Privacy notice pursuant to article 13 of EU Regulation no. 2016/679 of the European Parliament and Council dated 27/04/2016 (GDPR) for the User’s data collected through the website.

This page describes how to manage the website in relation to the processing of personal data of users who visit it. This privacy notice is provided pursuant to art. 13 of EU Regulation no. 2016/679 (GDPR) - on the protection of personal data, to those who interact with the services and web pages of the site accessible electronically from the address: http://www.apfmeccanica.it, corresponding to the home page of the website.

This privacy notice is provided exclusively in relation to the above website and its parts. This privacy notice cannot be extended to other websites or pages not belonging to the website itself, which are visited by the User through links.

THE DATA CONTROLLER

As a result of a visit to this website or interaction with it, data relating to identified or identifiable persons may be processed.

The Data Controller is the company APF S.r.l., with registered office in 41057 - Spilamberto (MO), Via G. Falcone, 2, email: apf@apfmeccanica.it 

The processing operations connected to the web services of this website take place at the headquarters of the data controller and are dealt with only by personnel duly designated and authorized to process. The Data Protection Officer (DPO) has not been appointed, as this is not required in this case.

TYPES OF DATA PROCESSED

Navigation data

The computer systems and software used to operate this website may acquire, during their normal operation, a number of personal data the sending of which is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified parties, but, by its very nature, could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the website, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters relating to the operating system and computer environment. These data are used only to obtain anonymous statistical information on the use of the website and to check its proper functioning and are erased immediately after processing. The data could be used to ascertain liability in the event of any computer crimes against the website.

Data provided voluntarily by the User

The optional, explicit and voluntary sending of data, by writing to the dedicated email address on the website, involves the subsequent acquisition of the address of the sender concerned, necessary to answer requests, and any other personal data sent (such as, but not limited to, personal details, home address, telephone numbers, etc.).

PURPOSE OF PROCESSING

The processing of your personal data, collected, processed and stored through the website, is carried out for the following purposes:

  1. purposes strictly related to the need to answer requests made directly by the User through the dedicated email address on the website itself (e.g. to provide information on the product/service, a cost estimate, the names of dealers in the area of interest, etc.).

THE LEGAL BASIS OF PROCESSING IS BASED ON:

- the need to comply with the requests made by the data subject and to proceed with the execution of pre-contractual measures taken at the request of the data subject/User, for the purposes referred to in par. 1. above, as well as in the legitimate interest of the Data Controller.

PROCESSING METHODS and STORAGE PERIOD

Personal data collected during browsing are processed by electronic media. Specific security measures are observed to prevent the loss of data, illicit or incorrect use of data and unauthorised access.

In accordance with the principle of "storage limitation” in article 5 of EU Regulation no. 2016/679 (GDPR), the data collected will be kept for a period of time not exceeding the achievement of the purposes for which they are processed or according to the deadlines provided by law. The check on the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically. In particular, the data processed for the purposes referred to in par. 1. above will be kept for 2 years.

SCOPE OF COMMUNICATION AND DISSEMINATION OF DATA

The data collected and processed are protected by the Data Controller by means of physical and logical methods such as to minimize the risks of unauthorised access, as well as dissemination, loss or destruction of the data.

Personal data will not be disclosed and may eventually be communicated by the Data Controller, to allow the provision of the service offered, to the following entities:

  1. entities, bodies or authorities for whom the communication of the User's personal data is made compulsory by legal provisions or orders of the authorities;
  2. entities/affiliated companies/partners and/or dealers with whom the Data Controller has entered into special cooperation agreements and which may be used for the provision of the service, for the sole purpose of enabling them to provide the products and/or services requested by the User.

Within the Data Controller, employees and collaborators (including external collaborators) may become acquainted with the personal data who have been expressly designated and authorised by the Data Controller to process such personal data, as well as organisations which provide technical support on behalf of the Data Controller (legal services, company checks, maintenance and/or repair of IT equipment).

TRANSFER OF DATA ABROAD

The data collected will not be transferred abroad.

RIGHTS OF DATA SUBJECTS

The data subject/User is always entitled to ask the Data Controller to access his or her data, to rectify or erase them, to restrict processing or to object to processing, to request the portability of the data, to revoke consent to the processing by asserting these and other rights provided for by current legislation (GDPR) by simply notifying the Data Controller. The data subject may also lodge a complaint with a supervisory authority. The Italian supervisory authority is the Data Protection Supervisor (Garante Privacy), with headquarters in Rome, Piazza di Monte Citorio no. 121.

Requests should be addressed to APF S.r.l., with registered office in 41057 - Spilamberto (MO), Via G. Falcone, n. 2, email apf@apfmeccanica.it