Privacy & Cookie policy

PERSONAL DATA PROCESSING POLICY

Pursuant to and in accordance with Legislative Decree No. 196/2003, as amended by Legislative Decree No. 101/2018, as well as pursuant to artt. 13 and 14 of Regulation (EU) No. 679/2016, containing provisions on protecting natural persons with regard to the processing of personal data, we would like to inform you that this privacy policy applies to personal data that are provided to Arione S.p.A. or that Arione S.p.A. collects using cookies and other web tracking technologies.

1. DATA CONTROLLER

The personal data controller is Arione S.p.A. (VAT No. 00203190053), in the person of the pro tempore legal representative, with registered office in Canelli (AT), Via Luigi Bosca No. 135, phone: 0141/823172 - fax: 0141/835172 – email: canelli@arione.it and administrative office in Castiglione Tinella (CN), Via San Carlo No. 8, phone: 0141/855116 – fax: 0141/855231 – email: castiglione@arione.it.

2. DATA PROCESSING LOCATION

The data processing takes place at the above-mentioned offices of the controller and is only managed by technical staff responsible for the processing.

If necessary, the personal data connected to website services may be processed by company staff who maintain the technological part of the website and, in this case, they will be appointed as processors.

3. NATURE OF THE DATA PROCESSED AND PROCESSING PURPOSES

The information that we receive when you send an email and/or fill out a registration form will only be used to respond to your questions or to satisfy your requests.

The following data will also be processed: IP addresses or domain names of the computers used by users who connect to the site; URIs (Uniform Resource Identifiers) of the resources requested; the time of the request; the method of use in submitting the request to the server; the size of the file obtained in response; the numeric code indicating the status of the response given by the server (success, error, etc.); and other parameters relating to the user’s operating system and IT environment.

These data will only be used for the purpose of obtaining anonymous statistical information on the website’s use in order to check that it is operating correctly; these data will be deleted immediately after they have been processed.

The above-mentioned data may be used to ascertain liability in case of potential IT offences to the detriment of the website.

Arione S.p.A. will only be able to use your personal data for different purposes, such as sending information of a promotional or commercial nature, fulfilling existing contractual relationships, as well as in order to fulfil the resulting legal and tax obligations deriving from the same, after you have given your express consent. Otherwise, your data may be provided to our commercial partners in order to convey useful information or to send promotional material of interest to you (in order to effectively manage commercial relationships).

4. LEGAL BASIS OF THE PROCESSING

All the personal information that you provide is the result of your free choice; we do not use illegal means to obtain this information without your consent.

5. PROCESSING METHODS

The processing of personal data may be carried out with or without the aid of electronic and, in any case, automated means, according to rationale strictly related to the purposes indicated above. These data may be stored both on IT supports, paper, or on any other suitable support, in compliance with the minimum security measures pursuant to the technical regulations regarding minimum security measures.

The IT systems and software procedures set up for the operation of this website acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected in order to be associated with identified data subjects, but, due to its nature, it could, through processing and association with data held by third parties, make it possible to identify the users. All the above-mentioned data and the other data constituting your service status will mainly be processed at Arione S.p.A.’s offices. These data will be stored for the entire duration of the contractual relationship and also after the end of the relationship in order to fulfil all obligations connected to or deriving from it.

In any case, the processing will be performed in compliance with every precautionary measure that guarantees its legality, security, and confidentiality.

6. PARTIES OR CATEGORIES OF PARTIES TO WHICH THE DATA COULD BE COMMUNICATED

The personal data may be made known to those appointed (collaborators, suppliers, administration staff, etc.) or to any appointed processors.

We may communicate your data: to public and private parties who may access the data pursuant to the law, regulations, or EU law, within the limits stipulated by the above-mentioned laws (such as, for example, social security and welfare institutes and authorities, associations of local authorities, public administrations and authorities, associative and/or insurance associations, foundations, authorities, or bodies); to parties that need to access the data for purposes auxiliary to the relationship between the parties, within the limits strictly necessary for performing the above-mentioned auxiliary tasks (by way of example, banks and credit institutes, service delivery companies, carriers and shipping companies); and to our consultants, within the limits necessary to perform their tasks for our organisation, subject to their appointment as processors of the data that are provided to them.

We will not disseminate your data, meaning, by “disseminate”, providing knowledge thereof to undetermined parties in any way, including via their provision or consultation, unless you express and grant your specific, free, and informed consent for each type of processing.

7. RIGHT TO GRANT DATA

Without prejudice to the data subject’s personal autonomy, the optional, explicit, and voluntary sending of emails to the addresses indicated on this website entails the successive acquisition at the sender’s address, which is necessary in order to respond to requests, as well as any other personal data included in the communication.

Again, without prejudice to the data subject’s personal autonomy, we would like to inform you that any refusal to provide data, in whole or in part, may make it impossible for the company to execute the contract that may exist or to correctly perform the obligations deriving from contractual relationships.

8. PERIOD FOR WHICH THE PERSONAL DATA ARE STORED

The personal data will only be used for the period of time necessary to fulfil the purposes established beforehand, i.e. until the time when you clarify your opposition to how Arione S.p.A. uses your personal data or until the time when you withdraw your consent.

Should Arione S.p.A. be obliged, pursuant to law, to store your personal data for a longer time, or if Arione S.p.A. needs your personal data in order to launch or defend itself in legal proceedings, the company will store your personal data until the end of the related period of mandatory storage or until the time when the proceedings in question are resolved.

In any case, the personal data will not be stored for a period of more than 10 years.

9. TRANSFER OF DATA TO COUNTRIES OUTSIDE THE EU

This website could share some of the data collected with services localised outside of the European Union.

In particular, it may share the data with: Google, Facebook, Instagram, Sendinblue (platform used for sending newsletters), Amazon, and Microsoft (LinkedIn), via social media plugins and Google Analytics. The transfer is automated.

10. RIGHTS OF THE DATA SUBJECT

We would like to inform you that all the most appropriate measures to ensure you have the chance to obtain information, communications, and transparent methods regarding the exercise of your rights will be adopted (such as, for example, right to information and access to your personal data, right to rectification, right to deletion, right to restrictions on processing, right to portability of data, right to opposition).

In particular, we would like to inform you that you will be able to request information relating to which personal data it processes with reference to you, as well as the correction or deletion of these personal data, from Arione S.P.A. at any time.

In any case, Arione S.p.A. will be able to delete your personal data only if there is no legal obligation or prevailing right of Arione S.p.A. relating to their storage.

If you request that Arione S.p.A. delete your personal data, you will not be able to continue using any service that requires that the same company use your personal data.

It will be your right to request that Arione S.p.A. restrict any additional processing of your personal data if there are no legal foundations for the processing by Arione S.p.A. of your personal data and you request that the above-mentioned company exclude your personal data from any processing, as well as if you declare that the personal data that Arione S.p.A. possesses, with reference to you, are incorrect.

If Arione S.p.A. uses your personal data on the basis of a contract that you have entered into, you may request a copy of the personal data that you provided from the company.

These requests may be addressed to: amministrazione@pec.arione.it specifying the information or processing to which your request refers, the form in which you wish to receive the information, as well as whether the personal data must be sent to you or to another recipient.

Arione S.p.A. will carefully consider your request, discussing the methods for best fulfilling it with you.

11. RIGHT TO SUBMIT A COMPLAINT

If you believe that Arione S.p.A. is not processing your personal data according to the requirements established in this policy, or by the laws on EU Regulation on data protection, you may submit, at any time, a complaint to the Italian Data Protection Authority.

12. LIABILITY OF THE DATA CONTROLLER

Pursuant to what is stipulated by art. 24 of the Regulation EU No. 679/2016, concerning “general obligations” for the data controller and the processor, we would like to inform you that, taking into account the nature, application scope, context, and processing purposes, as well as the risks with different probabilities and levels of seriousness for the rights and freedoms of natural persons, the controller will put in place technical and organisational measures that are suitable for ensuring, and being able to demonstrate, that the processing is performed in compliance with this regulation.

Said measures may be reviewed and updated if necessary.

13. SECURITY

The data are stored and controlled via the adoption of technical and organisational security methods that are suitable for ensuring a suitable security level for the risk and are aimed at minimising the risk of loss and/or destruction, of unauthorised access, of processing without consent, and/or processing that does not comply with the purposes for which the processing is performed.

The processor, or whoever acts under their authority or under that of the data controller, who has access to personal data may not process such data if not instructed in this way by the data controller, unless the law of the EU or of Member States requires it.

Taking into account the state of the art and costs of implementation, as well as the nature, subject matter, context, and processing purposes, as well as the risk of various probabilities and levels of seriousness for the rights and freedoms of natural persons, the data controller and the processor put in place technical and organisational measures that are suitable for ensuring a security level that is consistent with the risk, which comprise, among other things, if relevant: a) the pseudonymisation and encryption of the personal data; b) the capacity to permanently ensure the confidentiality, integrity, availability and resilience of the processing systems and services; c) the capacity to promptly restore the availability of and access to the personal data in the event of a physical or technical incident; d) a procedure for regularly testing, checking, and assessing the efficacy of technical and organisational measures in order to ensure the security of the processing.

In assessing the suitable security level, we pay particular attention to risks presented by the processing that derive, in particular, from the destruction, loss, modification, unauthorised communication or access, in an accidental or illegal way, to personal data transmitted, stored, or, in any case, processed.

The data controller and the processor ensure that whoever acts under their authority and has access to personal data, does not process such data if not instructed in this way by the data controller, unless the law of the EU or of Member States requires it.

14. CHANGES TO THIS PRIVACY POLICY

The data controller reserves the right to make changes to this policy at any time, by communicating this to the users on this page and, if possible, on the Application too, as well as, if technically and legally feasible, by sending a notification thereof to the users through one of the contact details that it possesses.

Users are, therefore, invited to periodically consult this page, referring to the date of the latest change indicated at the foot.

If the changes made concern processing whose legal basis is the user’s consent, the controller will, if necessary, again gather the above-mentioned user’s consent.

Cookie policy

This site uses cookies.

Cookies are small text files that enable storing information on visitor preferences to improve the site’s functionality, to simplify its navigation by automating procedures (for example: login, site language, etc.), and to analyse the website’s use.

Cookies are used to provide users with a navigation experience as close as possible to their preferences and are, in addition, used to optimise the website’s performance. In fact, they make it easier to quickly search for specific content within the website.

The advantage of having cookies installed in your computer/smartphone/device is that you no longer need to fill in the same information every time you wish to access a site that you have previously visited.

Two macro categories may be identified: “technical” cookies and “profiling” cookies.

This site uses so-called “technical” cookies for the sole purpose of transmitting a communication across an electronic network, or, to the degree strictly necessary, to the provider of a service explicitly requested by the user, in order to delivery this service.

These cookies may be divided into “navigation” or “session” cookies, which guarantee normal navigation and use of the website (making it possible, for example, to make a purchase or authenticate oneself to access a reserved area); and/or “analytics” cookies, which are similar to “technical” cookies if used directly by the website manager to collect aggregated information on the number of users and on how these visit the website itself; and/or “functional” cookies, which enable the user to navigate depending on a series of selected criteria (for example: language, products selected for purchase) in order to improve the service delivered.

The use of so-called “technical” cookies (session variables whose stored values on the device’s hard drive can, in any case, be deleted: it is possible to disable cookies by following the indications provided by the main browsers) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) and of software use data that are necessary to enable the safe and efficient exploration of the website. Session variables (cookies) may avoid the use of IT techniques potentially injurious to users’ confidentiality of navigation and do not enable the acquisition of personal data identifying the user.

This website does not use, in any way, so-called “profiling” cookies, which are intended to create profiles relating to users and are used in order to send advertising messages in line with the preferences shown by the same in the context of navigating online.

This site does use so-called “third-party” cookies, i.e. those intended to receive, while navigating on a website, cookies sent by different websites or web servers on your device (the storage of information occurs with third parties).

One example is that of social media plugins for Facebook, Twitter, Instagram, Google+, YouTube, LinkedIn, Pinterest, Amazon, Sendinblue (parts of the page visited generated directly by the above-mentioned sites and integrated into the page of the hosting site), whose use is intended for sharing content on social media networks (the presence of these plugins entails the transmission of cookies from and to all the sites managed by third parties).

For more information on the logic and methods of the processing of data collected by social media networks, users are invited to read the privacy policies provided by the parties who provide the services in question, by way of non-limiting example:

Facebook: https://www.facebook.com/policy.php;
Twitter: https://twitter.com/privacy;
YouTube: https://www.google.it/intl/it/policies/privacy;
LinkedIn: https://it.linkedin.com/legal/privacy-policy;
Pinterest https://about.pinterest.com/it/privacy-policy.

A complete list of Privacy Policies third-party cookies used:
google.com: www.google.it/intl/it/policies/privacy;
youtube.com: www.google.it/intl/it/policies/privacy
Addthis.com: www.addthi.com/privacy.                                                    

In order to disable cookies, it should be remembered that the majority of browsers are also configured to accept cookies. In any case, the majority also make it possible to control and even disable cookies through the browser settings.

By way of example:

  • 1. FIREFOX

Load Firefox, press the “Alt” button on the keyboard, in the tool bar situated in the upper part of the browser, select “Tools” and, following this, “Options”, then select the “Privacy” tab and go to “History settings”. Following this, go to “Use custom settings”, deselect “Accept cookies from websites”, and save your preferences.

  • 2. INTERNET EXPLORER

Load Internet Explorer, click on the “Tools” button and then on “Internet options”, select the “Privacy” tab and move the slide bar to the privacy level that you wish to set (upwards to block all cookies or downwards to enable them all), then click on OK.

  • 3. GOOGLE CHROME

Load Google Chrome, click on the “tools” icon, select “settings” and then “advanced settings”; select “setting for content” under the “Privacy” item. In the “cookies” tab, you can deselect cookies and save your preferences.

  • 4. SAFARI

Load Safari, choose “preferences” in the tool bar, then select the “security” panel in the dialogue window that follows; in the “accept cookies” section you can specify whether and when Safari should save website cookies. For additional information, click on the Help button (identified by the question mark). For more information on cookies that are stored on your computer, click on “show cookies”.

In order to protect your personal data from possible losses and from any form of illegal processing, “Arione” has adopted all the most suitable technical and organisational measures.

We remind you that disabling navigation cookies or functional cookies may cause the website to malfunction and/or limit the service offered.

The Data Controller

Arione S.p.A.