PRIVACY POLICY

NORMATIVE REFERENCES
• Directive 2002/58/EC – on ‘the processing of personal data and the protection of privacy in the electronic communications sector’.
• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/ec (General Data Protection Regulation).

THE DATA CONTROLLER
Data relating to identified or identifiable persons may be processed following consultation of the www.amazzell.it website.
The ‘Controller’ of their processing is Amazzell srl, registered office: via Trentino Alto Adige 24/26. 59100 Prato.

TYPES OF DATA PROCESSED
Browsing data
The computer systems and software procedures used to operate this website acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning, and is deleted immediately after processing.

Data voluntarily provided by the user
The optional, explicit and voluntary sending of personal data by the user in the registration forms on this site or by calling any telephone numbers given on the site, entails the subsequent acquisition of the data provided by the sender, which are necessary for the provision of the service or information requested.

Anonymous or aggregated data
Anonymisation takes the form of processing with the aim of preventing the identification of the data subject. Data rendered anonymous does not fall within the scope of data protection legislation. Aggregated data may derive from personal data provided by the user but are not considered personal data since, as specified, they do not allow either directly or indirectly the identification of the data subject.

LINKS TO OTHER WEBSITES
This site may contain links or references to other sites. Please note that the Data Controller does not control the cookies or other tracking technologies of such websites to which this Policy does not apply. We therefore suggest that you consult the individual privacy policies of those websites.

OPTIONAL PROVISION OF DATA
Apart from what is specified for navigation data, the user is free to provide his or her own personal data. However, failure to provide them may result in the impossibility of obtaining what has been requested.

CONTROL OVER ONE’S PERSONAL DATA
Please note that you may at any time choose to restrict the collection or use of your personal data. For example, if you have previously given your consent for your personal data to be processed for marketing purposes, you can change your mind at any time by writing or emailing us at info@amazzell.it.
Amazzell will not sell or distribute the collected personal data to third parties unless it has obtained explicit and free consent from the data subjects or unless expressly required by law.

PROCESSING METHODS and STORAGE TIMES
Personal data are processed, including by means of automated tools, for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are observed to prevent loss of data, unlawful or incorrect use and unauthorised access. The Data Controller has taken all the minimum security measures required by law and, drawing inspiration from the main international standards, has also adopted additional security measures to minimise the risks concerning the confidentiality, availability and integrity of the personal data collected and processed.

DATA SHARING, COMMUNICATION AND DIFFUSION
The processing operations connected with the web services of this site take place at the aforementioned premises of the Data Controller and are carried out only by personnel expressly authorised by the latter. The data collected may be shared, transferred or communicated to other companies for activities strictly connected with and instrumental to the operation of the service, such as the management of the computer system, or to any third-party suppliers entrusted with occasional maintenance operations. In the aforementioned cases, the Controller shall appoint such third parties as Data Processors pursuant to Article 28 of the GDPR. Apart from these cases, personal data will not be disclosed to third parties unless provided for by contract or law, or unless specific consent is requested from the person concerned. In this sense, personal data may be passed on to third parties, but only and exclusively in the event that:
a) there is explicit consent to share the data with third parties;
b) there is a need to share information with third parties in order to provide the requested service;
c) this is necessary to comply with requests from the Judicial or Public Security Authorities.
No data from the web service is disseminated.

RIGHTS OF THE INTERESTED PARTIES
Data protection legislation expressly provides for certain rights of the data subject. In particular, pursuant to Articles 15 et seq. of Regulation (EU) 2016/679, each data subject has the right to obtain confirmation as to whether or not data relating to him or her exists, to be informed of the source of the data and the purposes and methods of the processing, to obtain the updating, rectification, integration of the data as well as their erasure if they are processed unlawfully or if one of the reasons specified in Article 17 of Regulation (EU) 2016/679 applies.

Right of rectification
You may ask us to change the personal data in our possession, if they are inaccurate or incomplete, by sending an e-mail to info@amazzell.it.

Right of access, restriction and deletion
If you wish to view the data we process about you, restrict the processing of your data or delete it, you can do so by contacting us directly. If you would like your personal data to be deleted, please note that if this data is used to provide you with a specific service you have requested, you will no longer be able to use that service following the deletion. We inform you that your request for deletion cannot be fulfilled if one of the grounds specified in Article 17 of Regulation (EU) 2016/679 exists. We will explain to you all the cases in which we cannot comply with your request for deletion of your data (e.g. in the case of exercising or defending against a complaint) as well as the situations in which we can restrict data processing. We will respond to your request within 30 days of receiving it.

DATA RETENTION
Amazzell srl informs you that the data collected will be kept only for the time necessary to fulfil the specific purposes indicated. Any further storage of Data or part of the Data may be required in order to assert or defend one’s rights in any eventual venue and in particular in the courts, as well as to respond to explicit requests by the data subject, such as requests to receive promotional material where express consent has been given.

CHANGES TO THIS PRIVACY POLICY
The Controller periodically checks its privacy and security policy and, if necessary, revises it in relation to regulatory, organisational or technological changes. If the policies change, the new version will be published on this page of the site.

QUESTIONS, COMPLAINTS, SUGGESTIONS AND EXERCISE OF RIGHTS
Anyone interested in more information, in contributing their own suggestions or in making complaints or disputes about our privacy policies, about the way in which our company processes personal data, as well as in asserting their rights under data protection legislation, can contact the Controller by sending an e-mail to info@amazzell.it.