Data controller
Inalme S.R.L. – P.I. 03047330877 – Via Cosmo Mollica Alagona, 9 – 95121 Catania CT Email: info@inalme.it
Types of data collected
Among the Personal Data collected by this Website, either independently or through third parties, are: Cookie, Usage Data, first name, last name, telephone number, fax number, company name, email, city, date of birth, VAT number, address, country, state, province, postal code, tax code, business sector, website, geographical location, username, User ID, unique identifiers of advertising devices (Google Advertiser ID or IDFA identifier, for example) and various types of data. Full details on each type of data collected are provided in the dedicated sections of this privacy policy or by means of specific information texts displayed prior to the collection of such data. Personal Data may be freely provided by the User or, in the case of User Data, automatically collected during the use of this Web Site. Unless otherwise specified, all Data requested by this Web Site are mandatory. If the User refuses to provide it, it may be impossible for this Web Site to provide the Service. In cases where this Web Site indicates certain Data as optional, Users are free to refrain from communicating such Data, without any consequences on the availability of the Service or its operation. Users in doubt as to which Data are mandatory are encouraged to contact the Data Controller. The possible use of Cookies – or of other tracking tools – by this Website or by the owners of third party services used by this Website, unless otherwise specified, has the purpose of providing the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy, if available. The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Web Site and warrants that he/she has the right to communicate or disseminate it, releasing the Owner from any liability towards third parties.
Method and location of data processing
Processing methods
The Data Controller adopts appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data. The processing is carried out using computer and/or telematic instruments, with organisational methods and logics strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organisation of this Web Site (administrative, sales, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, Data Processors by the Data Controller, may have access to the Data. The updated list of Data Processors can always be requested from the Data Controller.
Legal basis of the processing
The Data Controller processes Personal Data relating to the User if one of the following conditions exists:
- the User has given consent for one or more specific purposes; Note: in some jurisdictions, the Controller may be allowed to process Personal Data without the User’s consent or any of the other legal bases specified below, until the User objects (“opts-out”) to such processing. However, this does not apply where the processing of Personal Data is governed by European legislation on the protection of Personal Data;
- the processing is necessary for the performance of a contract with the User and/or the execution of pre-contractual measures;
- processing is necessary to comply with a legal obligation to which the Controller is subject;
- the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;
- processing is necessary for the pursuit of the legitimate interest of the Controller or of third parties.
However, it is always possible to ask the Controller to clarify the concrete legal basis of each processing and in particular to specify whether the processing is based on law, required by a contract or necessary to conclude a contract.
Place
The Data are processed at the Data Controller’s operational headquarters and in any other place where the parties involved in the processing are located. For further information, please contact the Data Controller. The User’s Personal Data may be transferred to a country other than the country in which the User is located. To obtain further information on the location of the processing, the User may refer to the section on Personal Data processing details. The User has the right to obtain information about the legal basis for the transfer of Data outside the European Union or to an international organisation under public international law or consisting of two or more countries, such as the UN, as well as about the security measures taken by the Controller to protect the Data. Should one of the transfers just described take place, the User may refer to the respective sections of this document or request information from the Controller by contacting him at the contact details given at the beginning.
Storage period
The Data are processed and stored for the time required by the purposes for which they were collected. Therefore:
- Personal Data collected for purposes related to the performance of a contract between the Controller and the User will be retained until the performance of that contract is completed.
- Personal Data collected for purposes related to the legitimate interest of the Controller will be retained until such interest is satisfied. The User may obtain further information regarding the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.
When processing is based on the User’s consent, the Controller may keep the Personal Data for a longer period until such consent is revoked. Moreover, the Controller may be obliged to keep the Personal Data for a longer period in compliance with a legal obligation or by order of an authority. At the end of the retention period the Personal Data will be deleted. Therefore, after the expiration of this period, the right of access, deletion, rectification and the right to Data portability can no longer be exercised.
Purposes of Data Processing
The User Data are collected to enable the Controller to provide its Services. To obtain further detailed information on the purposes of the processing and the Personal Data concretely relevant for each purpose, the User may refer to the relevant sections of this document.
Details of Personal Data Processing
Personal Data are collected for the following purposes and using the following services:
Contacting the User
Contact Form: The User, by filling in the contact form with his/her Data, consents to the use of such Data to respond to requests for information, quotes, or any other nature indicated in the header of the form. Personal Data collected: Cookie, Usage Data, first name, last name, telephone number, fax number, company name, email, city, date of birth, VAT number, address, country, state, province, postal code, tax code, business sector, website, geographic location, username, User ID, unique identifiers of advertising devices (Google Advertiser ID or IDFA identifier, for example) and various types of data.
Mailing list or newsletter: By registering to the mailing list or newsletter, the User’s email address is automatically added to a list of contacts to whom email messages containing information, including of a commercial and promotional nature, relating to this Website may be sent. The User’s email address may also be added to this list as a result of registering on this Web Site or after making a purchase. Personal Data Collected: Postcode, City, Last Name, Cookies, Date of Birth, Usage Data, Email, Address, Country, First Name, Phone Number, Profession, Province, Business Name, Gender, Web Site and State.
Contact by Telephone: Users who have provided their telephone number may be contacted for commercial or promotional purposes related to this Web Site, as well as to fulfil support requests. Personal data collected: telephone number.
Managing contacts and sending messages
This type of service allows the management of a database of email contacts, telephone contacts or contacts of any other type used to communicate with the User. These services may also collect data on the date and time the User views the messages, as well as the User’s interaction with them, such as information on clicks on links in the messages.
Tag Management
This type of services is functional for the centralised management of tags or scripts used on this Website. The use of these services entails the flow of the User’s Data through them and, where appropriate, their retention. Google Tag Manager (Google LLC) Google Tag Manager is a tag management service provided by Google LLC. Personal Data collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy. Privacy Shield adherent.
Interaction with social networks and external platforms
This type of service allows for interactions with social networks, or other external platforms, directly from the pages of this Website. The interactions and information acquired by this Website are in any case subject to the User’s privacy settings relating to each social network. If a social network interaction service is installed, it is possible that, even if Users do not use the service, it may collect traffic data relating to the pages where it is installed. For more information please visit Facebook’s privacy policy at this address: https://www.facebook.com/about/privacy/update Personal data collected: Cookies and Usage data. Place of processing: United States – Privacy Policy. Privacy Shield adherent.
SPAM protection
This type of service analyses traffic on this Web Site, potentially containing Users’ Personal Data, in order to filter it from traffic, messages and content recognised as SPAM. Google reCAPTCHA (Google Inc.) Google reCAPTCHA is a SPAM protection service provided by Google Inc. Use of reCAPTCHA is subject to Google’s privacy policy and terms of use. Personal Data collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy. Subject to the Privacy Shield. Akismet (Automattic Inc.) Akismet is a SPAM protection service provided by Automattic Inc. Personal Data collected: various types of Data as specified in the privacy policy of the service. Place of processing: United States – Privacy Policy.
Saving and managing backups
This type of service allows backups of this Website to be saved and managed on external servers managed by the service provider. These backups may include both the source code and its contents and the data provided to this Website by the User. Dropbox Backup (Dropbox, Inc.) Dropbox is a backup storage and management service provided by Dropbox Inc. Personal Data collected: various types of Data as specified by the service’s privacy policy. Place of processing: United States – Privacy Policy. Party to the Privacy Shield.
Statistics
The services contained in this section allow the Data Controller to monitor and analyse traffic data and serve to keep track of the User’s behaviour.
Google Analytics with anonymised IP (Google Inc.): Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected in order to track and examine the use of this Website, compile reports and share them with other services developed by Google. Google may use the Personal Data to contextualise and personalise the advertisements of its advertising network. This Google Analytics integration anonymises your IP address. The anonymisation works by shortening the IP address of Users within the borders of the member states of the European Union or in other countries which are party to the Agreement on the European Economic Area. Only in exceptional cases will the IP address be sent to Google’s servers and abbreviated within the United States. Personal data collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy -. Opt Out. Privacy Shield adherent.
Conversion tracking by Google AdWords (Google Inc.): Google AdWords conversion tracking is a statistical service provided by Google Inc. that links data from the Google AdWords ad network with actions taken within this Website. Personal data collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy. Privacy Shield adherent.
Facebook Ads Conversion Tracking (Facebook, Inc.): Facebook Ads conversion tracking is a statistics service provided by Facebook, Inc. that links data from the Facebook ad network with actions taken within this Website. Personal data collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy. Privacy Shield adherent.
Facebook Analytics for Apps (Facebook, Inc.): Facebook Analytics for Apps is a statistics service provided by Facebook, Inc. Personal Data collected: Usage Data and various types of Data as specified by the privacy policy of the service. Place of processing: United States – Privacy Policy. Privacy Shield adherent.
Further information on Personal Data
Analysis of User Data and forecasts (“profiling”): The Owner may process usage data collected through this Website to create or update user profiles. This type of processing allows the Owner to evaluate the User’s choices, preferences and behaviour for the purposes specified in the respective sections of this document. User profiles may also be created using automated tools, such as algorithms, which may also be offered by third parties. For further information on profiling activities, the User may refer to the respective sections of this document. The User has the right to object to such profiling activity at any time. To find out more about the User’s rights and how to exercise them, the User may refer to the section of this document on Users’ rights.
Personal Data collected through sources other than the User: The Owner of this Website may have lawfully collected Personal Data relating to the User without the User’s involvement, drawing on sources provided by third parties, in accordance with the legal bases described in the section on the legal bases for processing. If the Controller has collected Personal Data in such a way, the User can find specific information about the sources in the respective sections of this document or by contacting the Controller.
Automated decision-making processes: When a decision that may produce legal effects for the User or may affect the User in a similarly significant way is made exclusively by technological means and without human intervention, an automated decision-making process occurs. Within the scope of the purposes described in this document, this Website may use your Personal Data to make decisions based wholly or partly on automated processes. This Website uses automated decision-making to the extent necessary to enter into or perform a contract between the User and the Controller or, if required by law, with the prior consent of the User. Automated decisions depend on technological tools provided by the Controller or by third parties and are generally based on algorithms that respond to predefined criteria. The logic behind automated decision-making processes aims to:
- enable or improve decision-making;
- ensure fair and impartial treatment of Users;
- reduce potential harm resulting from human error, personal bias or other similar circumstances that could lead to discrimination or imbalance in the treatment of individuals;
- reduce the risk of non-performance of contractual obligations by the User.
For further information on the purposes, possible third-party services and the specific logic of the automated decision-making processes adopted by this Website, the User may refer to the respective sections of this document.
Effects of automated decision-making processes and rights of Users subject to them: Users subject to this type of processing may exercise specific rights aimed at preventing or limiting the potential effects of automated decision-making processes. In particular, Users have the right to:
- receive an explanation of any decision taken as a result of automated decision-making and express an opinion about it;
- challenge the decision by asking the Controller to reconsider it or adopt a new decision on a different basis;
- request and obtain from the Controller human intervention in the processing. For further information on Users’ rights and their exercise, the User may refer to the section of this document on Users’ rights.
Further information on treatment
Legal defence: The User’s Personal Data may be used by the Data Controller in legal proceedings or in the preparatory phases of such proceedings to defend against abuses in the use of this Web Site or related Services by the User. The User declares that he/she is aware that the Data Controller may be obliged to disclose the Data by order of public authorities.
Specific information: Upon the User’s request, in addition to the information contained in this privacy policy, this Web Site may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.
System logs and maintenance: For operation and maintenance purposes, this Website and any third party services used by it may collect system logs, i.e. files that record interactions and which may also contain Personal Data, such as the User’s IP address.
Information not contained in this policy: Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
Response to “Do Not Track” requests: This Website does not support “Do Not Track” requests. To find out whether any third party services used support them, the User is invited to consult their respective privacy policies.
Changes to this privacy policy: The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page and, if possible, on this Website as well as, if technically and legally feasible, by sending a notification to Users through one of the contact details held by the Data Controller. Please therefore consult this page regularly, referring to the date of last modification indicated at the bottom. If the changes affect processing whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.
Definitions and legal references
Personal Data (or Data)
Personal data is any information that, directly or indirectly, even in conjunction with any other information, including a personal identification number, makes a natural person identified or identifiable.
Usage Data
This is the information collected automatically through this Website (including by third party applications integrated into this Website), including: IP addresses or domain names of the computers used by the User who connects with this Website, URI (Uniform Resource Identifier) notation addresses, the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server response (successful, error, etc.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various time connotations of the visit (e.g. the time spent on each page) and details of the itinerary followed by the User.), the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (e.g. the length of time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters relating to the operating system and the User’s IT environment.
User
The individual using this Website who, unless otherwise specified, is the Data Subject.
Interested
The natural person to whom the Personal Data refer.
Processor (or Manager)
The natural person, legal entity, public administration and any other entity that processes personal data on behalf of the Controller, as set out in this privacy policy.
Data Controller (or Owner)
The natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data and the instruments adopted, including the security measures relating to the operation and use of this Web Site. The Data Controller, unless otherwise specified, is the owner of this Web Site.
This Website
The hardware or software tool by which Users’ Personal Data are collected and processed.
Service
The Service provided by this Website as defined in the relevant terms (if any) on this site/application.
European Union or EU
Unless otherwise specified, any reference to the European Union in this document shall be deemed to extend to all current member states of the European Union and the European Economic Area.
Cookies
Small portion of data stored within the User’s device.
Legal references
This Privacy Policy is drawn up on the basis of multiple legislative regulations, inclus i art. 13 and 14 of Regulation (EU) 2016/679. Unless otherwise specified, this privacy policy relates exclusively to this Website.