Privacy statement

PRIVACY DISCLAIMER

(pursuant to European Regulation 679/2016, Articles 13/14)

Mr. ASTE ALESSANDRO as Legal Representative of the sole proprietorship ELOM DI ALESSANDRO ASTE, based in Turin (To) in Corso Quintino Sella 134, Cap 10132, VAT no. 11188260019 – Tax code STALSN86P04L219N, herein the Data Controller of personal data pursuant to EU regulation 679/2016 recognizes the importance of the protection of personal data and considers their protection one of the main objectives of its business.

Pursuant to Art. 13/14 of European Regulation 679/2016 concerning the protection and processing of personal data, as well as the free circulation of such data and which repeals Directive 95/46 / EC (regulation general data protection), we invite you to carefully read the following information as it contains important information on the protection of personal data and on the security measures adopted to guarantee confidentiality in full compliance with the applicable legislation.

On the basis of Art. 5 Principles applicable to the processing of personal data the data are processed in a lawful, correct and transparent manner towards the interested party (lawfulness, correctness and transparency); collected for specific, explicit and legitimate purposes, adequate, relevant and limited to what is necessary with respect to the purposes for which they are processed (data minimization).

PLACE OF DATA PROCESSING

The data processing takes place at the aforementioned office and at the identified third parties.

PURPOSE, LEGAL BASIS AND MANDATORY OR OPTIONAL NATURE OF THE PROCESSING

Personal data are collected and processed exclusively for the following purposes:

  1. carry out and fulfill the requested services, including finalizing product purchase orders, as well as managing the relationship with our Company or the one existing between you and the Company itself;
  2. for administrative purposes in any case connected with the fulfillment of the related contractual obligations, for the fulfillment of legal obligations such as those of an accounting, tax nature or to process requests from the judicial authority or by law to which it is subject the Data Controller;

The provision of data is mandatory for the purposes referred to in points 1.2 and any refusal to provide data, all or in part, could result in the failure or partial continuation of the relationship or any difficulties in fulfilling contractual and pre-contractual obligations. For other and different purposes than those expressed, it will be the responsibility of the Data Controller to give prior notice and, where necessary, request express consent.

METHOD AND DURATION OF THE TREATMENT

Personal data are processed with computerized and paper tools for the time strictly necessary to achieve the purposes for which they were collected. Specifically, personal data may be kept for the entire duration of the contractual relationship and until the expiry of the statutory limitation periods pursuant to the applicable regulations in force. The retention period differs depending on the purpose of the processing. There are no automated treatments other than those mentioned above and no type of profiling is carried out. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. The Company carries out a treatment based on the principle of Privacy by Design, which provides for a reduction to a minimum of the data processed, with particular attention to the selection and use of systems, services and products that can guarantee all the rights provided for by current legislation. principle of Privacy by Default, the Data Controller also adopts adequate technical and organizational measures to guarantee the processing, by default, of only the data necessary for each specific purpose.

SCOPE OF COMMUNICATION

The data being processed will be communicated, only and exclusively for the performance of the activities relating to the aforementioned purposes, to authorized third parties and / or employees, in particular

  • Subjects who provide services for the management of the computer system used by the data controller and of the communication networks and who take care of the maintenance of the technological part (including e-mail);
  • Subjects that provide hosting and data storage services, management and application systems;
  • Freelancers, firms or companies in the context of assistance and consultancy relationships concerning accounting obligations, personnel management, safety in the workplace;
  • Subjects who carry out operations of control, revision and certification of the activities carried out by the Data Controller;
  • Subjective companies that perform services, such as by way of example but not limited to, design, consultancy, development, coaching, activities and obligations of the Data Controller;
  • Competent authorities for the fulfillment of legal obligations and / or provisions of public bodies, at the request of the interested parties;

The subjects belonging to the aforementioned categories have presented sufficient guarantees to implement adequate technical and organizational measures and have been appointed as Data Processors with a formal and written deed, undertaking to process the data only on the documented instructions of the Data Controller. The list of managers is constantly updated and available on request at the headquarters of the Data Controller.

Any further communication will take place only with the explicit consent of the interested party.

The company ELOM di ALESSANDRO ASTE, as Data Controller, has provided to train the authorized personnel on the rules provided for by the current legislation on personal data. The data will not be disclosed.

EXTRA-EU DATA TRANSFER

There are no transfers of personal data to non-EU countries. In the event, the transfer of personal data to countries that do not belong to the European Union and that do not ensure adequate levels of protection will be carried out only after the conclusion between the Company and the third party recipient of the data of specific agreements, containing safeguard clauses and guarantees. appropriate for the protection of personal data.

RIGHTS OF THE INTERESTED PARTIES

At any time you can exercise your rights towards the data controller, pursuant to Chapter III Rights of the Data Subject of the European Regulation 679/2016, which for the sake of completeness of information we report in full here. You can at any time request more information from the Data Controller at info@alessandroaste.it or refer to the complete information available on the website www.alessandroaste.com

COOKIES The use of cookies is limited to session cookies only, which are not stored permanently on the user’s computer and disappear when the browser is closed.

COMPLAINTS

If you believe that the processing of your personal data has been carried out illegitimately, you can lodge a complaint with one of the competent supervisory authorities for compliance with the rules on the protection of personal data. In Italy, the complaint can be presented to the Guarantor for the Protection of Personal Data. More information on the submission methods are available on the Guarantor’s website, at http: // www. garanteprivacy.it

Important notes on data processing and Google Analytics

This site uses Google Analytics, a data analysis tool provided by Google Ireland Limited. If the data controller on this site resides in the European Economic Area or Switzerland, the processing of Google Analytics data is carried out by Google LLC. Google LLC and Google Ireland Limited, hereinafter referred to as “Google”.

Google Analytics uses so-called “Cookies”, text files that are saved on the visitor’s computer in order to analyze his behavior on this site. The information collected through cookies, including the IP address of the visitor to this site, is usually transmitted to Google’s servers and stored there. This site uses Google Analytics with the extension “_anonymizeIp ()”. This extension allows anonymization of the IP address by truncation and prevents the identification of the visitor. Normally the anonymization of the IP address takes place within the member states of the European Union or the states that have signed the agreement on the European Economic Area. Only in exceptional cases, the full IP address is transmitted to the Google server in the United States and, once there, shortened. The IP address transmitted by the browser as part of the activity carried out by Google Analytics is not crossed with other data collected by Google. On behalf of the person who manages the website, Google will use the information collected to evaluate the use of the site by visitors, to present reports on the actions carried out on the site and to provide the site operator with services related to the use of the site. web or the Internet (Article 6, paragraph 1, letter f GDPR). The legitimate interest in data processing lies in the optimization of the website, the analysis of the use that visitors make of it and the adaptation of the contents. Visitors’ right to privacy is adequately guaranteed through pseudonymisation. Google LLC has obtained certification of compliance with the Privacy Shield ( Privacy Shield ) and therefore guarantees compliance with the standards of protection of personal data. The data sent and associated with cookies, user identifiers (eg user IDs) or advertising identifiers are automatically deleted after 50 months. The deletion of data that has reached the expiration of the retention period takes place automatically once a month. Data collection by Google Analytics may face limitations if the site visitor changes the cookie settings. The detection and storage of the IP address can be revoked at any time without retroactive effect. The browser add-on (plugin) for deactivating Google Analytics can be downloaded, and then installed, by clicking on this link: https: / /tools.google.com/dlpage/gaoptout The visitor to the page can prevent the collection of data by Google Analytics by clicking here. An “opt-out” cookie will be applied to your site and will prevent the collection of data on visits to this site. Further information on data processing by Google, the options for configuring and deactivating the service can be found in Dichiarazione sulla privacy di Google e nelle Modalità di personalizzazione degli annunci pubblicitari su Google.

reCAPTCHA

In order to protect the data you enter via the forms on this site, we use the reCaptcha service of Google LLC (Google). This service verifies that you are a person to prevent some of the site’s functions from being (ab) used by spam robots (particularly in the comments section). Using this feature implies that your IP address and other data requested by Google are processed for the Google reCaptcha service. In any case, within the member states of the European Union and the European Economic Area, the IP address is truncated and made anonymous before being transmitted by Google. Only in exceptional cases is the full IP address sent to one of Google’s servers in the United States and truncated once received. Google then uses this information to verify on our behalf how you are using our site. The IP address provided by reCaptcha will not be aggregated with any other data held by Google. The collection of this data is subject to the data protection regulations of Google (Google Inc.). For more information on Google’s privacy policy visit: https://policies.google.com/privacy?hl=it Utilizzando il servizio reCaptcha autorizzi Google a processare i tuoi dati allo scopo e nella maniera di cui sopra.