with the relevant regulatory provisions and in particular with EU Regulation 2016/679.