PRIVACY POLICY

INFORMATION FOR USERS OF THE WEBSITE

This is the web page of ATLANTICA DIGITAL S.p.A. with headquarters in Via Barberini n.29, 00187 Rome, C.F. and VAT No. 14650841001, Telephone: 064620171, email: atlantica@atlantica.it,  Data Controller of the data processing concerning you, (hereinafter “ATLANTICA” or “Data Controller” or “Owner”).
To request information on the data processing and to exercise your rights, you can write an email to privacy@atlantica.it or, if you prefer a different option, such as a letter, you can send it to the following address: Privacy Office of ATLANTICA DIGITAL S.p.A. – Via Barberini n.29, – 00187 ROME.

Where we get your data and what it is
When you connect to a website it is inevitable that some information will be acquired, such as the IP address and the characteristics of the program with which you are consulting the Internet. Today,  websites are dynamic, allow you to interact with questions and answers, allow connection to social networks so other information, including behavior, tastes and preferences, can be acquired to improve the browsing experience and facilitate the search for products and services. Finally, the site needs some technical elements, called cookies, in order to function better and improve your browsing experience.
If you are a registered user and have already given consent to the processing, this data may be registered, associated with your profile and stored until you have relations with us. Then they will be canceled, except for legal obligations.

How and why we process your data
When you come to visit our site, it is as if you were looking at a shop window and we saw what you are doing inside the shop. It is our interest to manage this data to improve the offer of products and services via the web. If you are not registered, your data will be processed anonymously, but indirectly it could be traced back to your identity. Other data will be processed only with your explicit consent. In any case, they will be treated by competent and educated people to guarantee the processing only of the data actually necessary and secure management, through adequately protected computer systems and paper archives. Your data will not be disclosed, will not be transferred outside the EU and will not be disclosed to third parties, unless required by law or authorities. They may be managed by subjects external to our organization, but always under our control, to guarantee certain activities.

The following are your rights
It is your right to know what data has been collected, how it is managed, to whom it will eventually be transferred, to have a copy on IT support and to intervene on the processing to request its blocking, modification, updating and cancellation, using the contact details already indicated at the beginning of this document. If you are a registered user and you want to delete your profile, you must log in with your credentials and select this option. If you aren’t able do it, you can write to the addresses already indicated and we will take care of it.

If you believe that this information is not sufficient, we advise you to consult the complete information at the following address www.atlantica.it/privacy. If  this information doesn’t satisfy you, you can write to us for clarification at the addresses already indicated, and if after our replies you are still not satisfied, you can contact the Guarantor for the Protection of Personal Data through the website www.garanteprivacy.it

Please note that the extended information contains all the elements required by law, describes the characteristics and purposes of the cookies installed by the site and provides the user with the information to select / deselect individual cookies.

COMPLETE INFORMATION FOR THE USERS OF THE WEBSITE
Pursuant to art. 13 European Regulation 679/2016 (hereinafter “Regulation”)
and national legislation, Legislative Decree 196/2003 adequate by Legislative Decree 101/2018 (hereinafter referred to as “Applicable Regulations”).

ATLANTICA DIGITAL S.p.A. with headquarters in ROME (RM), Via Barberini n ° 29, – 00187, C.F. e P.IVA 14650841001, Telephone: 064620171, mail: atlantica@atlantica.it, Owner of the processing of personal data according to the Regulation, (hereinafter, for brevity, Owner)

                                                          INFORMS

Users who connect to the website www.atlantica.it, registered and unregistered, that the personal data collected by the company, acquired by third parties or spontaneously provided by the interested parties through the various options on the site (work with us, newsletter, competitions and events, etc.), will be handled in a lawful and correct manner, in compliance with the principles ratified in EU and Italian law.

Data subject to treatment
Navigation data: IP address, operating system and browser used for navigation, connection and disconnection date and time, time spent on the site, pages visited, activity carried out, location (if the relevant service is active) and anything else rendered available from your computer, based on security settings.
Personal data: name, surname, email address, telephone, fax, physical contact details, where available, any IDs that will be communicated and data present in the CV, if sent by email.

Purpose and legal basis of the processing
The collection and any other data processing activity of the data of the interested parties acquired through the website are carried out by the Data Controller at the company’s offices, in compliance with the security measures and prescriptions imposed by the Applicable Regulations, or by individuals delegated by it (specifically selected and equipped with the necessary professionalism), with manual and computerized procedures, to allow the user a simple and rewarding browsing experience, to gather useful elements to improve the offer of products and services via the web, to execute specific requests of the concerned (e.g. a contact request, or a spontaneous application), for pre-contractual and contractual obligations, for ordinary administrative financial and accounting activities, to ensure the correct management of customers during the marketing and sale of products, for after-sales assistance, for compliance to legal obligations. The processing is also aimed at the elaboration of statistics in an anonymous form.
The processing, at the request of the interested party or after obtaining specific consent, can also be carried out through CRM and customer care, for the detection of the degree of satisfaction, tastes, preferences and habits of the interested party, for sending commercial information or advertising material, for direct marketing campaigns, for participation in games, competitions or prize operations, for involvement in events and shows, for the provision of services, for market research and other operations directly or indirectly attributable to marketing.

Legal bases of the processing are the legitimate interest of the owner to manage user browsing data to improve the offer of products and services through the website, the consent expressed by the interested parties and the obligations relating to the pre-contractual and contractual phases of the relationship. However, it is always possible to request the Data Controller to clarify the legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided by a contract or necessary to conclude a contract.

Sources and nature of the data
Data collection can take place via the company website, by browsing analysis or spontaneous insertion by the interested party, using the specifically created forms.
With regard to the registered user, the Data Controller performs the processing of personal data, telephone and telematic contact details and any bank data communicated for payments, as well as other essential data to satisfy the requests of the interested parties or fulfill the commitments undertaken.
The conferment is therefore mandatory, since it won’t be possible to process the data in the event of failure to issue consent or revocation of it, to initiate the processing.
It is necessary to highlight that any incorrect or insufficient communication of the requested data may result in the total or partial impossibility of executing the requests of the interested party or the obligations related to the commitments undertaken, with the consequent possible mismatch of the results of the treatment to the agreements taken or obligations imposed by rules and regulations.
The other data, however, is collected for the sole purpose of adapting the promotional campaigns, the offers and, in general, the business activity, to the interests of customers and other parties involved in any case. Their conferment, therefore, is not mandatory and any refusal to process or withdraw consent does not affect the establishment or continuation of the main relationship.

Data of Minors
Minors under the age of 16, cannot provide data without the consent of the parent or guardian.
The owner will not be in any way responsible for any false declarations that may be provided by minors and, if they ascertain the false declarations, the Owner will immediately delete any personal data and any information acquired. In any case, consent to the processing of data by minors over the age of sixteen is authorized for under eighteen, only for access to the services of the information company. However, minors under the age of 18, cannot approve and sign terms of service.

Navigation data
During their normal operation, the IT system and the software used for the company web portal acquire some personal data whose transmission is implicit in the use of Internet communication products. This information is not stored to identify the interested parties, but by their nature, they can, through processing and association with other data managed by third parties, allow the identification of the user.
This category of data concerns the IP addresses and domain names of the computer used by the user to connect to the site, the URL (Uniform Resource Locator) addresses of the requested resource, the time of the request, the method used to send the request to the server, the size of the file received, the numeric code used to indicate the status of the response given by the server (executed or error, etc.) and other parameters relating to the operating system and the user’s computer. These data are used only to create anonymous statistics on the use of the site and to check its correct functioning. They are usually deleted immediately after processing. They can be used and provided to law enforcement and the judiciary to ascertain responsibility in case of damage to the site or of offenses perpetrated through the network.

Data transferred by the user.
Filling in the forms that may be present on the pages of the site entails the acquisition of data in the system memory. The information is protected by an authentication system and can only be used by those with credentials. They are also updated and adequately protected, based on available best practices.
Requests for information by e-mail involve the storage of the user’s e-mail address, necessary to respond to the sender’s requests. The data stored in the message is included. The Owner suggests to his customers, during their requests for services and information, not to
transmit data or personal information of third parties, unless absolutely necessary.

Cookie
How it happens with most websites, information regarding navigation on the site is kept for statistical reasons. The collection of information is possible thanks to the use of cookies. The cookie is a small file that is transferred to the computer’s hard drive when it connects to a site.
This data are not personal, as they do not allow specific identification of the user. The data collected concern the geographical location of the service provider, the type of browser used, the IP address, the pages visited, etc. The information thus collected, allows you to see the frequency of visits to a site and the activity performed while browsing.
In this way, over time, it is possible to improve the contents of the site and facilitate its use.
Even companies that transmit content to the site or whose sites are accessible via links, can use cookies when the user selects the relevant link.
In these cases the use of cookies is not under the direct control of the Data Controller. Most browsers automatically accept cookies, but you can reject them or select only a few, according to the preferences set by the user. However, if the user inhibits the loading of cookies, some components of the site may stop working and some pages may be incomplete.

Essential technical cookies
These are cookies necessary to ensure a correct and fluid functioning of the site: they allow navigation of the pages, sharing of contents, storage of access credentials to speed up entry to the site and to keep preferences and credentials active during browsing and improving the browsing or shopping experience. Without these cookies it is not possible to provide, in whole or in part, the services for which users access the site.

Statistical cookies
These cookies allow us to understand how users use the site, to be able to then evaluate and improve its operation and to create increasingly appropriate content for user preferences. For example, these cookies allow you to know which pages are the most and least frequented, how many visitors are on the site, how much time the average user has spent on the site and how visitors arrive on the site. In this way, it is possible to determine which are the optimal operations and the most appreciated contents and how the contents and functionality of the pages can be improved. All information collected by these cookies is anonymous and not linked to the user’s personal data.

Third party profiling cookies
They are cookies used by third parties not directly controlled by the owner. The company cannot provide guarantees regarding the use that will be made of the data, the processing of which is directly operated by an external entity. Cookies from these third party operators allow us to offer advanced features, as well as more information and personal functions. This includes the possibility of sharing content through social networks and having a personalized website experience based on the preferences expressed through the pages visited.
If you have an account or if you use the services of these other data controllers, they may be able to know that the user has visited the company website. The use of data collected by these external operators through cookies is subject to their privacy policies. Third-party profiling cookies are identified with the names of their respective operators and can be deactivated.

Management of cookies
By selecting the ACCEPT button shown by the banner superimposed on the Homepage, you authorize the installation of cookies on the device in use by the interested party. You can change the settings of the cookies downloaded through the browser features. By doing so, it is also possible to prevent the installation of third-party cookies and remove previously installed cookies, including those containing cookie preferences. To adjust or change the browser settings, it is necessary to consult the software or application manufacturer’s guide. Disabling cookies can cause the site or part of  it to malfunction.

Third party sites.
The site, even only periodically, may contain links with third-party sites and applications (Google Adwords Widget, Analitycs, Youtube, Vimeo, etc.), to provide additional services and information to the user. When the user uses these links, he leaves the company website and accesses other resources that are not under the direct control of the Data Controller, who, therefore, will not be responsible for the procedures relating to navigation, security and treatment of the personal data operated by other sites, even in the presence of co-branding or display of the company logo. A careful examination of the security and confidentiality procedures of the visited site is recommended, which could transmit additional cookies, read those already present on the user’s hard disk and request / acquire further personal information.

Interaction with external social networks and platforms
The site, through widgets and buttons, can interact with external platforms and social networks. In this case, the information acquired depends on the settings of the profiles used by the user on each social network and not by the administrator of this site.
More information can be obtained from the websites of the companies offering the service. In this case, the data are not managed by the website of the data controller, which connects these buttons only to offer a further service to the interested party, but has no control over them.

Communication and diffusion
The data processed through the website are exclusively of a common nature and are not intended for dissemination. The Data Controller does not request and has no interest in collecting and processing data classified by the Regulation as “particular” (health, genetic, biometric, etc.) or “criminal”, except for legal obligations.
The data must be transferred to third parties in the fulfillment of obligations deriving from laws or regulations (Institutions, Law Enforcement, Judicial Authorities, etc.) or for activities directly or indirectly connected to the relationship established. By way of example, the following are mentioned:

● Individuals who need to access the data of the interested party for purposes concerning the relationship with the Data Controller (Credit institutions, Financial intermediaries, Electronic money institutions and payment management, Debt collection companies, Customer verification companies, Carriers, etc.);
● Consultants, collaborators, service companies, within the limits necessary to carry out the assignment conferred by the Owner;
● Subsidiary and / or associated companies that can access data, within the limits strictly necessary to carry out tasks entrusted by the Owner.

The data may be communicated to who is operating within the European Union, or in countries that guarantee the same level of protection provided by the Applicable Regulations. The updated list of data processors can be found at the owner’s office.

The data of the interested party may be communicated to who is operating in non-EU countries where expressly permitted by the interested party. In any case, the data processing carried out in the various countries will be adequate to the most restrictive rules, in order to ensure in any case the highest level of protection.
They may be transferred to third parties, even for consideration, if the interested party has given express consent, for purposes directly or indirectly connected to the activity of the Data Controller.

Data retention times
The data processed by the Data Controller, except for legal obligations, are kept until express request for cancellation by the interested party and in any case periodically verified, also with automatic procedures, in order to guarantee their updating and effective compliance with the purposes of the data processing. If the purpose for which they were acquired has ceased, the data will be deleted, unless they must be processed to protect legal claims, for regulatory obligations or for the express request of the interested party. At the end of the data processing and following the cancellation, the rights of the interested party can no longer be exercised.

Rights of the interested party
The interested parties have recognized the rights referred to in articles from 15 to 22 of the GDPR 679/2016 and of the Applicable Regulations in general. In particular, the interested party has the right to withdraw the consent to the processing of data at any time, request its correction, updating, transformation into anonymous form, even partially limit its use, request portability and possible cancellation. The rights can be exercised to the extent that processing is not mandatory due to legal or regulation provisions. The requests relating to the exercise of the rights of the interested party can be addressed to the Data Controller at the following address: privacy@atlantica.it. If the interested parties are not satisfied with the response provided to their requests by the Data Controller or by the Data Protection Officer, they can lodge a complaint with the Guarantor Authority for the Protection of  Personal Data, based in Piazza Venezia n.11, 00187 Rome www.garanteprivacy.it