This page describes how Arca24.com SA treats the personal information of its website’s visitors as well as of those who interact with the web services that can be accessed by visiting the websites owned by the company, in accordance with the Federal Act on Data Protection (FADP) and the article 13 of the Regulation (EU) 2016/679 – GDPR.
1. Which kind of data we process (Article 13, paragraph 1, letter a, Article 15, letter b, GDPR)
Arca24.com SA – Via Roncaglia n.5, CH-6883 Novazzano, email address email@example.com, hereinafter referred to as “Arca24” or “Data Controller”, is the Data Controller of your personal data which may concern:
- Data provided by the user when filling in the contact form with the Data Controller or sending any other request;
- Data on our website, which include traffic data, location, profiling, site visit, IP address, operating system used, browser used, cookies;
- Data provided by the user through the “free demo” section.
2. The purposes of the data processing (Article 13, paragraph 1, letter c, d, e, f GDPR)
The above personal data are processed by the Data Controller in relation to:
- Purposes related to the management of requests from filling in contact forms, forms, demos, etc. The legal basis for this treatment is pre-contractual.
3. Refusal to provide the personal data (Article 13, paragraph 2, letter and GDPR)
Apart from that specified for navigation data, necessary for the correct functioning of the site, and for cookies (have a look at the cookies policy), the user is free to provide his personal data while requesting the sending of informative material. The refusal to process the personal data makes it impossible to obtain a response to such requests.
4. Personal data retention (Article 13, paragraph 2, letter a GDPR)
The processing of your personal data will last only for the period of time necessary to carry out the activities related to the management of the request and the consequent obligations, including legal requirements, and in any case for a period not exceeding 12 months from the contact. Personal data relating to profiling will be kept for a maximum of 12 months.
5. How Personal Data are processed (art. 13, 2° comma, lett. f, GDPR)
Personal Data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected.
Data processing does not include automated decision-making, but it may include profiling for those activities.
Your data can be accessed by suppliers who provide services to Arca24.
Arca24 has appointed each supplier that processes your data as external data processor, with the aim of ensuring adequate protection of personal data.
In particular, your personal data will be stored at Digital Ocean whose servers are located in Frankfurt.
6. Rights of the interested party (Article 13, paragraph 1, letter b, and paragraph 2, letter b, GDPR) and DPO
At any time and free of charge, the interested party may request the Data Controller to update and / or delete his data. These are specifically the rights referred to in the GDPR Articles: Art. 15 “Right of access”, Art. 16 “Right of rectification”, Art. 17 “Right to cancellation”, Art. 18 “Right to limitation of treatment”, Art. 20 “Right to data portability”.
The person in charge of the protection of personal data (Data Protection Officer) pursuant to art. 37 of the GDPR is Avv. Massimiliano Nicotra. It is possible to contact the DPO at any time for questions / requests / reports at firstname.lastname@example.org
The interested party can also contact and lodge a complaint with the competent authority.