Why this notice
The information is provided only for the arcatool.com Site (hereinafter also simply “Site”) and not for other websites that may be consulted by the user through links on the Site. The information is provided pursuant to and for the purposes of Art. 13 of EU Regulation 2016/679 (hereinafter “GDPR”) and is also inspired by Recommendation no. 2/2001 of 17 May 2001, by Opinion no. 04/2012 on Cookie Consent Exemption of 7 June 2012 and by the Working Document 02/2013 providing guidance on obtaining consent for cookies of 2 October 2013 that the European personal data protection authorities, gathered in the Group established pursuant to Article 29 of Directive no. 95/46/EC, have adopted to identify some minimum requirements for the collection of personal data online, and, in particular, the methods, times and nature of the information that the Data Controllers must provide to users when they connect to web pages, regardless of the purpose of the link.
Owner of the treatment
Following consultation of this Site, data relating to identified or identifiable natural persons (so-called interested parties) may be processed.
The data controller is
Viale Lino Zanussi, 3
Phone +39 0434 573354
Fax +39 0434 573361
Purpose and legal basis of the processing
Unless otherwise exercised through other pages of the Site and for which specific information is valid, the data collected through the Website as well as the personal data collected when selling products are processed for the following purposes and according to the following legal bases:
|To carry out the provision of services requested by users/customers and the fulfillment of requests for information.
||Fulfillment of a contractual or pre-contractual obligation (Article 6 Letter b GDPR).
||Contact requests, quotes, information, etc.
|Execute obligations arising from a contract of which the interested party is a party or to fulfill, before the conclusion of the contract, specific requests of the interested party (requests for quotes, sale and shipping).
||Fulfillment of a contractual or pre-contractual obligation (Article 6 Letter b GDPR).
||Sale of products, shipments and assistance.
|Fulfill related legal obligations.
||Fulfillment of a legal obligation to which the Data Controller is subject (Article 6 Letter b GDPR).
||Fulfillment of legal obligations related to the purposes described here.
|In order to satisfy the legitimate interest of the Data Controller to maintain a communication channel with those who are already Customers, the Data Controller may use the contact details to occasionally make communications on its products and on its business. At any time, the Customer can tell us if he no longer wishes to receive such communications (Article 130, Paragraph 4, Legislative Decree 196/2003).
||Legitimate interest of the Data Controller (Article 6 Letter f GDPR).
|Registration to the newsletter service to send information and updates on new ARCA S.r.l. products and services via e-mail. also published on the Site.
||Consent of the interested party (Article 6 Letter a GDPR).
||Registration to the ARCA S.r.l. newsletter
|Perform statistical analyzes (on an anonymous basis), in order to improve the offer of services.
||Legitimate interest of the Data Controller (Article 6 Letter f GDPR).
At any time you can ask the Data Controller for any clarification on the legal bases.
Provision of data
Apart from what is specified below for navigation data, the user is free to provide personal data contained in any information request form or registration form. Failure to provide them may make it impossible to obtain what is requested.
The data marked as mandatory in the forms on the Site are essential to process the request or to proceed with the service or provision requested from ARCA S.r.l.
The provision of data and the related consent to the processing is optional with regard to the sending of the newsletter. The consent given can be revoked at any time without affecting the lawfulness of the processing carried out previously.
Categories of recipients
As part of the pursuit of the purposes listed above, the data provided may be known by the Data Controller’s collaborators who are specifically authorized to process them as appointees. These subjects are bound to secrecy and confidentiality also on the basis of specific internal regulations. The data strictly necessary for accounting and financial operations may be disclosed to a trusted external professional on the basis of a legitimate interest. Where strictly necessary, the data may be communicated to couriers or forwarding agents (for sending goods), banking institutions (for payments), insurance companies (for the management of any insured risk) and in general to all those subjects to whom the communication of data is essential for the achievement of the aforementioned purposes.
Methods of processing
The treatment will take place with manual and electronic tools, also in an automated way. The data is not subjected to any automated decision-making process, including profiling.
The processing also concerns data relating to the performance of economic activities, processed in compliance with current legislation on business and industrial secrecy.
Should the processing also concern personal data falling within the category of particular data (Article 9 GDPR – so-called “sensitive data”, i.e. data suitable for revealing racial and ethnic origin, religious, philosophical or other beliefs , political opinions, membership of parties, trade unions, associations or organizations of religious, philosophical, political or trade union nature, as well as personal data suitable for revealing the state of health, life and sexual orientation) the treatment will be carried out within the limits indicated by the General Authorizations of the Guarantor and by the subsequent equivalent legal provisions, according to the procedures provided for by EU Regulation 2016/679 and for the purposes strictly necessary for the regular performance of the activity, of the operations relating to the supply of products/services and the fulfillment of contractual and/or legal/regulatory obligations.
Users are invited to avoid entering unnecessary special or judicial data (Articles 9-10 GDPR) as this could result in the destruction of the message and failure to fulfill what is requested.
The treatments connected to the web service of this Site are handled by the owner through internal collaborators and through the external consultancy company appointed as data processor.
The data are processed and stored for the time required for the purposes for which they were collected. Therefore:
- The personal data collected for purposes related to the execution of a contract or a pre-contractual request between the Owner and the User/Customer will be kept until the complete execution of this contract and also subsequently by law (eg 10 years for invoices) or to protect or assert or defend a right of the Owner.
- When the processing is based on the User’s consent, the Data Controller can keep the personal data longer, until such consent is revoked. Furthermore, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an Authority.
- The data processed by law are processed for the entire duration provided for by the legal regulations applicable to each individual processing.
- The data processed on the basis of a legitimate interest are subject to processing as long as the interested party does not justify his opposition (eg sending commercial communications to his customers – Art. 130 Paragraph 4 of Legislative Decree 196/2003) .
- At the end of the retention period, personal data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
Rights of interested parties
The interested parties (the natural persons to whom the personal data refer) have the right at any time to obtain from the Data Controller confirmation of the existence or not of data processing concerning them, to know its origin, to request access to personal data, to verify its accuracy or request its rectification, limitation, portability, to oppose the processing, not to be subjected to an automated decision-making process (Article 15-22 of EU Regulation 679/2016). It is the right of the interested party to lodge a complaint with a European Supervisory Authority (in Italy it is the Guarantor for the protection of personal data based in Rome) or to lodge a judicial appeal (Article 12 Paragraph 4 of the GDPR).
Requests should be sent to the address of the company headquarters, also by writing to email@example.com. It is necessary that the interested party provides useful information to ascertain his identity, otherwise the Data Controller may not be able to satisfy the interested party’s request (Article 12 Paragraph 2 GDPR).
Place of data processing
The treatments connected to the web service (“contacts”) of this Site take place at the aforementioned office and are handled by the owner and by the consultancy company appointed as data processor.
The Owner has decided to use this service on the basis that MailChimp adheres to the Privacy Shield. Between Europe and the United States there is an agreement called “Privacy Shield” which represents a self-certification mechanism that American companies can voluntarily adhere to, guaranteeing security measures adequate to European privacy standards.
In particular, the user may at any time and free of charge change his preference and request to stop receiving commercial and promotional communications, using the forms on the Site and in the individual messages sent or by contacting the data controller directly. Following this request, the user’s data will be deleted.
Types of data processed
Information Collected Automatically
The computer systems and software procedures used to operate this Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow to identify users, the computers used by users who connect to the Site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.
By visiting the Site, the following information is automatically collected:
- User hostname. The hostname or Internet Protocol address of the user requesting access to the Site.
- HTTP and HTTPS header, and the “user agent” string which includes: the type and version of browser used and the operating system with which the browser itself works.
- System date. The date and time of the user’s visit.
- Complete request. The exact request made by the user.
- Content length. The consistency, in bytes, of each document sent to the user.
- Method. The request mode used.
- Universal Resource Identifier (URI). The placement of resources on the server.
- The Request string of the URI, which is everything after the question mark in the URI.
- Type of device used to consult the Site.
- Protocol. The transmission protocol and the version used.
The information collected automatically by the Company, through access to the Website, is used in order to improve the quality of the service offered to users of the Site. This information is collected for the purpose of carrying out (anonymous) statistical surveys, to determine which data/contents are more or less useful/interesting for users and therefore be able to improve the effectiveness of the material available on the Site.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mail messages to the addresses indicated on this Site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.
Apart from what is specified for the information collected automatically, the user is free to provide personal data contained in the request forms. Some information (name and surname, company, telephone, e-mail, text of the message) are indicated as mandatory, as they are necessary to satisfy the requests expressed. Failure to provide them may make it impossible to obtain what requested.
For the direct collection of such data, the visitor will release his personal data and the relative consent to the processing in relation to the individual services and/or performances requested from the Company such as: registration on the Website or in restricted areas, request information, newsletter. The consent, where given, may be subsequently revoked at any time without prejudice to the lawfulness of the processing carried out previously.
What are cookies?
Cookies are small text strings that the sites visited by the user send to their terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit by the same user. While browsing a Site, the user can also receive cookies on his terminal that are sent from different sites or web servers (so-called “third parties”), on which some elements may reside (such as, for example, images, maps, sounds, specific links to pages of other domains) present on the Site that he is visiting. Cookies, usually present in users’ browsers in very large numbers and sometimes even with characteristics of wide temporal persistence, are used for different purposes: execution of computer authentication, session monitoring, storage of information on specific configurations concerning users who access the server, etc.
What are the main types of cookies?
In this regard, and for the purposes of provision no. 229/2014 of the Privacy Guarantor, two macro-categories are therefore identified: “technical” cookies and “profiling” cookies.
- Technical cookies. Technical cookies are those used for the sole purpose of “carrying out the transmission of a communication over an electronic communications network, or as strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide this service “. They are not used for other purposes and are normally installed directly by the owner or manager of the website. They can be divided into navigation or session cookies, which guarantee the normal navigation and use of the Website (allowing, for example, to make a purchase or authenticate to access restricted areas); analytics cookies, similar to technical cookies when used directly by the site manager to collect information, in aggregate form, on the number of users and how they visit the site; functionality cookies, which allow the user to browse according to a series of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided. The prior consent of users is not required for the installation of these cookies.
- Profiling cookies. Profiling cookies are designed to create user profiles and are used in order to send advertising messages in line with the preferences expressed by the user while surfing the net. Due to the particular invasiveness that such devices may have in the private sphere of users, European and Italian legislation provides that the user must be adequately informed about their use and thus express his valid consent. This site does not use profiling cookies.
Session and Persistent Cookies
Session Cookies, which contain information that is used in your current browser session. These cookies are automatically deleted when you close your browser. Nothing is stored on the visitor’s computer beyond the time of use of the Site.
First-party and third-party cookies
It is necessary to take into account the different subject that installs cookies on the user’s terminal, depending on whether it is the same manager of the site that the user is visiting (so-called “first part”) or a different site that installs cookies through the first (so-called “third parties”). First-party cookies are created and are readable by the site that created them. Third-party cookies, on the other hand, are created and readable by domains external to the Site and whose data are stored at the third party. This site uses first-party cookies of a technical nature, for which, as mentioned, consent is not required, but only this information.
For more information about this type of advertising based on user tastes, deriving from third-party cookies, you can visit the third-party sites at the links below. At the addresses www.youronlinechoices.com and www.aboutads.info/choices/ you will also find information on how behavioral advertising works and a lot of information on cookies as well as the steps to follow to protect your privacy on Internet.
Third party cookies
The Site also allows you to express your preferences through interaction with other applications (so-called “social”). For example, by clicking on the correspondent “key” (button) present in the pages of the Site, the user can access his YouTube, Twitter profile and express, share or report their preference regarding the content of the Site or the Company’s social pages. In this case, also for knowing the use that these applications make of your data, the information prepared by the company that owns the aforementioned application applies.
The owner does not guarantee that the links to the aforementioned policies are always functional, and this is due to any updates that do not depend on the owner, therefore the user is required to personally consult and verify the current text. The owner is not responsible for any malfunctions or conditions that do not allow consultation of the policies of the aforementioned applications.
The duration of cookies, therefore, ranges from a single session to two years from the visit of the page.
This type of service analyzes the traffic of this Site, potentially containing personal data of users, in order to filter it from parts of traffic, messages and contents recognized as SPAM.
To protect against SPAM on contact forms, the Site uses the third-party component Google reCaptcha by Google Inc.
Management of cookies in the configuration of the major browsers used
Manage cookies in Google Chrome
Manage cookies in Internet Explorer
Manage cookies in Mozilla Firefox
Manage cookies in Safari
Manage cookies in iOS
The following site is again indicated to analyze, more generally, and manage the own preferences in terms of “online behavioral advertising” www.youronlinechoices.com.