Privacy Policy and Statement

This policy statement describes how the personal data of users and visitors of this website is processed and managed. This statement – in pursuance of Section 13 of Legislative Decree 196/2003 (Code for the Protection of Personal Data) – is provided to those who interact with the services of Aphad S.r.l., which can be accessed electronically through the web address: http://www.aphad.eu

This statement applies exclusively to the aforementioned website and does not concern any other websites the user might access via links.

The following indications are based on the guidelines offered by the European Data Protection Authorities in order to lay down minimum requirements for the online collection of personal data, with special regard to the arrangements, timing and nature of the information to be provided by data controllers to users browsing web pages for whatever purpose. Therefore, we recommend you read the following Privacy Policy. The Privacy Policy and Aphad S.r.l. Standards for the protection of personal data are based on principles of responsibility, transparency, relevance, purpose, verifiability, and security.

1. Data controller

Browsing this website may entail the processing of data concerning identified or identifiable persons.
The data controller is Aphad S.r.l. with offices at Buccinasco (MI), CAP 20090, Via della Resistenza, 65 – VAT IT08314800965.

2. Persons and entities responsible for data processing

The collected data is mainly processed at Aphad’s premises by staff who have been expressly identified and designated according to these specific data processing requirements.
Aphad S.r.l. might ask for the support of external companies, consultants, or software suppliers for the above-mentioned processing operations within the scope of the intended use of data. Such subjects will be formally designated as data processors or persons in charge of processing and will ensure maximum security and confidentiality in the processing of personal data. Your data will not be circulated in any way.
For completeness’ sake, it should be pointed out that in some cases the Italian Data Protection Authority or its delegates may request information pursuant to Section 157 of Legislative Decree 196/2003 in order to supervise the way personal data is processed. In these cases it is mandatory to comply under penalty of administrative fines.

3. Categories of processed data

3.1 Browsing data
The information systems and software procedures utilised to operate the website of Aphad S.r.l. acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of internet communication protocols. Such information is used to extract anonymous statistical information about the use of the website as well as to check on its functioning. It is not collected in order to relate it to identified data subjects; however, it might allow user identification per se after being processed and matched with data held by third parties.
This data category includes: IP addresses and domain names of computers employed to connect to the website, addresses of requested resources in URI (Uniform Resource Identifier) notation, the time of the requests, the method used to submit requests to the server, the size of the files obtained in response, the numeric code indicating the state of server responses (successful conclusion, error, etc.) and other parameters concerning the user’s operating system and computer environment.
This data is removed after statistics are elaborated, and it is stored offline in case it should be requested by judiciary authorities to establish liability in case of computer-related crimes.

3.2 Personal data voluntarily provided by the user
Personal data freely provided by users to use online services requiring access credentials or submission of emails will be used as follows:

3.2.1 Sending emails to addresses provided on websites
The optional, explicit and voluntary submission of e-mails sent to the addresses mentioned on this website entails the subsequent acquisition of the sender’s address – which is necessary for responses to requests – and of any other personal data contained in the message. Aphad S.r.l. guarantees that personal data provided by users requesting information (first name, last name, e-mail address) will be used only for the purpose of providing the requested service. Failure to provide such data entails the impossibility to satisfy said requests.

4. Processing arrangements

Personal data is processed – also through automated and electronic means – only for the time necessary to achieve the purposes for which it has been collected.
Specific security measures have been implemented to prevent unauthorised access to, loss of, or unlawful or improper use of data.
Personal data provided by users can be utilized – only upon their explicit consent – for the provision of information and for marketing activities. Specific summary information notices and consent forms are available on the website pages dedicated to services on demand with the purpose of calling the users’ attention to the processing of their personal data.
The collected data will neither be shared nor communicated to any other subjects for any other purpose than those related and required to provide the requested service.

5. Optional data provision

Users are free to provide their personal data either to log in to the website or to request online services, also if functional to the provision of said services: failure to provide such data may entail that the registration and subscription to such services cannot take place.
The provision of data for information and marketing purposes is optional and the user is free to give his consent to such processing: failing to provide such consent entails that Aphad S.r.l. will be unable to inform the user about its commercial and promotional activities.

6. Cookies

For cookie usage please see the specific “Cookie Policy” section where complete information is provided.

7. Data subjects’ rights

Data subjects are entitled at any time to obtain confirmation of the existence of personal data concerning them and be informed of their contents and source, verify their accuracy, or else request that such data be supplemented, updated or rectified (Section 7 of Legislative Decree no. 196/2003). As a consequence, data subjects shall have the right:

1. To be informed of the source of the personal data, of the purpose and method of processing, of the logic applied in case data is processed with the aid of electronic means, of the identification of the data controller, of the persons in charge of the processing, of the subjects or categories of subjects that may access such data;
2. To immediately obtain the updating, the supplementing, the erasure, the anonymisation or blocking of any data that has been processed in breach of the law, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
3. To obtain certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves to be impossible or involves a manifestly disproportionate effort compared to the right that is to be protected;
4. To fully or partially object, on legitimate grounds, to the processing of his personal data, albeit relevant to the purpose of the collection, and to the processing of his personal data for the purposes of sending advertising material, or of performing direct sales, marketing research, or promotional communication.

All requests must be sento to the address of the data controller: Aphad S.r.l. – CAP 20090 – Buccinasco (MI) – Via della Resistenza, 65, or emailed to info@aphad.eu

Last updated in November 2016