AQRATE S.r.l. (hereinafter, AQRATE), with registered office at via Galliera n. 8, 40121 Bologna, in the person of its Legal Representative pro tempore, e-mail firstname.lastname@example.org, is the Data Controller of the personal data of users collected during the use of the services on this website.
AQRATE will process the personal data that come into its possession in compliance with the principles of lawfulness, fairness and transparency as well as the provisions of law and regulations, for the following purposes:
- Access to the website and navigation;
- Management of requests for information;
In detail, the use of personal data for access to and browsing of the website involve the processing of data to implement measures adopted at the request of the data subject, which is the legal basis that legitimises the processing. The use of personal data for the management of further processing and the specific legal bases of the processing, are described in the section of this policy on the principles applicable to the processing of data by AQRATE.
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
These data are not collected to be associated with identified data subjects, but by their very nature could allow users to be identified through processing and association with data held by third parties.
This category of data includes IP addresses or domain names of computers used by persons who connect to the website, the URI (Uniform Resource Identifier) of requested resources, the time of request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters regarding the user’s operating system and computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check that it is functioning correctly, and is deleted immediately after processing. The data may be used to determine responsibility in the case of computer crimes that harm the site or the Data Controller: except for this possibility, at present, the data on web contacts do not persist beyond the terms of the law.
Data provided voluntarily by the user
The optional, explicit and voluntary mailing to the addresses listed on this website entails the subsequent acquisition by AQRATE of the sender address, necessary to respond to requests and other personal data included in the communication.
Specific information will be found on the pages of the website relating to specific on-demand services.
The user can use the features on the AQRATE website to provide some of their own personal information that can make them identifiable and that can be processed in order to manage, for example, the requests of the latter.
AQRATE processes the personal data of users in a lawful, correct and transparent manner.
The data processed by AQRATE are adequate, relevant and limited to what is necessary for the purposes for which they are processed, including:
The Data Controller will process the personal data of users who request information about the initiatives, projects, products or services offered by AQRATE in order to manage, detect and provide what is requested by the data subject. The data will be recorded, stored and used to respond to the requests of the data subjects and for the time necessary to achieve the aforementioned purpose. The legal basis for the processing is the execution of pre-contractual measures taken at the request of the data subject (Art. 6 (1)(b) of EU Reg. 2016/679).
Personal data are and will be processed, in paper and/or digital form, for the time period necessary to achieve the purposes for which they were collected.
There is no automated processing of the collected data, including user profiling.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorised access.
In order to correctly fulfil the purposes of the data processing, the personal data of users may be accessed by individuals who are authorised to do so pursuant to legal provisions, as well as by the collaborators or employees of the Data Controller in the performance of their duties, and by all public and/or private individuals and/or legal persons whenever the disclosure of such information is necessary or appropriate to achieve the purposes stated in this policy.
The users of the website have the following rights, pursuant to Articles 15-22 of the GDPR:
- Request for access to personal data: the user has the right to obtain confirmation from the Data Controller that processing of their personal data is in progress and, in such case, to obtain access to the personal data. The user may have direct access to the following information:
- The purposes of processing;
- The categories of personal data concerned;
- The recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organisations;
- The loss of retention of personal data or the criteria used to determine this period;
- The existence of the right to request rectification or erasure of personal data from the Data Controller or to restrict the processing of personal data concerning the data subject or to object to such processing;
- The existence of an automated decision-making process.
- Request for correction of personal data: the data subject has the right to request the correction of inaccurate personal data and to obtain the integration of incomplete personal data.
- Request for erasure of personal data: for the reasons indicated in Article 17 of the GDPR, the data subject shall have the right to obtain the cancellation of personal data by the Data Controller without undue delay and the Data Controller must erase such personal data without undue delay, provided that there is no legal obligation of retention of the data.
- Right to limitation of the processing of data: the Data Subject has the right to obtain from the Data Controller the limitation of processing under any of the circumstances defined by art. 18 of the GDPR.
- Right to the portability of the data: the data subject has the right to receive, in a structured, commonly used and readable format, the personal data concerning them provided to a data 4 controller, and to possibly forward the data to another data controller, if the processing is based on consent or a contract and is carried out by automated means.
- Right to object to processing: the data subject has the right to object to the processing of personal data concerning them at any time, for reasons connected with their particular situation.
- Withdrawal of consent: the data subject has the right to revoke their consent to the processing of their personal data at any time and with the same ease with which they gave their consent.
The data subject also has the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).
The data subject can send requests relating to the exercise of the rights referred to above, to email@example.com