The processing of the website / portal web services takes place at the company’s headquarters and is only handled by the technical staff of the office authorized to process the processing (eg Internet Area), or by any external managers for the performance of occasional technical operations or periodic (eg database and website maintenance).
The data controller considers the “privacy” of its users to be of fundamental importance and guarantees that the processing of personal data through its website is carried out in compliance with fundamental rights and freedoms, as well as the dignity of the data subject, with particular reference to confidentiality, personal identity and the right to the protection of personal data. In this regard, the data controller has granted and implemented a Privacy Policy for everything concerning the site management methods with reference to the processing of users’ personal data.
Privacy Policy and to check it carefully in order to check for any updates or revisions that may become necessary. The data controller informs that the personal data (hereinafter “Data”) provided by you, or otherwise acquired as a result of or during navigation on our site / portal, may be processed, in compliance with the European Regulation 2016/679 (GDPR).
For the purposes of this Policy, “personal data” – as better specified in Article 4 of the GDPR – means “any information relating to an identified or identifiable natural person (” interested party “); the natural person is considered identifiable who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more characteristic elements of his physical identity, physiological, genetic, psychic, economic, cultural or social; “.
This Privacy Policy applies to personal data collected through the website and / or portal of the Data Controller of your data and / or e-mail boxes of the Company. This does not apply to personal data collected “off-line”, except in cases where such personal data are combined with other personal data collected by the Data Controller of your online data. Furthermore, this does not apply to other websites owned by third parties, which can be accessed via hyperlink, due to the fact that the Data Controller of your data does not manage and does not control the content of such sites.
The following personal data can be collected by the Data Controller of your data, through its website and / or portal: name, surname, address, e-mail address, information grouped for statistical purposes only during the site consultation process. and / or portal, other information provided voluntarily by the user through the online registration procedures or the compilation of specific fields, forms, information aimed at improving and facilitating the navigation of the site.
Users can access different sections of the website without releasing any personal information. The Data Controller of your data processes and collects personal data online through its website and / or portal or other Company e-mail address; these treatments are carried out, mainly in an automated way, in the following ways:
The User Data is collected to allow the Owner to provide its services, as well as for the following purposes: Statistics, Contacting the User, Interaction with external social networks and platforms, Registration and authentication, Social Applications, Payment Management, Interaction with support and feedback platforms, Infrastructure monitoring, Traffic optimization and distribution, Interaction with live chat platforms, Remarketing and Behavioral Targeting, Address management and sending of email messages, Display of content from external platforms, Affiliation commercial and heat mapping. The types of Personal Data used for each purpose are indicated in the specific sections of this document.
Personal Data may be collected for the following purposes and using one or more of the following services:
The data controller collects the personal data of its users necessary to carry out the authorization, enabling and personalization of access to the various areas and related contents of the Company’s website / portal. Furthermore, the data controller acquires the data necessary to execute the contractual obligations assumed towards customers and deriving from the booking operations. The execution of these obligations necessarily implies that the employees of the operational and commercial functions of Atena Holding srls have access to such data. as well as the employees of third-party service providers. The data controller uses the personal data collected online in order to offer products and services, control the system of authorized accesses to monitor data security, evaluate job proposals submitted by candidates (CV); only at the specific request of the interested party, through the online registration form, the data controller submits commercial offers and promotes marketing initiatives through its own “Newsletter”. The owner of the data processing, as “Owner” of the related processing, informs that the data in question will be processed and used exclusively for the purposes outlined in this Privacy Policy.
The personal data collected by filling in the forms on the website / web portal of the data controller are processed in order to:
Personal data will be accessible to the bodies and employees of the data controller, formally appointed as Data Processors or Data Processors. The use and forwarding of personal data by external individuals and organizations acting on behalf of the aforementioned data controller are governed by contracts that provide for an adequate level of personal data protection. These subjects are appointed External Managers. Users’ personal data will be used and released by the data controller exclusively to individuals and organizations working on their own behalf, in accordance with this Privacy Policy and as explicitly provided for by current legislation. Furthermore, the data controller manages the information contained on its website / web portal in collaboration with other service providers and web agencies, from which it can receive personal data relating to the users of such information. These online collaborations are governed by specific contracts which presuppose an adequate level of protection of the personal data processed. In some other cases, the data controller may also be required to release the personal data of the users of its website / web portal, in execution of contractual obligations, in accordance with current legislation or to satisfy the request for services by the ‘interested; this information release activity can take place in the following cases:
Furthermore, further circumstances may arise, if for example the data controller decides, for commercial reasons, to carry out sales, mergers or capital acquisitions. As part of these reorganization activities, personal data may be shared with current or potential buyers. In these circumstances, the data controller will obtain written guarantees that personal data will be processed with an adequate level of protection and, in any case, in compliance with current legislation. Except in cases explicitly permitted by law, or provided for in this Privacy Policy, personal data will not be disclosed or shared without the consent of the user concerned. The data controller will not transfer the personal data of its website users to unauthorized third parties, for consideration or free of charge.
In accordance with the principle of minimization of treatment enshrined in art. 5 GDPR, The data controller guarantees that the processing by electronic means is carried out by minimizing the use of personal data and identification data, limiting their use to cases where they are strictly necessary for the achievement of the purposes for which have been collected. The data controller also guarantees the adoption and observance of specific security measures to prevent the loss of data, any illicit or incorrect use of the same and unauthorized access. The user’s data will be kept by the data controller for a maximum of two years from the last interaction with the user and up to any cancellation order by the interested party, including data which need not be kept in relation for the purposes for which they were collected, in compliance with the rights enshrined in articles 15 – 21 GDPR and to be implemented in the manner referred to in the following paragraph “Your Rights”. It is the responsibility of each individual user in charge to guarantee and verify the ownership and custody of their passwords and related access codes to web resources.
The data controller processes the data of its users / customers exclusively with their consent. However, if the user does not consent to the processing of data or requests the cancellation of their data, it will not be possible to access the restricted areas of the Company’s website / portal.
Apart from that specified for navigation data, the user has the right to provide or not the personal data contained in the request and / or registration forms of the website / web portal of the data controller. Failure to provide them may make it impossible to obtain what is requested. For the sake of completeness, it should be noted that in some cases (not subject to the ordinary management of this site) the Authority may request news and information pursuant to art. 58 GDPR, for the purpose of controlling the processing of personal data. In these cases, the reply is mandatory under penalty of an administrative sanction.
Users of the website / web portal can always contact the Data Controller to assert their rights as provided for by articles 15 to 21 of the GDPR on the basis of which:
In accordance with these provisions, and in addition to the other rights specified here, the data controller provides users of its website / web portal with the following possibilities:
Furthermore, the information provided after the first registration can be modified or deleted by changing the settings previously entered in the registration form on the website / web portal of the data controller, by accessing the appropriate “Newsletter” section on the home page. It is also possible for users to access their personal data, released and stored online and, where permitted, it is also possible to update and modify personal data online.
The “cookie” technology is used to obtain information about the experience had on the website / web portal and to allow the operation of some services that require the passage of the user to be identified on the various pages.
A “cookie” constitutes information sent by a server to a browser and allows the server to collect information from the browser and vice versa. The cookie will help the website / portal to recognize your device if the website / portal is visited again. Cookies serve many functions. For example, they can help us remember your usernames and preferences, analyze the performance of our website or even allow us to recommend content that we think may be of interest to you.
Our cookies are normally anonymous and cannot be linked to the user’s personal data. First-party cookies are associated with the domain name of the page you are visiting and allow you to identify the person by cross-referencing our database, they can only be assigned upon explicit request by users and in order to allow their immediate identification for access restricted areas of the website, without users having to manually enter the login and password. In any case, the user’s identity is never included directly in the cookie and cannot be intercepted.
Each time you access the website / web portal, regardless of the presence or absence of a cookie, we record the type of browser, the operating system and the host together with the visitor’s source URL, as well as the information on the requested page. These data can, therefore, be used in aggregate and anonymous form to perform statistical analysis on the use of the website.