Axitea S.p.A., as a security service provider, is committed to the protection of the personal data that is entrusted to it. Therefore, the data management and security are guaranteed with the utmost care, in accordance with the requirements of the European Regulation 679/2016 on the protection of personal data (hereinafter referred to as “GDPR”).
This policy indicates the purposes for which we could collect your data, the manner it is managed, with whom it could be communicated and what rights you are entitled to. Any term not defined in this privacy statement, is defined in our General Terms and Conditions.
What data do we collect?
Visitors to our website, can perform many actions without providing any personal information. However, when users register on the site, to request information on services and products of Axitea SpA (hereinafter “Axitea”), the latter must collect the following personal information of users:
- Contact information, such as: first name, last name, telephone number, city and email address;
- Customers contact information, such as: first name, last name, customer number, company name / contract holder, telephone number, city and email address;
- Candidate information for recruitment purposes, such as: first name, last name, date of birth, telephone number, permanent address, current address, email address, and curriculum vitae;
- Cookies and similar technologies: measure and analyze the use and effectiveness of our services, customize and optimize advertising targeting for our services on other websites and platforms, provide location services if you choose to share your location.
Why do we collect your data?
Axitea will use your data exclusively for the following purposes:
- Contract relationship management: the data will be processed in accordance with contractual obligations and the consequent fulfillment of legal and fiscal obligations, as well as to enable effective management of financial and commercial relationships. The data will be processed for the entire duration of the contract. Subsequently, for the fulfillment of legal obligations as well as for administrative and commercial purposes.
- Marketing: with your expressed consent, your data will be processed for marketing activities, market research, statistical analysis, newsletters, sending advertising/informative/promotional material both by automated contact methods (e-mail, SMS, etc.) and traditional (telephone, mail, etc.);
- Profiling: with your expressed consent, your data will be processed for profiling purposes. In particular for creating a commercial profile and/or to customize and optimize our services on the basis of your preferences. In addition, through matching personal data with other information collected through the profiling cookies accepted by you.
The personal data provision is mandatory for the purposes set out in point 1. The purposes 2 and 3 do not derive from a legal obligation and the conferment of the relative consent is optional. Any partial or total failure to provide the data will result in the partial or total impossibility of achieving the aforementioned purposes.
In order to avoid over processing the data, occasionally the data will be assessed in different ways, depending on their relevance and suitability. We will not use your personal data for any purpose other than those described in this policy, unless we inform you in advance and, where necessary, obtain your consent.
Legal basis for data processing
The legal basis for the collection and use of your personal information as described above will depend on the specific context in which we collect it. The main purpose for which we will collect and use your personal information is for contract management and provide correct and efficient service. However, we will also use your personal information when such activity is within our legitimate business interest. In some cases, we may have a legal obligation to collect personal data (for example in the case of a legal proceeding) or we may need to process or share it with others to safeguard your interests and those of third parties.
How do we use your information?
The personal information you provide will be processed in compliance with GDPR and the principles of correctness, lawfulness, transparency and confidentiality which are part of Axitea’s ethics and values. Data processing can be carried out both through the use of archives and paper supports, and through the use of digital and electronic instruments, in compliance with the security measures provided for by current European legislation.
Your personal data will be stored, starting from their receipt/update, for a period of a maximum period of 10 years (unless otherwise provided by law providing for longer periods), after which they will be deleted or anonymized.
With whom do we share your personal information?
We will not “over share” your personal information. In term “over share” we intend to imply that we will not share your information in an indiscriminate way. However, we may share your information with one or more specific subjects. Under the following terms:
- To subjects, within our company, who are in charge of processing data, in particular to HR and sales departments;
- To subjects who have the right to access the data, within the limits set by the applicable laws and norms;
- To subjects who need access to data for purposes outside of the existing current relationship. However, remaining within the limits required to perform the additional tasks entrusted to them (for example: credit institutions, couriers, etc.);
- To internal consultants, only during such time as necessary to perform their job in accordance with confidentiality and security as described in Axitea’s code of conduct.
- To subjects belonging to our corporate group, limited to the tasks and remaining within the constraints imposed by the Group itself.
- Other foreign subjects (not belonging to the European Community) as auxiliary third parties to our collaborators, yet limited to the purposes of processing administrative and accounting data;
A complete and updated list of external companies and consultants, with whom we communicate your data, can be requested directly from the subjects referenced in the section “Who will process your data?”.
What are your rights?
At any time, you will have the right to request:
- Access to your personal data;
- Their origin;
- The reasoning, methods and purposes of the data processing;
- To update, correct, integrate, cancel, anonymize, and block data processing that is in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
- To limit or oppose the processing of your data;
- The right to portability. i.e. to receive your personal data, in a structured format for common use or in machine readable format;
- To revoke your consent after having given it. The latter does not affect neither the legality of the processing already performed, nor does it affect the processing of your personal information carried out in relation to other legitimate processing grounds other than consent.
- To complain to the Supervisory Authority on data protection (Data Protection Authority) regarding the collection and use of your personal information.
Axitea will handle your request with the utmost commitment to ensure the effective execution of your rights.
Who will treat your data?
The Data Controller of your personal data is Axitea, whose registered office is located in via Gallarate 156 – 20151 Milan.
Axitea has appointed a Data Protection Officer (DPO) person in charge of who is available by e-mail at firstname.lastname@example.org. You can also contact the Data Controller by mail or fax. Be sure to include on the envelope or on the cover sheet “Inerente la Privacy”.
If you have any questions or concerns about this statement, please contact us.
Privacy information updates
We may update this Privacy statement in response to continuous legal, technical, or commercial developments. We invite you to visit this page periodically to keep up-to-date with the latest information regarding our policies.