Abitarte Srl with registered office in S.p. 231 km 43.100, 70033 Corato (BA) – Italy, in its capacity as autonomous data controller intends to inform you of the manner in which it collects, uses and discloses your personal data through the website (“website”) and related services (“services”), in compliance with all applicable laws and regulations on data protection and with particular reference to (i) PERSONAL DATA PROTECTION CODE (Legislative Decree No. 196 of 30 June 2003); (ii) Regulation (EU) No. 679 of 27 April 2016 (the so-called General Data Protection Regulation or “GDPR”), in force as of 25 May 2018; and (iii) any additional laws, ordinances, regulations or provisions of national and European data protection authorities – hereinafter collectively referred to as the “Applicable Data Protection Legislation”.

1)TO WHAT AND TO WHOM DOES THIS POLICY REFER?
The Company is the controller of personal data (i.e., any information relating to an identified or identifiable natural person as data subject) collected from you or about you through the Site and Services, which are processed in accordance with this Privacy Policy. This Privacy Policy and our Cookie Policy apply to all users, including those who use the site and services without registering or subscribing to a specific service.

2)WHAT KIND OF PERSONAL DATA DO WE COLLECT?
The company collects (1) data that you have voluntarily shared with the company (2) activity data collected when you access and interact with the site or services and (3) other information. More specifically, the company collects the following personal data: Data that you have voluntarily shared with the company. We may collect your personal data (such as, first name, last name, email, phone number, etc.) if you submit a request using the contact form available on the site or if you wish to benefit from the services we provide; Activity Data. During your access to or interaction with the site, we may collect certain information about your visits. For example, to enable you to connect to the Site or services, our servers receive and record information about your computer, device and browser, including, potentially, your IP address, browser type and other software and hardware information. If access is from a mobile or other device, the unique identifier assigned to it, geolocation data or other information about the operations performed with that device may be captured. We may also use cookies and other tracking technologies (such as Google Analytics with anonymised IP and Facebook Ads conversion tracking (Facebook pixel)), which may also be used to collect and store information about the use of the website or services, such as pages visited, content viewed, searches performed and advertisements viewed. Further information can be found in our Cookie Policy. Information from other sources. The information we collect may be supplemented with information from other sources, e.g., publicly and commercially available information. If the information we collect from and about you does not identify you as a specific person (e.g., raw, aggregate or anonymous data), directly or indirectly, it may be used for any purpose or shared with third parties to the extent permitted by applicable data protection legislation.

3)WE DO NOT COLLECT
Special categories of personal data. We expressly request that you do not send us or otherwise disclose on or through the Site, the Services or in any other way any information included in special categories of personal data (such as social security numbers, information regarding racial or ethnic origin, political opinions, religious or other beliefs, health, criminal record or trade union membership).

4)WHY DO WE COLLECT PERSONAL DATA?
We process personal data collected from and about you to: a) enable you to use the Site and the Services; b) evaluate and improve our Services and their features; c) improve your experience when browsing the Site and using the Services; d) provide customer service and respond to requests; e) comply with legal obligations (including providing the Services); or respond to requests from public and government authorities; f) protect the rights of the Company and others: more specifically, in certain cases the company may disclose personal data, including in situations where the company believes in good faith that such processing is necessary: (i) for the protection, assertion or defence of the legal rights, privacy, safety or property of the company or its respective employees, agents and contractors (including the enforcement of our contracts and terms of use); (ii) to protect the safety and privacy of users of the site or services or other persons; and (iii) for fraud protection or risk management purposes; g)with your optional consent, to send you promotional and marketing communications by automated means (sms, mms, email, unattended telephone calls, etc. h)with your optional consent, to understand your personal preferences and choices in order to always provide you with the services you prefer.

5)HOW LONG DO WE KEEP PERSONAL DATA?
The company processes personal data for a period of time that does not exceed the achievement of the purposes envisaged in accordance with paragraph 3 above. f) are kept for the period of time strictly necessary to pursue the legitimate interests of the Company; d)data collected for the purposes set out in paragraph 3, lett. g) and h) are kept for the period of time strictly necessary to fulfil the purposes for which they were originally collected and, in any case, for no longer than 5 years;

6)HOW ARE PERSONAL DATA PROCESSED?
For the above-mentioned purposes, data are processed by electronic and manual means, and are protected by appropriate security measures. In this regard, although the company applies appropriate administrative, technical, physical and personnel measures to safeguard the data in its possession from loss, theft, unauthorised use, dissemination and modification, it cannot guarantee the exclusion of all possible cyber risks.

7)WHO HAS ACCESS TO PERSONAL DATA?
The data acquired during browsing, may be known and processed within the company Abitarte Srl by the personnel in charge of data processing to the extent that this is necessary for the performance of their duties, carrying out only those operations necessary for the execution of the same.
In the event of express request and in the circumstances authorised by law, the data may be communicated by Abitarte Srl to the Public Safety Authorities and Police Forces. No browsing data is disseminated in any way.

8)ARE PERSONAL DATA TRANSFERRED ABROAD?
Personal data may be transferred to countries within or outside the European Economic Area (EEA).

The European Commission has recognised the adequacy of personal data protection in accordance with the EEA standards of some non-EEA countries. The full list of these countries is available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en

Please note that adequate safeguards are in place for data protection when transferring data to countries outside the EEA, so such transfers comply with the requirements and obligations prescribed by the applicable data protection legislation.

We do not transfer personal data to countries outside the European Economic Area.

9)WHAT RIGHTS CAN BE ASSERTED IN RELATION TO PERSONAL DATA?
The User has and/or may exercise the following rights at any time, free of charge:

a) right to be informed of the purposes and methods of processing;
b)right of access;
c)the right to obtain a copy of the data held abroad and information on where they are stored;
d)the right to request that the data be updated, corrected or supplemented;
e)the right to request the deletion, anonymisation or freezing of data;
f)the right to object to the processing, in whole or in part, even where it is carried out by automated decision-making, including profiling;
g)the right to withdraw consent to data processing freely and at any time;
h)right to contact the Data Protection Officer, if applicable;
i)the right to lodge a complaint with the competent national data protection authority or judicial authorities.
In addition to the rights listed above, as of 25 May 2018 the User may also exercise the following rights, following the full applicability of Regulation (EU) No. 679 of 27 April 2016:

a)right to data portability (i.e. to receive an electronic copy of the personal data concerning him/her, for possible transfer to the User or to another data controller);
b)right to restrict processing.
Should you have any doubts, comments or complaints regarding the collection or use of your personal data, please do not hesitate to contact us at info@abitarte.eu.

10)MODIFICATIONS AND UPDATES
The company may also amend and/or supplement this Privacy Policy as a result of amendments and/or additions to the applicable data protection legislation.