• +39 02 77 095744
  • info@arch-inox.com
  • Via Giotto, 2/4 - 20040 Cambiago (MI)

Privacy Policy

The purpose of this Privacy Policy is to describe how the website www.arch-inox.com is managed, with reference to the processing of personal data of users/visitors consulting it.

The policy applies only to the above mentioned site and not for any other websites that may be consulted by the user through links.

Arch. & Inox S.r.l. with registered office in Milan at Via Uberto Visconti di Modrone 2, postcode 20122, tax code and VAT no. 13257050966, Tel.02 77 095744 e-mail info@arch-inox.com, PEC arch.inox@legalmail.it, as the Data Controller, ensures compliance with the legislation on the protection of personal data (Reg. 2016/679/EU Legislative Decree 196/03, as amended by Legislative Decree 101/2018).

Users/visitors are invited to carefully read this Privacy Policy before forwarding any kind of personal information by e-mail and/or filling in any electronic form on the website itself.

Data Controller
In addition to the Data Controller identified above, any partner sites that participate in data processing activities on an independent basis from time to time may assume the role of independent Data Controllers.

DATA PROTECTION OFFICER (‘DPO’)
The Data Controller has appointed a Data Protection Officer (DPO) who can be contacted for any information and requests at the email address info@ambroservizi.it

Subject of processing

1) Browsing data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct functioning.
However, web contact data is not stored for more than seven days, except in the case of investigations into computer crimes against the website.

2) Data provided voluntarily by users/visitors
If users/visitors, when connecting to this site, send their personal data to access certain services, or to make requests by email or send messages to institutional profiles/pages on social media (where this option is available), as well as by filling in and submitting forms on the site, they are aware that this involves the acquisition by the Data Controller of the sender’s address and/or any other personal data that will be processed exclusively to respond to the request or to provide the service.
Specific information will be published on the pages of the site set up for the provision of certain services.
The personal data provided by users/visitors will be communicated to third parties only if such communication is necessary to comply with the requests of the users/visitors themselves or for legal obligations (such as in the case of invoicing).

3) Cookies
In addition to the data expressly provided to the Data Controller, other data deriving from the user’s navigation on the website may be recorded: when the user accesses the website, the website may send the user a ‘cookie’. A ‘cookie’ is a small text file that the website can automatically send to the user’s computer when they view our pages.
Cookies are used to make browsing more convenient, as well as to obtain information on the individual user’s browsing within the website and to enable the functioning of certain services that require the identification of the user’s path through different pages of the website.
For any access to the site, regardless of the presence of a cookie, the site records the type of browser (e.g. Internet Explorer, Chrome, Firefox), the operating system (e.g. Windows, Macintosh), the host and the URL of origin of the user-browser, in addition to the data on the requested page.
This data may be used in aggregate and anonymous form for statistical analysis of the use of the site.
For complete management of cookies, please refer to the ‘Cookie policy’ page of this website.

Methods of processing
The processing is carried out using automated tools for the time strictly necessary to achieve the purposes for which the data was collected and, in any case, in accordance with the relevant regulations in force.
Specific security measures are observed to prevent data loss, illicit or incorrect use of the same and unauthorised access, so as to allow access only to persons appointed or responsible in accordance with the provisions of current law.

Purposes of processing
In addition to those indicated in the individual information notices that precede the completion of the forms in the various sections of the website, the purposes of the processing carried out by the Data Controller are as follows:
a) collection, storage and processing for the purposes of establishing and managing the contractual relationship connected with the performance of the contractual relationship established and the provision of the service offered on the website;
b) processing of personal data provided and data obtained from browsing the website in order to provide a service consistent with the information transmitted during the use of the service;
c) collection, storage and processing of data to perform statistical analyses in anonymous and/or aggregate form.

Legal basis for processing
The legal basis for the processing of data carried out by the Data Controller through the website consists, with regard to the indications referred to in point a) above, in the contract entered into, or in the pre-contractual phase connected to it, with the Data Subjects, while with regard to points b) and c), the legal basis is to be found in the legitimate interest of the Data Controller in the free economic initiative referred to in Article 41 of the Italian Constitution.
With regard to any additional and future purposes that may require consent, this will be requested in a specific form and shall also be considered a valid legal basis.

Recipients
In addition to the Data Controller, in some cases, categories of Data Processors and authorised persons involved in the company organisation (administrative, commercial, marketing, legal, accountants, system administrators) may have access to the data.
In addition, the Data Controller may use external parties (such as third-party technical service providers, transporters, hosting providers, cloud services, IT companies, communication agencies) who will be appointed as external Data Processors.
The updated list of Data Processors can always be requested from the Data Controller by contacting the address indicated above.

Transfer to a third country
The Data Controller does not transfer the data of users/visitors of the website to countries outside the European Union.
The data processed by the Data Controller will never be disclosed.

Place of data processing
The processing operations connected to the web services of this website take place within the EU and therefore, on the basis of Regulation 2016/679/EU, in a place deemed suitable.

Data storage times and location
The data will be stored for a period of time not exceeding the achievement of the purposes (‘storage limitation principle’, Article 5 of the EU Regulation) or in accordance with the deadlines set by law.

Optional or mandatory provision of data
Apart from what is specified for navigation data that is collected automatically, users/visitors are free to provide their personal data or not. Failure to provide such data may only make it impossible to obtain what has been requested. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, which is necessary to respond to requests for services, products or information, as well as any other personal data included in the message.

Rights of data subjects
The data subject has the right at any time, pursuant to the GDPR, to obtain confirmation of the existence or otherwise of such data and to know its content and origin, verify its accuracy or request its integration, updating or correction.

Requests should be addressed to Arch. & Inox S.r.l. with registered office in Milan at Via Uberto Visconti di Modrone 2, postcode 20122, tax code and VAT number 13257050966, tel. 02 77 095744, email info@arch-inox. com, certified email address arch.inox@legalmail.it or to the Data Protection Officer at the email address info@ambroservizi.it.
In relation to the processing of the aforementioned data, the customer/user has the right to obtain from the Data Controller:

  1. confirmation of the existence or otherwise of their personal data, its communication in an intelligible form and knowledge of its origin, as well as the logic on which the processing is based;
  2. the deletion, within a reasonable period of time, of their data, its transformation into anonymous form or the blocking of data processed in violation of the law;
  3. the updating of data, its rectification or, where interested, its integration;
  4. certification that the operations referred to in points 2) and 3) above have been brought to the attention of those to whom the data have been communicated, unless this proves impossible or involves a disproportionate effort;
  5. the rectification or erasure of data concerning you or the restriction of processing;
  6. the right to withdraw consent relating to optional processing not connected with the execution of the contract signed with the Data Controller;
  7. the right to object, on legitimate grounds, to the processing of personal data concerning him/her, even if relevant to the purpose of the collection, to request its portability, to exercise the right to be forgotten, and to refer the matter to either the ordinary judicial authority or the competent supervisory authority for personal data protection for any violation he/she believes he/she has suffered, in the manner indicated on the website of the supervisory authority itself at www.garanteprivacy.it. and the competent supervisory authority for the protection of personal data for any violation he/she believes he/she has suffered, in the manner indicated on the website of the Data Protection Authority at www.garanteprivacy.it.

Automated decision-making processes
No automated decision-making processes are carried out on the aggregated data collected, unless for the purpose of improving the management of the website.

Minors
In accordance with the provisions of Article 8 of the GDPR, no person under the age of 16 may send information to this website without the prior consent of their parents or guardians, nor may they make purchases or complete legal transactions on this website without such consent, unless permitted by applicable law.

Final clauses
Given the current state of evolution of legislation on the protection of personal data, we inform you that this privacy policy may be subject to updates.