- Data Controller, Data Processor and Data Protection Manager The Controller of the personal data is GAMMA ARREDAMENTI INTERNATIONAL SPA (Tax code and VAT No. 00664360401), with registered offices at Via Pitagora 3, 47100 FORLI’ (FC), e-mail [email protected], (hereinafter “Data Controller”).An updated list of designated data processors can be supplied on request from data subjects and/or Users. The company has not appointed a Data Protection Officer.
- Information collected automatically by the Website - Cookies
- a) Information collected automatically
Like all websites, our site also uses log files in which information is automatically collected and stored during visits. During use, the computer systems and software procedures used for the functioning of this website automatically acquire certain information, the transmission of which is implicit in the use of Internet communication protocols. The following information is collected:
- - Internet Protocol (IP) address or the domain name of the device being used;
- - browser type and device parameters used to connect to the Website;
- - the addresses in the Uniform Resource Identifier (URI) notation of the requested resources or the method used to submit the request to the server;
- - name of the Internet Service Provider (ISP);
- - date and time of the visit;
- - the User's webpage of origin (referral) and of exit;
- - number of clicks, where applicable;
- - size of the file obtained in response;
- - numerical code indicating the status of the response given by the server (success, error, etc.);
- - other parameters relating to the operating system and the IT environment of the device.
- b) Cookies
Cookies are used in the Website. Cookies are text files stored on a computer and allow the recording of certain parameters and data communicated to the IT system, through the browser being used. These tools thus allow the analysis of the user's habits on the Website for various purposes: the execution of IT authentication, monitoring of sessions, storage of information on specific configurations regarding users who access the server and the storing of preferences, etc. Cookies are categorised as follows:
- Technical cookies: used to execute browsing or to provide a service requested by the user. Without the use of these cookies, certain operations could not be performed or would be more complex and/or less secure.
- Profiling cookies: these are used to track the user's web browsing and create profiles based on their tastes, habits, choices, etc. They can be used to transmit advertising messages to the user's device in line with preferences expressed by the user when browsing online.
- Google Analytics whose disclosure can be found here https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
- a) Information collected automatically Like all websites, our site also uses log files in which information is automatically collected and stored during visits. During use, the computer systems and software procedures used for the functioning of this website automatically acquire certain information, the transmission of which is implicit in the use of Internet communication protocols. The following information is collected:
- 3. The personal data that you provide by using the site: the purpose of its processing.
The personal information requested and provided are necessary in order to allow access to the https://www.gammarr.com (hereinafter “Website”) and to use the following services (the “Website Services”):
- - refer to catalogue/products/services;
- - access the reserved area;
- - be contacted;
- - access the NEWSLETTER SERVICE;
- - use the DOWNLOAD service.
- - to execute the technical management of the Website; (ALL)
- - the filling in of the appropriate form for acquisition of website user details to fulfil information/business contact requests (CONTACTS)
- - contact subscribers by sending a periodic newsletter on company activities; (NEWSLETTER)
- - analyse user preferences, habits, interests and consumption choices, including type, frequency and location of purchases, in order to predict the user’s future consumption (profiling activities)
- - distribute commercial and technical information (PRODUCT/SERVICES CATALOGUE)
- - inform customers of the authorised persons to contact if they are interested (DEALERS);
- - allow access to material exclusively reserved for registered persons (RESERVED AREA);
- - allow the download of technical information about products or services (DOWNLOAD)
- Obligatory or optional nature of consent for the provision of data, the consequences of a refusal and the legal basis of the processing Please note that for the purposes referred to in points (i), (ii) and possibly following, of art. 3 above, the transfer of personal data is obligatory as failure to comply means you will not be able use the Services offered by the Website. The provision of your personal data is, however, not obligatory but optional for the purposes referred to in points (iv) and (v) of art. 3 above. Failure to provide data for the purposes indicated above will prevent us from providing the Newsletter and Marketing Services or carrying out Profiling Activities. To this end, you can voluntarily decide whether or not to give your consent for such purposes, without this affecting your ability to access the Website Services. Please note that you may, in any case and at any time, ask the Data Controller that your data be deleted, via a simple request to be sent without any particular formalities to the addresses referred to in art. 1 above. With reference to the purposes referred to in points (i), (ii), and possibly following, of art. 3 above, the legal basis of the processing is the execution of the services provided through the Website and requested by you (pursuant to article 6, paragraph 1, letter b of the GDPR; whereas, with reference to the purposes referred to in points (iii) and (iv) of art. 3 above, the legal basis of the processing is your eventual voluntary consent to the processing (pursuant to article 6, paragraph 1, letter a of the GDPR).
- To whom and in what context we may transmit the data
Within the EU, the data may be communicated in full compliance with the provisions of the Privacy Code and the GDPR, to the following entities:
- - (i) the financial administration and/or other public authorities, where required by law or at their request;
- - (ii) the structures, entities and external companies used by the Data Controller for the performance of activities connected, instrumental or consequent to the execution of the Website Services – including cloud computing storage, transport, sending the Newsletter and Profiling Activities;
- - (iii) external consultants (for example, for tax compliance management), if not designated in writing to the Data Processors.
- - (iv) banks, for purposes related to the potential purchase of goods/services if provided in any part of the website.
Note that you may at any time exercise your rights under articles 15, 16, 17, 18, 20 and 21 of the GDPR by sending a written communication to the addresses of the Data Controllers referred to in art. 1 above and consequently obtain:
- - confirmation of the existence or otherwise of personal data with an indication of its origin, verify its accuracy or request its updating, correction or extension;
- - access, correction or deletion of the data provided or limitation of the processing;
- - deletion, anonymisation or the blocking of data processed unlawfully.
- Duration of the Processing Except where required by law, personal data will be stored for a specified period, based on criteria related to the nature of the services provided. Please note that the data stored for Profiling or Marketing purposes will be kept for a period not exceeding 12 and 24 months respectively from the time of registration.
- Security Measures Through the Website, the data is processed in compliance with the applicable laws and using appropriate security measures in compliance with current legislation also pursuant to articles 5 and 32 of the GDPR. In this regard, we also confirm the adoption of appropriate security measures to prevent unauthorised access, theft, disclosure, alteration or destruction of the processed data.
Last update: 2019-04-03 12:59:10