Privacy Policy Information for Corporate Website and Cookies

In compliance with the obligations arising from current privacy legislation (European Regulation for the protection of personal data n. 679/2016, GDPR Art. 13), this website respects and protects the confidentiality of its visitors and users, making every possible and proportionate effort not to infringe the rights of users.

This privacy policy is divided into two parts:

  1. Part 1 applies exclusively to the online activities of this site and is valid for the site's visitors/users. It does not apply to information collected through channels other than this website. The purpose of this privacy information is to provide maximum transparency regarding the information that the site collects and how it is used.
  2. Part 2 applies to commercial relationships with clients and suppliers.

Policy Part 1

Legal Basis for Processing This site processes data based on consent (cookies). The provision of data and therefore consent to the collection and processing of data is optional. The User may deny consent and may revoke a previously given consent at any time. However, denying consent may prevent the delivery of some services, and the browsing experience on the site could be compromised. As of May 25, 2018 (the date of entry into force of the GDPR), this site will process some of the data also based on the legitimate interests of the data controller.

Consent may also be requested for sending promotional material (which is collected by the site, but then managed outside of it).

Data Collected and Purposes Like all websites, this site makes use of log files in which information collected automatically during users' visits is stored. The collected information could be the following:

  • Internet Protocol (IP) address;
  • Type of browser and parameters of the device used to connect to the site;
  • Name of the Internet Service Provider (ISP);
  • Date and time of visit;
  • Referrer and exit web page of the visitor;
  • Possibly the number of clicks;
  • First and last name, mobile phone number, email address;
  • Name of the company;
  • Industrial data for testing.

The aforementioned information is processed automatically and collected exclusively in aggregate form in order to verify the correct functioning of the site and for security reasons (from May 25, 2018, such information will be processed also based on the legitimate interests of the data controller).

For security purposes (antispam filters, firewall, virus detection), the automatically recorded data may also include personal data such as the IP address, which could be used, in accordance with the laws in force, in order to block attempts to damage the site itself or harm other users, or otherwise harmful activities or constituting a crime. Such data are never used for the identification or profiling of the user, but only for the protection of the site and its users (from May 25, 2018, such information will also be processed based on the legitimate interests of the holder).

The data received will be used exclusively for the provision of the following services offered by the site of ASR Srl:

  • Responses to requests for information - contacts;
  • Response to request for information - free test;
  • Sending technical and promotional information - newsletter.

The data collected by the site during its operation are used exclusively for the purposes indicated and stored for the time necessary to carry out the specified activities or, if applicable, until a request for deletion.

Data Controller The data controller, according to the laws in force, is ARS Srl, Via G. Vico, 7, 52100 Arezzo (AR), in the person of its legal representative pro tempore.

Communication of Data to Other Subjects The data collected by the site will never be provided to external third parties to ARS, for any reason, unless it is a legitimate request by the judicial authority or state bodies in the cases provided by law. The personal data subject to processing may come to the knowledge of employees and/or collaborators of ARS appointed to carry out activities necessary for achieving the purposes of processing for ARS itself. Among these is the Web Hosting manager of the site, appointed by ARS as Data Processor, and therefore subject to the same obligations of the Data Controller. The Data Controller is required, upon request, to provide the interested parties with the list of the above-mentioned subjects.

Location of Processing The data collected by the site are processed at the data center of the Web Hosting. The web hosting is responsible for processing the data, processing the data on behalf of the owner and is located in the European Economic Area and acts in accordance with European standards.

Cookies As is customary on all websites, this site also makes use of cookies, small text files that allow information on visitors' preferences to be stored, to improve the functionality of the site, to simplify navigation by automating the procedures (e.g., login, site language) and for the analysis of site usage. In the case of Google Analytics cookies used in an anonymized form, in particular:

  • It is the cookie that distinguishes the Visitor. It has a duration of 2 years and, among other things, has a unique code capable of distinguishing the Visitor. Google Analytics, to measure the number of people (Unique Visitors) who have visited a site, counts the number of utma.
  • _utmb and _utmc. These are the two cookies that identify the session (Visit). Google Analytics uses them to calculate time-based metrics like the duration of the Visit or time on Page. They expire with the closure of the browser or when exiting the site.
  • It is the cookie that identifies the Source of Traffic. It allows for the collection of information about the origin of the Visit (organic search, link on another site, online campaign, etc.). It has a duration of 6 months.
  • It is the cookie used for tracking custom vars. It has a variable duration depending on the level of setting of the customized variable (Page, Session, Visitor).

By using the site, the visitor expressly consents to the use of cookies.

Disabling Cookies Cookies are linked to the browser used and can be disabled directly from the browser, thus refusing/revoking consent to the use of cookies. It should be noted that disabling cookies may prevent the correct use of some functions of the site itself.

Social Network Plugins This site also incorporates plugins and/or buttons for social networks, in order to allow easy sharing of content on your favorite social networks. Such plugins are programmed so as not to set any cookies when accessing the page, to safeguard users' privacy. Cookies are set, if provided for by social networks, only when the user makes effective and voluntary use of the plugin. Please note that if the user navigates being logged into the social network then he has already consented to the use of cookies conveyed through this site at the time of registration to the social network.

The collection and use of information obtained through the plugin are governed by the respective privacy policies of the social networks, to which please refer.

Security Measures This site processes user data in a lawful and correct manner, adopting appropriate security measures aimed at preventing unauthorized access, disclosure, modification, or unauthorized destruction of data. The treatment is carried out using computer and/or telematic tools, with organizational methods and with logics strictly related to the indicated purposes. In addition to the owner, in some cases, categories of appointees involved in the organization of the site (administrative, commercial, marketing, legal staff, system administrators) or external subjects (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data.

User Rights

Under the European Regulation 679/2016 (GDPR) and national legislation, the User may, according to the methods and within the limits established by current legislation, exercise the following rights:

  • Request confirmation of the existence of personal data concerning him/her (right of access);
  • Know its origin;
  • Receive intelligible communication of it;
  • Have information about the logic, methods, and purposes of the processing;
  • Request updating, rectification, integration, deletion, conversion into anonymous form, or blocking of data processed in violation of the law, including data no longer necessary for the purposes for which it was collected;
  • In cases of processing based on consent, receive at only the cost of any support, his/her data provided to the owner, in a structured form readable by a data processor and in a format commonly used by an electronic device;
  • The right not to be subjected to a decision based solely on automated processing, including profiling, that produces legal effects concerning him/her or that significantly affects him/her in a similar way;
  • The right to lodge a complaint with the Supervisory Authority (Privacy Guarantor);
  • And, more generally, exercise all the rights recognized by the current legal provisions (GDPR Art from 15 to 22). Requests should be addressed to the Data Controller.

In cases where data is processed based on the legitimate interests of the data controller, the rights of the data subjects to processing are still guaranteed (except for the right to portability, which is not provided for by the rules), in particular, the right to object to processing, which can be exercised by sending a request to the data controller.

Part 2

In compliance with the obligations arising from the current privacy legislation, (European Regulation for the protection of personal data n. 679/2016, GDPR Art. 13), this website respects and protects the confidentiality of visitors and users, making every possible and proportionate effort not to infringe the rights of users.

The Data Controller: The Data Controller, according to the laws in force, is ARS Srl, Via G. Vico, 7, 52100 Arezzo (AR), in the person of its legal representative pro tempore.

The Data Protection Officer (DPO) is not appointed as the company does not fall under the three cases provided by Article 37.

The purpose of the processing is to complete the existing contract:

  • To settle the supply of products or services in the case of a supply;
  • To provide what is foreseen by the contract in the case of a sale; The legal basis for the processing is the commercial relationship created by the sale or purchase of goods and/or services, relating to Article 6 paragraph b and c of the European Regulation 679/16.

The personal data provided by you as the data subject (the natural person to whom the personal data refers) will be processed in compliance with the current legislative provisions, using manual, computer, and telematic tools, with logic strictly related to the purposes themselves and may involve all the operations provided for by Article 4, paragraph 2 of the regulation. In any case, all data are processed in compliance with the law and the obligations of confidentiality imposed by it. Personal data is processed as part of the normal activity of the organization for the purposes of describing the macro-process (Production and assembly of machines for automation), purposes for which the data is processed, and all related management and operational activities (e.g., billing, credit protection, other administrative, management, and organizational services). In relation to the aforementioned purposes, no "special" (formerly sensitive) data referring to the data subject will be processed.

The provision of personal data for the above purposes is mandatory as, without your data, we may not be able to provide you, in whole or in part, with the activity you requested.

The recipients of the data (exclusively for the purposes indicated above and always limited to what is strictly relevant to the specific relationship between you and our company), according to the cases, may or must be communicated to the subjects or categories of subjects listed below:

  • Public Bodies for inspection and control activities, expressly delegated to them by Law or institutionally competent to them;
  • Companies and professionals who carry out on our behalf the activity of control and verification of accounting;
  • Trusted companies that carry out technical or organizational tasks on our behalf; the same is also done by the subjects already indicated in this information to whom the data are communicated.

Geographical Scope of Processing: Your personal data will always be processed within the European community.

Storage: Your personal data will be processed exclusively for administrative-accounting purposes for a period not exceeding that provided by current tax legislation for the retention of documents (10 years).

Profiling: Your data will not be subject to decisions based solely on automated processing, such as to produce in abstract legal effects concerning you or that significantly affect you in a similar way.

User Rights Under the European Regulation 679/2016 (GDPR) and national legislation, the User may, according to the methods and within the limits established by current legislation, exercise the following rights:

  • Request confirmation of the existence of personal data concerning him/her (right of access);
  • Know its origin;
  • Receive intelligible communication of it;
  • Have information about the logic, methods, and purposes of the processing;
  • Request updating, rectification, integration, deletion, conversion into anonymous form, or blocking of data processed in violation of the law, including data no longer necessary for the purposes for which it was collected;
  • In cases of processing based on consent, receive at only the cost of any support, his/her data provided to the owner, in a structured form readable by a data processor and in a format commonly used by an electronic device;
  • The right not to be subjected to a decision based solely on automated processing, including profiling, that produces legal effects concerning him/her or that significantly affects him/her in a similar way;
  • The right to lodge a complaint with the Supervisory Authority (Privacy Guarantor);
  • And, more generally, exercise all the rights recognized by the current legal provisions (GDPR Art from 15 to 22). Requests should be addressed to the Data Controller.

Complaints: You can also contact the Italian Guarantor for the protection of data using the following link http://www.garanteprivacy.it/home/footer/contatti, or the European Data Protection Supervisor using the following link: http://www.edps.europa.eu/EDPSWEB/edps/lang/it/EDPS.

Updates Rev.00 - Updated in September 2018 following the Legislative Decree 101/18 implementing the GDPR.

Rev.01 - Updated in July 2020 following the insertion of the newsletter.

Rev.02 - Addition of the second part for information to clients and suppliers.

Rev.03 - Update of heading and address.