Privacy Policy
“AQRATE” service Privacy policy
PRIVACY POLICY ON DATA PROCESSING
This privacy policy, prepared in accordance with the provisions of Articles 13 and 14 of EU Regulation 2016/679 (hereinafter, the GDPR) and Legislative Decree no. 196/2003 and subsequent amendments, describes the processing of the personal data of users collected during the use of the services provided on the website https://aqrate.biz/ (hereinafter the website) and not for other websites that may be consulted by the users through links on the website.
PRIVACY POLICY ON DATA PROCESSING
AQRATE S.r.l. (hereinafter, AQRATE), with registered office at via Galliera n. 8, 40121 Bologna, in the person of its Legal Representative pro tempore, e-mail privacy@aqrate.biz, is the Data Controller of the personal data of users collected during the use of the services on this website.
AQRATE will process the personal data that come into its possession in compliance with the principles of lawfulness, fairness and transparency as well as the provisions of law and regulations, for the following purposes:
- Access to the website and navigation;
- Management of requests for information;
In detail, the use of personal data for access to and browsing of the website involve the processing of data to implement measures adopted at the request of the data subject, which is the legal basis that legitimises the processing. The use of personal data for the management of further processing and the specific legal bases of the processing, are described in the section of this policy on the principles applicable to the processing of data by AQRATE.
CATEGORIES OF PERSONAL DATA
Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
These data are not collected to be associated with identified data subjects, but by their very nature could allow users to be identified through processing and association with data held by third parties.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server‘s response (successful, error, etc.), and other parameters related to the user’s operating system and IT environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check that it is functioning correctly, and is deleted immediately after processing. The data may be used to determine responsibility in the case of computer crimes that harm the site or the Data Controller: except for this possibility, at present, the data on web contacts do not persist beyond the terms of the law.
Data provided voluntarily by the user
The optional, explicit and voluntary mailing to the addresses listed on this website entails the subsequent acquisition by AQRATE of the sender address, necessary to respond to requests and other personal data included in the communication.
Specific information will be found on the pages of the website relating to specific on-demand services.
Personal data
The user can use the features on the AQRATE website to provide some of their own personal information that can make them identifiable and that can be processed in order to manage, for example, the requests of the latter.
PRINCIPLES APPLICABLE TO THE PROCESSING OF DATA BY AQRATE
AQRATE processes the personal data of users in a lawful, correct and transparent manner.
The Data Controller will collect the personal data of users and will process them only for the purposes indicated in this Privacy Policy and in such a way that they are not incompatible with the purposes themselves.
The data processed by AQRATE are adequate, relevant and limited to what is necessary for the purposes for which they are processed, including:
REQUESTS FOR INFORMATION
The Data Controller will process the personal data of users who request information about the initiatives, projects, products or services offered by AQRATE in order to manage, detect and provide what is requested by the data subject. The data will be recorded, stored and used to respond to the requests of the data subjects and for the time necessary to achieve the aforementioned purpose. The legal basis for the processing is the execution of pre-contractual measures taken at the request of the data subject (Art. 6 (1)(b) of EU Reg. 2016/679).
DATA PROCESSING PROCEDURES
Personal data are and will be processed, in paper and/or digital form, for the time period necessary to achieve the purposes for which they were collected.
There is no automated processing of the collected data, including user profiling.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorised access.
TRANSFER OF PERSONAL DATA TO COUNTRIES OUTSIDE OF THE EUROPEAN UNION
Personal data collected by Aqrate is processed and stored within the territory of the European Union. Some personal data may be transferred to recipients located outside the European Economic Area. In such cases, the transfer will be carried out in compliance with the provisions of Chapter V of Regulation (EU) 2016/679 (“GDPR”); specifically, data will be transferred only after the signing of the Standard Contractual Clauses approved by the European Commission with Decision No. 2021/914/EU or to countries capable of ensuring an adequate level of personal data protection and thus subject to an Adequacy Decision adopted by the European Commission.
CATEGORIES OF DATA SUBJECTS TO WHOM DATA CAN BE DISCLOSED (RECIPIENTS)
In order to correctly fulfil the purposes of the data processing, the personal data of users may be accessed by individuals who are authorised to do so pursuant to legal provisions, as well as by the collaborators or employees of the Data Controller in the performance of their duties, and by all public and/or private individuals and/or legal persons whenever the disclosure of such information is necessary or appropriate to achieve the purposes stated in this policy.
RIGHTS OF THE DATA SUBJECTS
The users of the website have the following rights, pursuant to Articles 15-22 of the GDPR:
- Request for access to personal data: the user has the right to obtain confirmation from the Data Controller that processing of their personal data is in progress and, in such case, to obtain access to the personal data. The user may have direct access to the following information:
- The purposes of processing;
- The categories of personal data concerned;
- The recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organisations;
- The loss of retention of personal data or the criteria used to determine this period;
- The existence of the right to request rectification or erasure of personal data from the Data Controller or to restrict the processing of personal data concerning the data subject or to object to such processing;
- The existence of an automated decision-making process.
- Request for correction of personal data: the data subject has the right to request the correction of inaccurate personal data and to obtain the integration of incomplete personal data.
- Request for erasure of personal data: for the reasons indicated in Article 17 of the GDPR, the data subject shall have the right to obtain the cancellation of personal data by the Data Controller without undue delay and the Data Controller must erase such personal data without undue delay, provided that there is no legal obligation of retention of the data.
- Right to limitation of the processing of data: the Data Subject has the right to obtain from the Data Controller the limitation of processing under any of the circumstances defined by art. 18 of the GDPR.
- Data Portability Request: The data subject has the right to receive their personal data, provided to a Data Controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit such data to another Data Controller, provided the processing is based on consent, on a contract, or is carried out by automated means.
- Right to object to processing: the data subject has the right to object to the processing of personal data concerning them at any time, for reasons connected with their particular situation.
- Withdrawal of consent: the data subject has the right to revoke their consent to the processing of their personal data at any time and with the same ease with which they gave their consent.
The data subject also has the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).
The data subject can send requests relating to the exercise of the rights referred to above, to privacy@aqrate.it
This privacy policy was updated on 29/08/2022