Privacy and cookie policy
Why this notice
The information is provided only for the arcatool.com Site (hereinafter also simply “Site”) and not for other websites that may be consulted by the user through links on the Site. The information is provided pursuant to and for the purposes of Art. 13 of EU Regulation 2016/679 (hereinafter “GDPR”) and is also inspired by Recommendation no. 2/2001 of 17 May 2001, by Opinion no. 04/2012 on Cookie Consent Exemption of 7 June 2012 and by the Working Document 02/2013 providing guidance on obtaining consent for cookies of 2 October 2013 that the European personal data protection authorities, gathered in the Group established pursuant to Article 29 of Directive no. 95/46/EC, have adopted to identify some minimum requirements for the collection of personal data online, and, in particular, the methods, times and nature of the information that the Data Controllers must provide to users when they connect to web pages, regardless of the purpose of the link.
Owner of the treatment
Following consultation of this Site, data relating to identified or identifiable natural persons (so-called interested parties) may be processed.
The data controller is
ARCA S.r.l.
Viale Lino Zanussi, 3
33170 Pordenone
Phone +39 0434 573354
Fax +39 0434 573361
info@arcatool.it
Purpose and legal basis of the processing
Unless otherwise exercised through other pages of the Site and for which specific information is valid, the data collected through the Website as well as the personal data collected when selling products are processed for the following purposes and according to the following legal bases:
| PURPOSE | LEGAL BASIS | CONTEXT |
|---|---|---|
| To carry out the provision of services requested by users/customers and the fulfillment of requests for information. | Fulfillment of a contractual or pre-contractual obligation (Article 6 Letter b GDPR). | Contact requests, quotes, information, etc. |
| Execute obligations arising from a contract of which the interested party is a party or to fulfill, before the conclusion of the contract, specific requests of the interested party (requests for quotes, sale and shipping). | Fulfillment of a contractual or pre-contractual obligation (Article 6 Letter b GDPR). | Sale of products, shipments and assistance. |
| Fulfill related legal obligations. | Fulfillment of a legal obligation to which the Data Controller is subject (Article 6 Letter b GDPR). | Fulfillment of legal obligations related to the purposes described here. |
| In order to satisfy the legitimate interest of the Data Controller to maintain a communication channel with those who are already Customers, the Data Controller may use the contact details to occasionally make communications on its products and on its business. At any time, the Customer can tell us if he no longer wishes to receive such communications (Article 130, Paragraph 4, Legislative Decree 196/2003). | Legitimate interest of the Data Controller (Article 6 Letter f GDPR). | |
| Registration to the newsletter service to send information and updates on new ARCA S.r.l. products and services via e-mail. also published on the Site. | Consent of the interested party (Article 6 Letter a GDPR). | Registration to the ARCA S.r.l. newsletter |
| Perform statistical analyzes (on an anonymous basis), in order to improve the offer of services. | Legitimate interest of the Data Controller (Article 6 Letter f GDPR). | Website management. |
At any time you can ask the Data Controller for any clarification on the legal bases.
Provision of data
Apart from what is specified below for navigation data, the user is free to provide personal data contained in any information request form or registration form. Failure to provide them may make it impossible to obtain what is requested.
The data marked as mandatory in the forms on the Site are essential to process the request or to proceed with the service or provision requested from ARCA S.r.l.
The provision of data and the related consent to the processing is optional with regard to the sending of the newsletter. The consent given can be revoked at any time without affecting the lawfulness of the processing carried out previously.
Categories of recipients
As part of the pursuit of the purposes listed above, the data provided may be known by the Data Controller’s collaborators who are specifically authorized to process them as appointees. These subjects are bound to secrecy and confidentiality also on the basis of specific internal regulations. The data strictly necessary for accounting and financial operations may be disclosed to a trusted external professional on the basis of a legitimate interest. Where strictly necessary, the data may be communicated to couriers or forwarding agents (for sending goods), banking institutions (for payments), insurance companies (for the management of any insured risk) and in general to all those subjects to whom the communication of data is essential for the achievement of the aforementioned purposes.
Methods of processing
The treatment will take place with manual and electronic tools, also in an automated way. The data is not subjected to any automated decision-making process, including profiling.
The processing also concerns data relating to the performance of economic activities, processed in compliance with current legislation on business and industrial secrecy.
Should the processing also concern personal data falling within the category of particular data (Article 9 GDPR – so-called “sensitive data”, i.e. data suitable for revealing racial and ethnic origin, religious, philosophical or other beliefs , political opinions, membership of parties, trade unions, associations or organizations of religious, philosophical, political or trade union nature, as well as personal data suitable for revealing the state of health, life and sexual orientation) the treatment will be carried out within the limits indicated by the General Authorizations of the Guarantor and by the subsequent equivalent legal provisions, according to the procedures provided for by EU Regulation 2016/679 and for the purposes strictly necessary for the regular performance of the activity, of the operations relating to the supply of products/services and the fulfillment of contractual and/or legal/regulatory obligations.
Users are invited to avoid entering unnecessary special or judicial data (Articles 9-10 GDPR) as this could result in the destruction of the message and failure to fulfill what is requested.
The treatments connected to the web service of this Site are handled by the owner through internal collaborators and through the external consultancy company appointed as data processor.
Retention period
The data are processed and stored for the time required for the purposes for which they were collected. Therefore:
- The personal data collected for purposes related to the execution of a contract or a pre-contractual request between the Owner and the User/Customer will be kept until the complete execution of this contract and also subsequently by law (eg 10 years for invoices) or to protect or assert or defend a right of the Owner.
- When the processing is based on the User’s consent, the Data Controller can keep the personal data longer, until such consent is revoked. Furthermore, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an Authority.
- The data processed by law are processed for the entire duration provided for by the legal regulations applicable to each individual processing.
- The data processed on the basis of a legitimate interest are subject to processing as long as the interested party does not justify his opposition (eg sending commercial communications to his customers – Art. 130 Paragraph 4 of Legislative Decree 196/2003) .
- At the end of the retention period, personal data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
Rights of interested parties
The interested parties (the natural persons to whom the personal data refer) have the right at any time to obtain from the Data Controller confirmation of the existence or not of data processing concerning them, to know its origin, to request access to personal data, to verify its accuracy or request its rectification, limitation, portability, to oppose the processing, not to be subjected to an automated decision-making process (Article 15-22 of EU Regulation 679/2016). It is the right of the interested party to lodge a complaint with a European Supervisory Authority (in Italy it is the Guarantor for the protection of personal data based in Rome) or to lodge a judicial appeal (Article 12 Paragraph 4 of the GDPR).
Requests should be sent to the address of the company headquarters, also by writing to info@arcatool.it. It is necessary that the interested party provides useful information to ascertain his identity, otherwise the Data Controller may not be able to satisfy the interested party’s request (Article 12 Paragraph 2 GDPR).
Place of data processing
The treatments connected to the web service (“contacts”) of this Site take place at the aforementioned office and are handled by the owner and by the consultancy company appointed as data processor.
To send commercial and promotional communications to those who are already Customers (on the basis of a legitimate interest) or to those who have expressly consented (for the purpose of sending newsletters or communications for marketing purposes), the Data Controller uses the service offered by MailChimp (based in Atlanta, Georgia, USA). The collected data is stored on MailChimp’s secure servers. Pursuant to the MailChimp Privacy policy, user data will never be used by MailChimp for purposes unrelated to the sending of communications (e.g. they will not be sold to third parties, nor will MailChimp directly contact the recipients of the Controller’s communications). MailChimp uses appropriately authorized operators to maintain the service and in the exercise of these tasks they may have access to user data. In any case, the guarantees provided by the MailChimp privacy policy apply. When the owner sends the emails, the data is retrieved using the tools made available by MailChimp and through them communications will be sent to users.
The Owner has decided to use this service on the basis that MailChimp adheres to the Privacy Shield. Between Europe and the United States there is an agreement called “Privacy Shield” which represents a self-certification mechanism that American companies can voluntarily adhere to, guaranteeing security measures adequate to European privacy standards.
In particular, the user may at any time and free of charge change his preference and request to stop receiving commercial and promotional communications, using the forms on the Site and in the individual messages sent or by contacting the data controller directly. Following this request, the user’s data will be deleted.
Types of data processed
Information Collected Automatically
The computer systems and software procedures used to operate this Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow to identify users, the computers used by users who connect to the Site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.
By visiting the Site, the following information is automatically collected:
- User hostname. The hostname or Internet Protocol address of the user requesting access to the Site.
- HTTP and HTTPS header, and the “user agent” string which includes: the type and version of browser used and the operating system with which the browser itself works.
- System date. The date and time of the user’s visit.
- Complete request. The exact request made by the user.
- Content length. The consistency, in bytes, of each document sent to the user.
- Method. The request mode used.
- Universal Resource Identifier (URI). The placement of resources on the server.
- The Request string of the URI, which is everything after the question mark in the URI.
- Type of device used to consult the Site.
- Protocol. The transmission protocol and the version used.
The information collected automatically by the Company, through access to the Website, is used in order to improve the quality of the service offered to users of the Site. This information is collected for the purpose of carrying out (anonymous) statistical surveys, to determine which data/contents are more or less useful/interesting for users and therefore be able to improve the effectiveness of the material available on the Site.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mail messages to the addresses indicated on this Site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.
Apart from what is specified for the information collected automatically, the user is free to provide personal data contained in the request forms. Some information (name and surname, company, telephone, e-mail, text of the message) are indicated as mandatory, as they are necessary to satisfy the requests expressed. Failure to provide them may make it impossible to obtain what requested.
For the direct collection of such data, the visitor will release his personal data and the relative consent to the processing in relation to the individual services and/or performances requested from the Company such as: registration on the Website or in restricted areas, request information, newsletter. The consent, where given, may be subsequently revoked at any time without prejudice to the lawfulness of the processing carried out previously.
Cookies
What are cookies?
Cookies are small text strings that the sites visited by the user send to their terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit by the same user. While browsing a Site, the user can also receive cookies on his terminal that are sent from different sites or web servers (so-called “third parties”), on which some elements may reside (such as, for example, images, maps, sounds, specific links to pages of other domains) present on the Site that he is visiting. Cookies, usually present in users’ browsers in very large numbers and sometimes even with characteristics of wide temporal persistence, are used for different purposes: execution of computer authentication, session monitoring, storage of information on specific configurations concerning users who access the server, etc.
What are the main types of cookies?
In this regard, and for the purposes of provision no. 229/2014 of the Privacy Guarantor, two macro-categories are therefore identified: “technical” cookies and “profiling” cookies.
- Technical cookies. Technical cookies are those used for the sole purpose of “carrying out the transmission of a communication over an electronic communications network, or as strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide this service “. They are not used for other purposes and are normally installed directly by the owner or manager of the website. They can be divided into navigation or session cookies, which guarantee the normal navigation and use of the Website (allowing, for example, to make a purchase or authenticate to access restricted areas); analytics cookies, similar to technical cookies when used directly by the site manager to collect information, in aggregate form, on the number of users and how they visit the site; functionality cookies, which allow the user to browse according to a series of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided. The prior consent of users is not required for the installation of these cookies.
- Profiling cookies. Profiling cookies are designed to create user profiles and are used in order to send advertising messages in line with the preferences expressed by the user while surfing the net. Due to the particular invasiveness that such devices may have in the private sphere of users, European and Italian legislation provides that the user must be adequately informed about their use and thus express his valid consent. This site does not use profiling cookies.
Session and Persistent Cookies
Session Cookies, which contain information that is used in your current browser session. These cookies are automatically deleted when you close your browser. Nothing is stored on the visitor’s computer beyond the time of use of the Site.
First-party and third-party cookies
It is necessary to take into account the different subject that installs cookies on the user’s terminal, depending on whether it is the same manager of the site that the user is visiting (so-called “first part”) or a different site that installs cookies through the first (so-called “third parties”). First-party cookies are created and are readable by the site that created them. Third-party cookies, on the other hand, are created and readable by domains external to the Site and whose data are stored at the third party. This site uses first-party cookies of a technical nature, for which, as mentioned, consent is not required, but only this information.
For more information about this type of advertising based on user tastes, deriving from third-party cookies, you can visit the third-party sites at the links below. At the addresses www.youronlinechoices.com and www.aboutads.info/choices/ you will also find information on how behavioral advertising works and a lot of information on cookies as well as the steps to follow to protect your privacy on Internet.
Third party cookies
This Site uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). For more information, you can visit the Google page on the use of cookies for Analytics (Link).
Google Analytics uses cookies to collect and analyze anonymously information on the behavior of use of the Site by you (including your IP address). This information is transmitted to Google which processes it in order to draw up reports regarding your activities on the Website itself. However, Google does not associate your IP address with any other data held by Google nor does it try to connect an IP address with the identity of a computer user. In any case, Google, in order to offer website visitors the possibility of preventing the use of their data by Google Analytics, has developed the browser add-on for deactivating the Google Analytics JavaScript (tools.google.com/dlpage/gaoptout?hl=en).
The Site also allows you to express your preferences through interaction with other applications (so-called “social”). For example, by clicking on the correspondent “key” (button) present in the pages of the Site, the user can access his YouTube, Twitter profile and express, share or report their preference regarding the content of the Site or the Company’s social pages. In this case, also for knowing the use that these applications make of your data, the information prepared by the company that owns the aforementioned application applies.
YouTube: Privacy policy
Twitter: privacy policy
The Site also uses Google Maps to provide detailed information on how to locate our headquarters. We use Google Maps tools on the basis that Google complies with its privacy policy and terms of service.
The Site allows the use of YouTube, owned by Google Inc., only to allow users of the Site to enjoy the content disseminated through the ARCA S.r.l. YouTube channel. More information on how Google uses cookies can be found at www.google.com/policies/technologies/types/.
The owner does not guarantee that the links to the aforementioned policies are always functional, and this is due to any updates that do not depend on the owner, therefore the user is required to personally consult and verify the current text. The owner is not responsible for any malfunctions or conditions that do not allow consultation of the policies of the aforementioned applications.
The duration of cookies, therefore, ranges from a single session to two years from the visit of the page.
SPAM protection
This type of service analyzes the traffic of this Site, potentially containing personal data of users, in order to filter it from parts of traffic, messages and contents recognized as SPAM.
To protect against SPAM on contact forms, the Site uses the third-party component Google reCaptcha by Google Inc.
The use of the reCAPTCHA system is subject to the privacy policy and terms of use of Google.
Place of processing: USA – Privacy Policy..
Management of cookies in the configuration of the major browsers used
Manage cookies in Google Chrome
Manage cookies in Internet Explorer
Manage cookies in Mozilla Firefox
Manage cookies in Safari
Manage cookies in iOS
The following site is again indicated to analyze, more generally, and manage the own preferences in terms of “online behavioral advertising” www.youronlinechoices.com.
Customer information
Information on the processing of personal data pursuant to and for the purposes of Art. 13 of EU Regulation 2016/679.
In compliance with the provisions of EU Regulation 2016/679, we provide you with the necessary information regarding the purposes and methods of processing your personal data, as well as the scope of communication and dissemination of the same, their nature and their provision.
The data processing will be carried out to provide you with the products and services provided by the Data Controller, to fulfill the tax and administrative aspects related to the existing business relationship and to achieve effective management of the same. This treatment will be based on principles of correctness, lawfulness and transparency, protecting your privacy and your rights and has the purpose of concluding, managing and executing the supply contracts for the requested products and services; to organize, manage and execute the supply of products and services also by communicating data to third party suppliers; to fulfill the legal obligations or other obligations required by the competent Authorities. For the purposes of the indicated processing, the Data Controller will become aware of personal data concerning you, such as personal data and telephone/computer contact data.
However, the data collected are only those strictly necessary. Therefore, any non-communication or incorrect communication of one of the requested information, due to legal and contractual obligations, prevents the Owner from carrying out the contract itself.
The personal data and the documentation collected for the aforementioned purposes, including the offers issued and the documentation delivered, will be stored, even after the termination of the Contract, in both paper and electronic format, in specific databases owned by the Data Controller for the fulfillment of all legal obligations.
The data processing will be carried out mainly with IT and telematic tools, with logic strictly related to the purposes and in order to guarantee the security and confidentiality of the data, by persons specifically appointed as Appointees and/or Managers by the Data Controller.
Without prejudice to the communications made in execution of legal and contractual obligations, for the defense of rights and upon request by the competent Authorities, the data may be communicated to employees and/or collaborators of the Data Controller to whom the transfer of your data is necessary or is in any case aimed for carrying out the activity; to Professionals or Service Studies for administration and management who work on behalf of the Data Controller; to third-party suppliers for the execution of the contract; to credit institutions for economic transactions. Your data will not be disseminated (i.e. communicated to an indistinct amount of other subjects).
The data controller is
ARCA S.r.l.
Viale Lino Zanussi, 3
33170 Pordenone
Phone +39 0434 573354
Fax +39 0434 573361
sales@arcatool.it
to which communications relating to the exercise of your rights may also be sent.
You can exercise a variety of rights.
First of all, you have the possibility to obtain from the Data Controller information on the origin and purpose of the processing of your personal data, on the categories of data that are processed, to which recipients or categories of recipients your data have been or will be communicated, the retention period or, if this is not possible, the criteria used to determine cit.
On the personal data provided, you have the right to obtain the correction of incorrect and the integration of incomplete data. You have the right to cancel them, even if not attributable to legal and contractual obligations, and to limit their processing in certain circumstances. It is also your right to receive your personal data from the Data Controller and to transmit them to another Data Controller without any impediment.
You have the right to withdraw consent at any time for each purpose for which it has been granted.
You have the right to lodge a complaint with the supervisory authority.
The manifestation of consent to carry out the processing of personal data by the Data Controller, as above indicated and qualified, since they can be traced exclusively to legal and contractual obligations, is superfluous pursuant to Art. 6 Par, 1 Letter b) and c) of EU Regulation 2016/679.
Suppliers Information
Information on the processing of personal data pursuant to and for the purposes of Art. 13 of EU Regulation 2016/679
In compliance with the provisions of EU Regulation 2016/679, we provide you with the necessary information regarding the purposes and methods of processing your personal data, as well as the scope of communication and dissemination of the same, their nature and their provision.
The data processing is carried out to fulfill the tax and administrative aspects related to the existing business relationship and to achieve effective management of the same. This treatment will be based on principles of correctness, lawfulness and transparency, protecting your privacy and your rights and has the purpose of concluding, managing and executing the purchase contracts for the products and services requested; to fulfill the legal obligations or other obligations required by the competent Authorities. For the purposes of the indicated processing, the Data Controller will be aware of personal identification data concerning you, such as personal data and telephone/computer contact data.
However, the data collected are those only strictly necessary. Therefore, any non-communication, or incorrect communication, of one of the requested information, due to legal and contractual obligations, prevents the Owner from carrying out the contract itself.
Personal data will be processed for the entire duration of the business relationship and also stored subsequently, within the limits and within the time necessary for the fulfillment of legal obligations and for administrative purposes.
The treatment will be carried out with manual and IT tools, with logic strictly related to the purposes and in order to guarantee the security and confidentiality of the data, by persons specifically appointed as Appointees and/or Managers by the Data Controller.
Without prejudice to the communications made in execution of legal and contractual obligations, for the defense of rights and upon request by the competent Authorities, the data may be communicated to employees and/or collaborators of the Data Controller to whom the transfer of your data is necessary or is in any case aimed for carrying out the activity; to Professionals or Service Firms for administration and management who work on behalf of the Data Controller; to credit institutions for economic transactions. Your data will not be disseminated (i.e. communicated to an indistinct quantity of other subjects).
The data controller is
ARCA S.r.l.
Viale Lino Zanussi, 3
33170 Pordenone
Phone +39 0434 573354
Fax +39 0434 573361
amministrazione@arcatool.it
to which communications relating to the exercise of your rights may also be sent.
You can exercise a variety of rights.
First of all, you have the possibility to obtain from the Data Controller information on the origin and purpose of the processing of your personal data, on the categories of data that are processed, to which recipients or categories of recipients your data have been or will be communicated, the retention period or, if this is not possible, the criteria used to determine it.
On the personal data provided, you have the right to obtain the correction of incorrect and the integration of incomplete data. You have the right to cancel them, even if not attributable to legal and contractual obligations, and to limit their processing in certain circumstances. It is also your right to receive your personal data from the Data Controller and to transmit them to another Data Controller without any impediment.
You have the right to withdraw consent at any time for each purpose for which it has been granted.
You have the right to lodge a complaint with the supervisory authority.
The manifestation of consent to carry out the processing of personal data by the Data Controller, as indicated above and qualified, since they can be traced exclusively to legal and contractual obligations, is superfluous pursuant to Art. 6 Par, 1 Letter b) and c) of EU Regulation 2016/679.
Last update of this policy: 25 June 2021
