Pursuant to articles 13 and 14 EU Reg. 679/2016 (in brief “GDPR”) in this section we describe the modalities for managing and processing of personal data collected from the user of the website www.amto.it (hereinafter “User”).
By using the website, the User gives his/her express consent to the processing and communication of his/her personal data for the purposes indicated below. This consent may be revoked by the User at any time, with immediate effect.
The data provision from the User is optional. Failing to provide requested data, however, will result in the impossibility to offer the requested service.
What data are processed
Personal data provided spontaneously
These are the data voluntary provided by the User when sending communications via e-mail to the addresses contained in the site or filing in the contact form. This is including any data contained in the documents submitted.
Personal data collected automatically
This is personal data gathered automatically when accessing the site.
By way of example, these personal data include the IP address used to access the Internet, information on computers and connection such as browser type and version, the operating system used, the domain name and the addresses of websites from which the User is accessing, information on the pages visited by users within the site, the access time, the length of stay on each webpage and the navigation analysis.
The personal data provided by the user will be stored at the owner’s premises on paper or electronic supports (e.g. encrypted hard disks or servers) stored within the European Union territory.
The Data Controller guarantees that the collection and processing of the personal data of the User are based on principles of correctness, lawfulness, transparency and confidentiality. The Data Controller undertakes to adopt appropriate security measures to prevent any illicit or incorrect use of the data provided and avoid any unauthorized access to such data.
Purpose of the processing
The personal data of the User are collected and processed by AM.TO Srl for the following purposes:
|Purpose of processing||Lawfulness of processing|
To provide information to deliver the service
To issue the service
|Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; (Art. 6 co. 1 point b GDPR)|
|Provide commercial and/or promotional information (e.g. newsletter)||Only if the user has given consent to the processing of his / her personal data for one or more specific purposes; (Art. 6 co. 1 point. a GDPR)|
Customize navigation, perform statistical analysis and process the information to improve browsing experiences.
Prevent fraud and abuse on the website.
Internal organization purposes (including tax and accountability)
|Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, (Art. 6 co. 1 point. f GDPR)|
|Comply with rules of law.||Processing is necessary for compliance with a legal obligation to which the controller is subject (Art. 6 co. 1 point. c GDPR)|
Period of data retain
The data are processed for the length of time that is necessary to execute the services requested and to achieve the purposes for which they were collected.
Normally the data collected are deleted as soon as the requested service has been provided or when the consent is revoked, unless a longer retention is required to fulfill contractual or legal obligations, to comply with the order of an authority or to protect a legitimate interest of the Data Controller.
Communication to third parties
The data may be communicated to the entities involved in the organization of the website and of the newsletter and to third party that, if required by the law, shall be appointed as Data Processors.
The list of Data Processors may be requested and will be provided by the Data Controller in compliance with current applicable law. The data are transferred exclusively to subjects located within the EU or in the US but certified under Privacy Shield.
The website www.amto.it uses the following plugins to improve the browsing experience and manage user requests:
It is a web analytics service provided by Google. Google uses anonymized IPs and therefore does not use the information collected to identify users. For details, see the Cookies Policy.
It is a web service allowing the user to share some webpages on social networks. Addthisuses anonymized IPs and therefore does not use the information collected to identify users. For details, see the Cookies Policy.
Right of the Users
According to articles from 15 to 22 and to art. 13 EU Reg. 679/2016, Users are entitled:
– to have access to their data;
– to obtain the cancellation or transformation into anonymous form of their data;- to exercise their right to withdraw consent;
– to oppose at any time the data processing in case it is not based on consent;
– to ask for the limitation of data processing, in case specific conditions are met;
– to obtain the portability of their personal data in case the processing is automated.
Users may obtain that any rectification or erasure of personal data is brought to the attention to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.
In case of violation it is possible to file a complaint to the privacy authority. To exercise their rights, the Users can directly contact the Data Controller who will process the request as soon as possible and, in any case, within a period of one month.
The data controller is AM.TO Srl – S.S. 35 dei Giovi n. 157, 20037 Paderno Dugnano, P.IVA 00885510966 – C.F. 08006000155
The Data Controller may be contacted by e-mail to the address email@example.com