Privacy - AMADA EU

PRIVACY POLICY

Information required by Article 13 of Regulation EU 2016/679 (“GDPR”)
Amada Italia Srl (hereinafter Amada) considers the protection of individuals and the processing of their personal data to be fundamental rights. Transparency towards data subjects is thus a primary objective. This is pursued using efficient communication tools which are aimed at providing data subjects with basic information about how their data is processed.

1. GENERAL INFORMATION
The following general information applies to all areas of data processing:
- all personal data is processed in accordance with current data protection laws (Regulation EU 2016/679 and Legislative Decree 196/2003 as amended by legislative decree 101/2018)
- all personal data is processed in a legal, correct and transparent way in accordance with the general principles of Article 5 GDPR;
- specific security measures have been observed to prevent the loss of data and illegal or improper use, and unauthorised access to data in accordance with Article 32 GDPR;
- the company is part of an international group whose operational synergies may generate intercompany data flows; any transfer of data outside the EU takes place in accordance with the requirements of Chapter V of Regulation EU 2016/679, with specific reference to Article 46 para. 2c) “Standard data protection clauses approved by the Commission”.

Data Controller, Data Protection Officer and contacts
- the Data Controller is this Organisation, through its legal representative. AMADA ITALIA SRL Via Amada I., 1/3 29010 Pontenure (Piacenza)
  Tel. +39.0523.87.21.11 – Fax: +39.0523.872101 – Email: marketing@amada.it
- Amada has appointed a Data Protection Officer, who can be contacted for any information about data protection, or to exercise the rights listed below (DPO contact details: Mr. Gregorio Galli Strada della Viggioletta, 8 – 29122 Piacenza; Tel: 0523.010250 – Email: dpo@gallidataservice.com)

Rights of the data subjects
- the right to request the presence of and access to their personal data (Art.15 “Right of access”)
- the right to obtain the rectification/integration of inaccurate or incomplete data (Art.16 “Right of rectification”)
- the right to obtain the erasure of the data, with justification (Art.17 “Right of erasure”)
- the right to obtain the limitation of the data processing (Art.18 “Right of limitation”)
- the right to request the portability of their data (Art.20 “Right of portability”)
- the right to object to the data processing and to automated decision-making processes, including profiling (Art.21, 22)
- the right to revoke consent previously given;
- the right to lodge a complaint with the Italian Data Protection Authority, if no reply is received.

2) DATA PROCESSING CONNECTED TO THE OPERATION OF THIS WEBSITE
2.1 Browsing data
The computer systems and software procedures that operate this website acquire various types of personal data during normal use, which is transmitted using Internet communication protocols. This information is not collected to identify you personally. However, it could be used to identify you via processing and in association with data held by third parties. This data category includes the IP addresses or domain names of the computers used by any user connecting with this website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user's operating system and computer environment.

Purpose and legal basis for the data processing (GDPR­Art.13, para. 1c)
This data is only used to extract anonymous statistical information on the use of the website, as well as to check its functioning. The data may be used to ascertain liability in the event of computer crimes against the website (legitimate interest of the data controller).

Scope of disclosure (GDPR­Art.13, paras. 1e) and f)
The data may only be processed by internal personnel who have been duly authorised and trained in data processing (GDPR­Art.29) or by persons responsible for website maintenance (who are appointed as external data processors in such a case). It will not be disclosed to other persons, nor circulated or transferred to non-EU countries. The data will only be made available to the competent authorities in the event of an investigation.

Data conservation period (GDPR­Art.13, para. 2a)
The data is usually kept for short periods of time, apart from any extended period which may be connected to investigations.

Provision of data (GDPR­Art.13, para. 2f)
The data is not provided by the data subject but is automatically obtained by the website’s technology systems.

2.2 Cookies
What are cookies: Cookies are short fragments of text (letters and/or numbers) that allow the web server to store on the browser information which can either be reused during the same visit (session cookies) or for several days thereafter (persistent cookies). Cookies are stored, according to the user’s preferences, by each browser on the computer, tablet or smartphone. Similar technologies such as web beacons, transparent GIF and all forms of local storage introduced with HTML5 can be used to gather information about user behaviour and use of the services. In this privacy policy statement we will refer to cookies and similar technologies by simply using the word “cookies”.

Types of first party cookies and management of preferences

- Browsing or session technical cookies: guarantee the normal browsing and use of the website
- Technical analytical cookies: Gather information about the number of visitors and number of pages viewed
- Technical functional cookies: Allow browsing based on a series of selected criteria
- Profiling: Create user profiles for the purpose of sending preference-based advertising messages

MANAGING PREFERENCES
On the main browsers you can:

- Block, as a default, the receipt of all certain types of cookies
- View an itemised list of the cookies which are used
- Remove all or some of the cookies installed. For information about settings and individual browsers, see the relevant paragraphs. Blocking or deleting cookies can affect the browsing of the website.
The website may contain links to third-party website and third-party cookies; for more information please read the privacy policies on any linked websites.

Managing preferences on the main browsers

Users can decide whether or not to accept cookies by using their browser settings (please note that almost all web browsers are set to accept cookies automatically by default). Settings can be changed, and applied specifically for different websites and web applications. The best browsers also allow different settings to be defined for “proprietary” and “third-party” cookies. Usually, cookie configurations can be changed using the “Preferences”, “Tools” or “Options” menu.

Links to guides on managing cookies for the main browsers are given below:

- Internet Explorer: http://support.microsoft.com/kb/278835
- Internet Explorer [mobile version]: http://www.windowsphone.com/en­us/how­to/wp7/web/changing­privacy­and­other­browser­settings
- Chrome: http://support.google.com/chrome/bin/answer.py?hl=en­GB&answer=95647
- Safari: http://docs.info.apple.com/article.html?path=Safari/5.0/en/9277.html
- Safari [mobile version]: http://support.apple.com/kb/HT1677
- Firefox: http://support.mozilla.org/en­US/kb/Enabling%20and%20disabling%20cookies
- Android: http://support.google.com/mobile/bin/answer.py?hl=en&answer=16902
- Opera: http://help.opera.com/opera/Windows/1781/it/controlPages.html#manageCookies

Further information:

Www.allaboutcookies.org (for more information about cookie technology and how cookies work)
- Www.youronlinechoices.com/it/ (allows users to object to the installation of the main types of profiling cookie)
- Www.garanteprivacy.it/cookie (contains the main regulations imposed by the Italian Data Protection Authority)

2.3 Registering for newsletters
The Amada newsletter is distributed by email automatically and free of charge to anyone who asks to receive a newsletter by completing the form on the website or who authorises the sending of newsletters through other channels, and to Amada customers. The data we receive is processed using digital and online tools, only to provide the requested service. For this reason, the data will only be kept for the period in which the service is active. To unsubscribe, you can click on Unsubscribe at the bottom of each email.

Purpose and legal basis for the data processing (GDPR­Art.13, para. 1c) 
The identification and contact data necessary to activate and provide newsletter service (name and email) will be requested. Registration is subject to specific, free, informed consent (GDPR­Art.6, para 1a).

Scope of disclosure (GDPR­Art.13, paras. 1e) and f)
The data will only be processed by personnel who have been duly authorised and trained on data processing (GDPR­Art.29) or by third parties who may be responsible for correct provision of the services (e.g. web maintenance or dispatching applications).

Data conservation period (GDPR­Art.13, para. 2a)
The data will be kept for the period of time compatible with the purpose for which it was collected, or until the user unsubscribes.

Provision of data (GDPR­Art.13, para. 2f)
The data must be provided in order for the service to be activated.

2.4 Job applications
This page allows data subjects to submit their CVs to apply to work with Amada. Your identification details and address will be requested, together with your CV.

Purpose and legal basis for the data processing (GDPR­Art.13, para. 1c)
The data is obtained for the proper management of personnel recruitment procedures, and for the following responses. The sending of a request is subject to specific, free, informed consent (GDPR­Art.6, para 1a). At the time of hiring, a candidate will be duly informed about the contract of employment.

Scope of disclosure (GDPR­Art.13, paras. 1e) and f)
The data will only be processed by personnel who have been duly authorised and trained on data processing (GDPR­Art.29).

Data conservation period (GDPR­Art.13, para. 2a)
The data will be kept for the period of time compatible with the purpose for which it was collected.

Provision of data (GDPR­Art.13, para. 2f)
The provision of data in the mandatory fields is necessary in order to submit a job application. The optional fields are intended to provide staff with further information that may be useful in the recruitment process.

2.5 Access to download areas
The website contains several pages which are currently under construction. They will provide informative content and materials: ­ Customer area; ­ Sales area; ­ Technical area.
Login details and credentials will be issued when a registration request is sent.

Purpose and legal basis for the data processing (GDPR­Art.13, para. 1c)
The data necessary to identify the user is required, to enable access to the download area. Specific, free, informed consent is required (GDPR­Art.6, para 1a).

Scope of disclosure (GDPR­Art.13, paras. 1e) and f)
The data will only be processed by internal personnel who have been duly authorised and trained in data processing (GDPR­Art.29) or by persons responsible for website maintenance (who are appointed as external data processors in such a case).

Data conservation period (GDPR­Art.13, para. 2a)
The data will be kept for the period of time compatible with the purpose for which it was collected, or until the user asks for it to be deleted.

Provision of data (GDPR­Art.13, para. 2f)
However, if the Data is not provided, the download area cannot be accessed

2.6 Customer satisfaction
This page enables the data subject to express an opinion on the products and services, comparison with competitors, and the organisation of events.

Purpose and legal basis for the data processing (GDPR­Art.13, para. 1c)
The data is obtained in order to improve the services provided by Amada. The sending of a questionnaire is subject to specific, free, informed consent (GDPR­Art.6, para 1a).

Scope of disclosure (GDPR­Art.13, paras. 1e) and f)
The data will only be processed by personnel who have been duly authorised and trained on data processing (GDPR­Art.29).

Data conservation period (GDPR­Art.13, para. 2a)
The data will be kept for the period of time compatible with the purpose for which it was collected.

Provision of data (GDPR­Art.13, para. 2f)
The data in the mandatory fields must be provided in order for opinions to be offered.

2.7 Requests for information/estimates
These pages enable the data subject to request information or offers from our staff (Amada has consultants and advisers who can respond any time, to any queries).

Purpose and legal basis for the data processing (GDPR­Art.13, para. 1c)
This requires the identification and contact data necessary to respond to data subjects’ request for contact. The sending of a request is subject to specific, free, informed consent (GDPR­Art.6, para 1a)

Scope of disclosure (GDPR­Art.13, paras. 1e) and f)
The data will only be processed by personnel who have been duly authorised and trained on data processing (GDPR­Art.29).

Data conservation period (GDPR­Art.13, para. 2a)
The data will be kept for the period of time compatible with the purpose for which it was collected.

Provision of data (GDPR­Art.13, para. 2f)
The provision of data in mandatory fields is necessary in order to receive a response. The optional fields are intended to provide staff with further information that may be useful.

2.8 Data provided voluntarily by the user

If personal data is sent voluntarily to the addresses indicated on this website, either by email or by ordinary post, the sender’s email address will then be stored together with any other personal data in the email, in order to reply to the request. The disclaimers on outgoing emails used in these replies will contain all the necessary references to this policy, and will also indicate the professional nature of any communications sent through any company email address.

3) PROCESSING OF CUSTOMER/SUPPLIER DATA

Amada may process the personal data of customers or suppliers (such as name, surname, company name, general/fiscal data, address, telephone number, email address, bank details and payment data) together with their business contacts (name, surname and contact details). This data is obtained and used in connection with management of the contract (administration and operations) relating to the products or services sold or bought.

Purpose and legal basis of the processing
The data is processed in order to:
- conclude contractual/professional relations;
- fulfil the pre-contractual, contractual and fiscal obligations deriving from the contractual relations, and to manage the necessary communications (with particular reference to service and after sales);
- fulfil obligations imposed by laws, regulations, EC legislation or orders of the authorities (for example, with regard to participation in contracts/tenders, and obligations of joint and several liability; safety procedures relating to work carried out on site);
- exercise a legitimate interest or right of the Data Controller (for example: the right of defence in legal proceedings, to protect the positions of creditors; ordinary internal operational, managerial and accounting requirements.

In accordance with Article 6 paras. b, c and f, BC – these purposes constitute an adequate legal basis for the legality of the data processing. If data is to be processed for other purposes, specific consent of the data subject will be requested.

Scope of disclosure The data may be processed by company personnel who have been duly authorised and trained, or by external persons (for the correct fulfilment of the parties’ contractual obligations). Such persons will be bound by a protection and confidentiality obligation (tax/accounting advisers, banks etc.). As specified above, there may be intercompany data flows (any transfer of data outside the EU takes place in accordance with the requirements of Chapter V of Regulation EU 2016/679, with specific reference to Article 46 para. 2c) “Standard data protection clauses approved by the Commission”).

4) UPDATES TO THE POLICY
This data protection policy may be periodically updated to reflect changes in the law or relevant case law. Notice of such changes will be published for an appropriate period of time on the home page of the website. The data subject is invited to view this data protection policy periodically.