Pursuant to Article 13 of Regulation (EU) No. 2016/679 of 27 April 2016 (hereinafter referred to as the “GDPR”) and Article 13 of Italian Legislative Decree No. 196 of 30 June 2003 (containing the “Personal Data Protection Code”, hereinafter referred to as the “Code”), we hereby inform you that your personal data, collected by ATCommunication, Via Montello 80, 31044 Montebelluna (TV), Italy, Tax Code TGNLSN74R22A757V, VAT No. 01009810258 (hereinafter referred to as the “Controller”), in its capacity as data controller pursuant to Article 24 of the GDPR, when you browse the website www.atcommunication.it (hereinafter referred to as the “Website”), will be processed in accordance with the following provisions.
-
- Purposes of the processing and legal basis
The personal data (hereinafter referred to as the “Data”) provided by the data subject will be processed for the following purposes:
- to provide the requested service (hereinafter referred to as the “Service”): for example, the provision of web interface-based services, user registration, the provision of information concerning individuals who have voluntarily registered in our Website’s database, and the provision of information concerning training activities;
- to comply with legal, accounting, tax, administrative and contractual obligations connected with the provision of the Services;
- subject to specific consent, to send commercial and/or promotional communications concerning products and services of interest to the data subject, as well as to conduct market research (“Direct Marketing”);
- subject to specific consent, to disclose the Data to companies belonging to the same corporate group as the Controller or to external companies providing data collection and processing services, which may process the Data to send commercial and/or promotional communications concerning the products and services of those companies, as well as to conduct market research (“Third-Party Marketing”).
The Data will be processed by employees and/or collaborators of the Controller who have been appointed as authorised persons and who operate within the marketing, sales and information systems departments. The Data may also be disclosed to third-party companies and companies belonging to the same corporate group, duly appointed as data processors, which provide services that are ancillary and instrumental to the Controller’s activities.
- Types of Data processed
- Browsing Data: this category of Data includes the IP addresses or domain names of the computers used by users who connect to the Website, the addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the response provided by the server (successful, error, etc.), and other parameters relating to the user’s operating system and IT environment.
- Data voluntarily provided by the user: the optional, explicit and voluntary sending of emails to the addresses indicated on this Website entails the subsequent acquisition of the sender’s email address, which is necessary to respond to the request, as well as any other Data entered in the form.
The Data is managed and stored on servers located within the European Union, owned and/or operated by the Controller and/or by third-party companies duly appointed as data processors. For the purposes referred to in Article 1, the Data may also be transferred to entities established in countries outside the European Union, provided that they ensure an adequate level of protection, such as, by way of example, registration on the Privacy Shield List in compliance with European Commission Implementing Decision (EU) 2016/1250 of 12 July 2016, known as the “Privacy Shield”. Information concerning third-party entities will be provided by the Controller upon request.
Data retention period
The Data concerning you, collected through our forms, will be retained for the time necessary to respond to your requests and to carry out the activities connected with the purposes of the processing.
Nature of the provision of Data and consequences of refusing to provide it
The provision of the Data necessary to carry out the processing activities listed under sub 1.(a) and sub (b) is optional, but it constitutes a necessary and essential condition for using the Services. Therefore, any refusal to provide the Data will make it impossible to provide the requested Services. Consent to processing for any additional purposes is optional.
Processing methods
The Data is processed for each of the purposes described above using paper-based, automated or electronic methods and, in particular, by ordinary mail or email, telephone communications (such as automated calls, SMS and MMS), fax and any other IT channel, including websites, mobile platforms and applications, suitable for ensuring security and confidentiality in accordance with the principle of data protection by default, namely through the application of measures designed to minimise the risk of Data disclosure.
Login credentials for the restricted area
If the User registers for the restricted area of the Portal, they will receive login credentials consisting of a personal ID and password. These credentials are strictly personal, and their disclosure or transfer to third parties is not permitted.
Categories of recipients of personal Data
The Controller may disclose the User’s Data to third parties whose services it uses to carry out activities that are instrumental or otherwise functional to the provision of the Services or to compliance with legal obligations, and which have been duly appointed as personal data processors. Such parties will be provided exclusively with the information necessary to perform the aforementioned activities and will be required to adopt all appropriate security measures to protect the Data in accordance with applicable legislation. Information concerning the data processors will be provided by the Controller upon request. The User’s Data may also be accessed by persons authorised by the Controller. In any event, the Data will not be disseminated or disclosed to third parties, except as provided above and within the limits specified above.
Rights of the data subject
The data subject is entitled to exercise the following rights:
- right of access: the right to obtain confirmation from the Controller as to whether or not the Data is being processed and, where that is the case, to access the Data;
- right to rectification and erasure: the right to obtain the rectification of inaccurate Data and/or the completion of incomplete Data, or the erasure of the Data where legitimate grounds exist;
- right to restriction of processing: the right to request the suspension or restriction of processing where legitimate grounds exist;
- right to data portability: the right to receive the Data in a structured, commonly used and machine-readable format, as well as the right to transmit the Data to another data controller;
- right to object: the right to object to the processing of the Data where legitimate grounds exist, including the processing of Data for marketing and profiling purposes, where applicable;
- right to lodge a complaint with the competent data protection authority in the event of unlawful processing of the Data.
To exercise the rights granted under the provisions referred to above, you may submit your request by email to the following address: info@atcommunication.it