PRIVACY POLICY

Information provided pursuant to Art. 13 of European Regulation No. 2016/679 (GDPR)

 

  1. REASON FOR THIS NOTICE

This page describes the processing carried out by our company on personal data relating to any type of data subject (hereinafter “data subjects” pursuant to Art. 4, p. 1 of GDPR). The purpose is to illustrate the corporate policy implemented to guarantee compliance with the provisions of GDPR 2016/679 L.D. 196/2003, relevant national measures, guidelines issued by the European Data Protection Board as well as EC directives on the protection of the data of natural persons.

It is intended to provide information pursuant to Article 13 of Regulation (EU) 2016/679 (GDPR) to those who enter into any form of relationship with our company.

The Privacy Policy of this website does not refer to other processing carried out or described as a result of browsing internet sites through links that may be present in the above-mentioned website.

  1. DATA CONTROLLER
  • the Data Controller is the undersigned Company:

Alto Robotics Spa
Registered Office
in via Stezzano, 87
24126 Bergamo (BG)
Telephone:
Mail:

  • All data are processed lawfully, fairly and in a transparent manner in relation to the data subject, in compliance with the general principles provided for by Article 5 of the GDPR;
  • specific security measures are implemented in order to prevent the loss of, unlawful or unfair use of, or unauthorised access to the data.
  1. TYPES OF DATA PROCESSED
  • DATA OF CONSUMERS/END USERS, REPRESENTATIVES OF CLIENT COMPANIES, REPRESENTATIVES OF SUPPLIER COMPANIES

The personal data provided by the above data subjects or collected during the performance of contract-related activities, derive from the need to carry out the activities organized by the parties. 

For more information, write to the relevant e-mail address:

Purpose and legal basis for processing

(GDPR - Art.13, par. 1, c)

Data is collected and used in order to:

- enter into contractual/professional relationships;

- fulfil pre-contractual, contractual and tax-related obligations deriving from existing relationships, as well as to manage the associated communications;

- comply with legal obligations, regulations, EU standards or with the orders of the Authority;

- exercise a legitimate interest or right of the Data Controller (e.g., the right to defence in Court, the protection of credit positions; ordinary internal requirements in the areas of operations, management and accounting).

Scope of communication

(GDPR - Art.13, par. 1, e, f)

Your data will be processed only by internal staff who have been duly authorized and trained for processing (GDPR, Art.29) and they will not be disclosed to external persons, disseminated or transferred to non-EU countries. Any other case will be specified in the relevant form.

Processing methods

(GDPR C. 39)

Your personal data will be processed by automated systems and on paper.

Specific security measures have been deployed in order to prevent the loss of, unlawful or unfair use of, or unauthorised access to the data,

Retention period

(GDPR - Art.13, par. 2, a)

Data are normally stored for short periods of time, as strictly needed for fulfilling contractual or regulatory obligations.

Provision

(GDPR - Art.13, par. 2, f)

They are requested by our company for the purposes indicated.

Legal basis

(GDPR - Art.6, par. 1).

Processing is necessary for entering into contractual relationships and therefore consent is not required.

 

  • BROWSING DATA

The information systems and software procedures required for the proper functioning of this site will acquire, during normal operation, some personal information whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of the computers used by the users that connect to the website, URI (Uniform Resource Identifier) addresses of the resources requested, request time, method used to submit the request to the server, size of the response file, numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters regarding the operating system and the user’s IT environment.

For more information, write to the relevant e-mail address:

Purpose and legal basis for processing

(GDPR, Art.13, par. 1, letter c)

These data are used only to obtain statistical information on website use and to check that is functioning properly. Data could be used to ascertain responsibility in case of alleged computer fraud against the website (legitimate interest of Data Controller).

Scope of communication

(GDPR, Art.13, par. 1, letters e and f)

Your data will be processed only by internal staff who have been duly authorized and trained for processing (GDPR, Art.29) and they will not be disclosed to external persons, disseminated or transferred to non-EU countries. They may be disclosed to competent authorities only in the event of an investigation. Any other case will be specified in the relevant form.

Retention period

(GDPR, Art.13, par. 2, letter a)

Data are normally retained for brief periods of time, except for possible extensions connected with investigation activities.

Provision

(GDPR, Art.13, par. 2, letter f)

Data in a non-identifying form are collected autonomously and without consent.

Data in an identifying form are provided voluntarily by the data subjects after giving consent. 

 

  • COOKIES

For further information on cookies and how to enable and disable them, go to section Cookies on the website.

  1. RIGHTS OF THE DATA SUBJECT (GDPR Articles 15--22)

At any time, the data subject may exercise the right to:

  • ask for confirmation of the existence or otherwise of their personal data;
  • obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated, and, where possible, the period of time for which the data will be stored;
  • obtain the rectification or erasure of the data;
  • obtain restriction of processing.
  • obtain data portability, i.e. receive them from one data controller, in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance;
  • object to the processing at any time, including in the case of processing for direct marketing purposes;
  • object to an automated decision-making process relating to individuals, including profiling;
  • file a claim with the Italian Data Protection Supervisor.

Requests must be sent to the Data Controller by writing to the e-mail address:

Every effort will be made to make the functions of this site as interoperable as possible with automatic privacy control mechanisms available in some of the products utilised by users.

  1. RESPONSABILE DELLA PROTEZIONE DEI DATI:

The figure of Data Protection Officer (DPO) has not been identified as the Data Controller does not process data of natural persons falling within the definition of art. 37 European Regulation GDPR 2016/679