EXTENDED PRIVACY STATEMENT ON THE PROCESSING OF PERSONAL DATA
Fabio Benvenuti takes Privacy, the protection and safeguard of personal data of people interacting with him very seriously.
Please, read carefully all sections of this document, as it contains important information on how your personal data are managed in relation to this website.
The purpose of this document is also to inform, pursuant to art. 13 of of the Regulation EU 2016/679 (hereafter “Regulation”) and to the applicable national regulation on personal data processing, Legislative Decree 196/2003 and subsequent amendments and addenda, anyone who interacts with the web services provided by Carbonarm, owned by Fabio Benvenuti, electronically accessible at the following link: https://www.carbonarm.com/
CARBONARM WEBSITE AND APPS
Besides this website, Carbonarm provides IOS Apps to Android that can be downloded for free from the store.
Carbonarm Apps allow the user to manage the reserved area in the E-commerce section of the website and to fully use the cases features in order to make the best use of your smartphone or tablet. The coverage of this policy includes data managed by the Apps.
The personal data controller is Carbonarm, owned by Fabio Benvenuti, registered office in Montaletto di Cervia (RA), Via dell’Industria, 13 - int. 6 - VAT n.: 03130020401 – e-mail: email@example.com.
A. TYPE AND PURPOSE OF PROCESSED DATA
Data directly provided by the user
We only require personal data from the users (e.g. first name, second name, e-mail address, etc.) if they want to get in touch or use the services provided by this website. In such cases, the users will receive a proper policy and, if necessary, will be asked to give their consent. Data provided by the user will be processed in line with the purposes and ways described by this policy and the specifications provided individually each time.
A.1 NEWSLETTER AND MARKETING COMMUNICATIONS
Type of processed data: E-mail address
Processing purpose: marketing and commercial promotion activities such as:
- Newsletter delivery in case of registration to the related service.
- Prior user consent, delivery of commercial information also via e-mail to promote products or services, performance of client satisfaction surveys, marketing researches, promotional activities in general.
Unsubscribing from the Service
To cancel your Newsletter subscription, just click on the “Cancel subscription”/“Unsubscribe” button at the bottom of each Newsletter e-mail or send a request to the above e-mail address.
Type of processed data: First name, Second name, Order number, E-mail address
FPurpose of the treatment :
- To manage the request sent by the user
- To deliver the requested service (e.g. subscription to events, webinars, newsletters, quotations, account verification/retrieval, etc.)
- Prior user consent, delivery of commercial information through an operator, via messaging services, to promote our products or services, to perform client satisfaction surveys, marketing researches, promotional activities in general.
A.3 RESERVED AREA – E-COMMERCE
Type of processed data: Registered name/First name - Surname, Gender, VAT number/tax code, date of birth, e-mail address, geographical address (Street, number, ZIP, City, Province, Country), telephone number, payment data (e.g. Credit Card, IBAN code)
Purpose of processing:
Data will be processed for the fulfillment of obligations deriving from entering an agreement ruled by “Conditions of sale”, also:
- To manage assistance and information/contact requests;
- User account management, showing content such as the history of purchases made, manuals, video tutorials and dedicated software, related to the products purchased; History of maintenance or actions carried out on the products and reminder of the expiry of the product warranty;
- To manage users accounts, show contents such as wish lists and customer reviews and recommend products and services that could be of interest for the users;
- Prior user consent, delivery of commercial information to promote our products or services, performance of client satisfaction surveys, marketing researches, promotional activities in general.
- Prior user consent, profiling activities, analysis of needs and propensity to purchase of customers and use of the services, to anticipate clients’ needs and consequently adjust the offer of products and services
A.4 OTHER PURPOSES
- Contractual purposes, connected and instrumental to the establishment and management of relationships with the customers and/or to the supply of goods and services, such as the acquisition of preliminary information in view of entering an agreement.
- Meet Government obligations, communitarian rules and regulations, i.e. provisions set for by legitimate authorities and control and supervision bodies (e.g. tax, accounting, administrative authorities, etc.);
- Exercise of Controller’s rights in court and management of any disputes that may arise.
Collection of aggregate and anonymous data and information to verify the proper functioning of the website, to improve the online shop and platform.
None of this information is related to the individual-website user, and are not personally identifiable.
Collection of data and information in order to protect the security of the website and its users (anti-spam filters, firewall, virus detection) and to prevent or detect any fraud or abuse.
Data are automatically registered and can include personal data (IP address) that could be used, pursuant to the applicable relevant laws, in order to block any attempts to cause damage the website or to other users, or any damaging activity or criminal offense. In no case are such data used to identify or create a profile of the user, and they are periodically deleted.
B. LEGAL BASIS
Data that are processed through this website and services provided through it are processed on the basis of the consent and/or on the basis of contractual agreements.
C. DATA PROCESSING MODES
The processing of personal data will always be based on the principles of fairness, lawfulness, transparency and protection of confidentiality, through technical and organizational security measures, in order to guarantee a suitable level of protection.
D. OBLIGATORY OR OPTIONAL NATURE OF THE PROVISION OF THE REQUESTED DATA
Users can freely decide to whether or not provide their personal data through this website and/or its connected services. Failure to provide data, as specified on a case-by-case basis in the information provided to the user, may result in the impossibility to provide the requested service.
E. RECEIVERS AND DATA TRANSFER
Personal data will be processed by the staff in charge of developing and managing the website, who are authorized to process such data in order to achieve the aforementioned purposes and who are committed to the privacy of data or under a suitable statutory obligation of confidentiality.
Personal data will be processed by designated Data controllers who are in charge of processing data on behalf of the Controller (e.g. companies that manage and fulfill sale orders, individuals involved in the provision of Services, such as hosting providers, providers of platforms needed for the delivery of e-mail/text messages, or individuals in charge of technical maintenance services on the network hardware and electronic communication networks, developers of payment software, providers of the technological platform and payment gateway for orders placed within the framework of e-payments arrangements).
Personal data may be shared with third parties connected to the Company through agreements for the provision of services that are functional to perform the activity (such as, for example, couriers in charge of the delivery of products, auditing companies, individuals, companies or professional firms providing assistance and consultancy in administrative, legal, fiscal, financial and debt collection matters, in relation to the provision of the Services, etc.)
Data can be communicated, also without consent, to all inspection verification and control organizations, such as the Revenue Agency, ministerial bodies and competent authorities, local authorities, tax commissions of all types and at all levels, upon their request, who will process them as independent data controllers for institutional purposes and/or by law during investigations and controls. Personal data are not intended to be published or disclosed. However, in some cases, within the framework of specific campaigns promoted through the website, the users may be asked to provide their data (including photo images and audio-video files) in order to take part in extraordinary and temporary events, contests and thematic initiatives, the nature of which envisages their publication and disclosure. In such cases, the user will be notified in advance and specifically informed and, in any case, the disclosure will follow the consent acquisition.
The complete list of designated third parties can be obtained from the Controller.
The Controller within the European Union and the European Economic Area will process data. If, for technical, organizational and/or operational reasons it is necessary to resort to subjects (among those listed above) outside the European Union or the European Economic Area, please be informed that the Company will guarantee that those subjects in compliance with the applicable regulation will process data. Therefore, data transfers will be adequately guaranteed through decisions on adequacy, general contract terms models approved by the European commission or other guarantees deemed adequate. The user can request further information by contacting the following e-mail address firstname.lastname@example.org.
F. DATA RETENTION
Personal data processed for the purpose of Service delivery and Contractual obligations will be stored by the Controller only as long as it is necessary for the correct performance of the required service and the contract entered with the user. The Controller will keep login credentials active to allow the access to the website and the Services, until the user decides to delete the account from the Services. In any case, since personal data are processed for the delivery of Services and to allow the performance of the contract, the Controller may retain them for a longer period, in particular as long as it may be necessary to protect the Controller’s interests from any possible responsibility related to the Services. At the end of such period they will be deleted.
User’s requests and the data they contain, collected through the Contact/Customer Service area of the website, will be retained on a limited-time basis as long as it may be necessary to allow the Controller to identify the correct closure of the request and in any case as long as it may be necessary to protect the Controller’s interests from any possible responsibility. At the end of such period of time, data that allow the identification of an individual, directly or indirectly (such as first name, second name, e-mail), will be anonymized and retained as aggregate data, for statistical purposes.
The Controller will retain personal data that are processed to comply with legal obligations for the time specified by the law or by the applicable regulations.
Personal data that are processed for Marketing and Profiling purposes will be retained by the Controller until the user withdraws his/her consent. Once the user withdraws his/her consent, the Controller will not use personal data for said purposes, but may still retain them, in particular as it may be necessary to protect the Controller’s interest from any possible responsibility based on such processing.
Personal data that are processed for the purpose of Commercial Communication will be retained by the Controller until the user objects to their processing via the link included at the bottom of every information e-mail sent.
Unless otherwise stated, personal data will be processed as long as the user makes use of this website and of the services provided. In case of consent withdrawal, personal data will be retained by the Controller for demonstrating the fulfillment of his obligations, until their prescription.
G. RIGHTS OF DATA SUBJECTS
Personal data subjects may, at any time, exercise their rights of access, correction or deletion of data, of processing restriction, of opposition, of portability, as per Articles 15-21 of the Regulation, by submitting a request to the e-mail address email@example.com or by sending a registered letter with notification of receipt to the Controller’s address.
Please note that, for Marketing, Profiling and Commercial Communication purposes it is always possible to withdraw your consent using the relevant link included at the bottom of each communication or sending a specific request to firstname.lastname@example.org.
The user may also submit a complaint to the control authorities (for Italy: Data protection authority www.garanteprivacy.it), following the procedures set by the applicable law.
The website is controlled and managed by Carbonarm owned by Fabio Benvenuti, with registered office in Montaletto di Cervia (RA), Via dell'Industria 13 int.6 – VAT nº: 03130020401 - e-mail: email@example.com, hereinafter also referred to as “Website manager”.
WHAT ARE COOKIES
A “cookie” is a small text file installed by some websites on the user’s device upon access to a specific website or of certain services offered by the website. The purpose of cookies is to store and transfer information. Cookies are sent by a web server (which is the computer on which the visited website is being executed) to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and saved on the user’s device. For further information about cookies in general, please visit www.allaboutcookies.org
WHAT THEY ARE USED FOR
Cookies can generally be used for different purposes, for example monitoring the visitors’ use of the website, improving page navigation, allowing to set up personal preferences on the visited website, protecting the user’s security, or presenting commercial messages based on users’ interests.
COOKIES WE USE AND THEIR PURPOSES
In general, and based on common terminology, cookies can have different features that allow their classification based on:
- o Either the length of time a cookie stays on the user’s device: in this case they are called session/temporary cookies or persistent cookies.
- o or their origin: in this case they are referred to as first party cookies (sent to the browser directly by the website that is currently visited) or third party cookies (sent to the browser by other websites and not by the website that is currently visited);
- o Or their purpose: in this case, they are referred to as technical cookies, which is also in line with the provisions of the Data protection authority.
- o Or identification and profiling analytical cookies.
Following the above classification, one cookie may have all these features together and, for example, be a persistent, third party, profiling cookie.
Session/temporary cookies: these are not permanently stored but they stay on the device only for the duration of the navigation session. This means that they are automatically deleted from the user’s device, as soon as the website and the navigation browser are closed.
Permanent cookies: these are saved on the user’s device and stay until the user deletes them or until their expiry date in case they have one set. Thus, they are not automatically deleted from the user’s device when the website is closed.
First party cookies: these cookies are released by the website that is being visited; the website corresponds to that entered by the user (that can be viewed in the URL window). Third party cookies: these cookies are released by a different website from the one that is being visited.
Technical cookies: these cookies are necessary to navigate the website and use some of its specific features. They can be divided in:
- o Navigation/necessary/performance cookies: they allow the normal navigation and use of the website (for instance, they allow to make a purchase or to log in to reserved areas); if these cookies are blocked, the website may not work properly. This website’s cookies are first party and permanent.
- o Functionality/preference/localization/session status cookies: they allow storing information that change the behavior or look of the website (preferred language, font size, geographical area). If they are blocked, the navigation experience will be less functional but not compromised. These cookies allow the website to remember the user’s choices (such as, for example, the preferred language, interesting contents, etc.) and to provide the personal features selected by the user, in order to improve the navigation experience. In some cases, these cookies can also be used to offer online services (for example a live chat service) and avoid the offer of services that were previously rejected by the user. This website’s cookies are first party or third party, temporary or permanent.
- o Third party statistical/analytics cookies that cannot be used to identify the user (with IP masking and no crossing with other data held by the third party): this website uses the Google Analytics service provided by Google Inc. to manage websites. Google Analytics, in turn, releases cookies that generate information on the use of the website by the user. These cookies can be assimilated, according to the current regulation, to technical cookies, since they fulfill the following conditions: adoption of measures reducing the identification power of cookies by masking parts of the IP address (please find a description at the following link: https://support.google.com/analytics/answer/2763052?hl=i); the third party is committed to only use these cookies for the provision of the services, to store them separately and not to “enrich” or “cross” them with other information they own. Regarding this point please be informed that this website’s manager has not linked Google Analytics to any supplementary service provided by Google and that no commercial or data sharing option has been activated with Google. Furthermore, an add-on can be installed to disable Google Analytics on the browser that is being used (https://tools.google.com/dlpage/gaoptout ). In the light of the adopted measures, these cookies and connected personal data can be used and processed without obtaining the consent, in accordance with the rules established by the current regulations (art. 122 of the Privacy Code and Disposition of the Data protection authority dated 8 May 2014).
List of first party cookies
List of third party cookies*
|Purpose||Name||Validity||Domain||Policy links and consent|
* The responsibility for the completeness of the list of third party cookies also lies with the third party concerned
Social Widgets e Command Buttons
Social Widgets/Command Buttons are special “buttons” often represented by icons (e.g. Facebook and YouTube icons), that allow users navigating the website to perform an action or a command (e.g. “Like”) interacting, with a “click”, directly with social networks. With a click on Social Widgets/Command Buttons, the user can share the website content on his/her own social profile and post and view contents taken form the same social network (e.g. friends’ pictures) on the website pages. The website does not share any information or data about the user’s navigation with social networks that can be accessed via widgets or command buttons found on its pages.
HOW TO MANAGE OR DELETE COOKIES
Most Internet browsers are initially set to accept cookies automatically. These settings can be changed in order to block cookies or to be warned each time that cookies are sent to the user’s navigation device. Furthermore, at the end of each navigation session, the collected cookies can be deleted from the user’s device. Cookies can be managed in several ways. We recommend users to refer to the specific instructions of their browser. If different devices are used to view and access the website (e.g., computer, smartphone, tablet, etc.), the user will have to make sure that each browser on each device is set according to his/her cookie preferences.
Microsoft Windows Explorer
If none of the above browser is used, select “cookie” in the respective section of your browser’s guide to find out the folder needed to manage them.