PERSONAL DATA PROCESSING NOTICE

After accessing our websites, www.axeltechnology.com or store.axeltechology.com (both of which are also referred to herein as  the “Site”), the act of sending an email via the “Contact us” section or the “Support” section, or to an address included in the website, or any request for goods or services made through the website, will result in any personal data concerning identified or identifiable individuals undergoing processing (the “Processing”) .

First and foremost, for any clarifications regarding  terminology, please see the glossary provided by the Italian data protection authority:  http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1663787.

The Data Controller (which decides on the means and the purposes of your data processing) is Axel Technology s.r.l.

Premises: via Caduti di Sabbiuno, 6f – 40011 Anzola dell’Emilia BO, ITALY

Contacts and contact details:
privacy@axeltechnology.com
051736555
051736170

The intended recipients of the  data are set out below:

  1. External Data Processor: MyCrypto s.r.l.s. based in Italy;
  2. External Data Processor: Aruba s.p.a., based in Germany;
  3. Independent Data Controller: Paypal S.a.r.l. et Cie, SCA, based in Luxembourg, whose data processing notice can be found at the following link: https://www.paypal.com/it/webapps/mpp/ua/privacy-prev;
  4. Public bodies and Italian public authorities, to meet legal requirements;
  5. Any Italian haulage firms, professional practitioners or consultants (whether Independent Data Controllers or Data Processors) in order to send/collect orders to/from home addresses, for website maintenance activities and for IT security, legal, or compliance matters or, in any case, for matters relating to the performance of the Data Controller’s business.

An updated and detailed list of these intended recipients, including the role thereof, is available from the Data Controller on request.

2.1 Navigation data – purpose:  website operation – legal basis: compliance with a request from a Data Subject – data retention term: cancellation of data upon ending website navigation

The computer systems and software procedures used for standard Site operation acquire certain items of personal data, whose transmission is required as part of internet communication protocols.  This information is not collected in order to be associated with identified individuals; however, the nature of this information is such that it could allow users to be identified.

This category of data includes the IP addresses or the domain names of the computers used by users connecting to the Site, the Uniform Resource Identifier (URI) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code showing the status of the response given by the server (successful, error), and other parameters relating to the operating system and the user’s computer environment.  This data is used for the sole purpose of obtaining anonymous statistical information about Site usage and to check that the Site is working  properly. This data  is deleted immediately after processing.  The site does not use cookies to transmit information of a personal nature, nor does it use what are known as “persistent cookies”, i.e. systems for monitoring users.

Use of what are known as “session cookies” (which are not stored permanently on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of the session identifiers (i.e. random numbers generated by the server) required to allow safe and efficient Site exploration.  Session cookies used on this site do not involve use of other technologies which could jeopardise users’ browsing privacy and they do not involve the acquisition of personal identification data. For more detail on this aspect, please refer to our COOKIE POLICY.

2.2 Data provided voluntarily by the user –purpose:  response to requests submitted by a Data Subject – legal basis: compliance with a request from a Data Subject – data retention term:  until completion of the response to requests submitted

The optional, express, and voluntary sending of emails to addresses found on the Site or other communications sent using the “Contact” section or the “Support” section involves the subsequent acquisition of the sender’s address (since required in order to respond to requests), as well as any other personal data included in such communications. We do not collect sensitive or judicial data or criminal data or data which is irrelevant or unnecessary  in relation to the request submitted; should data of this kind be found in the communications, such data will be deleted immediately.  In the event of data concerning third parties, you hereby guarantee that you have provided such data lawfully and have met all applicable requirements (e.g.  providing this notice to the third party beforehand, if required) .

2.3 Data provided voluntarily by the user –purpose:  provision of e-commerce services requested by a Data Subject – legal basis:  compliance with a contractual request from a Data Subject – data retention term: until completion of the requested order/ service

The optional, express, and voluntary placement of orders via emails sent to addresses found on the Site or through the form  available on the website store.axeltechnology.com involves the subsequent acquisition of the user’s identification and contact details, as well as shipping information. Payment details are not acquired as this data is handled by a third party, i.e. Paypal.  We do not collect sensitive or judicial data or criminal data or data which is irrelevant or unnecessary  in relation to the request submitted; should data of this kind be found in the communications, such data will be deleted immediately.  In the event of data concerning third parties, you hereby guarantee that you have provided such data lawfully and have met all applicable requirements (e.g.  providing this notice to the third party beforehand, if required) .

2.4 For all the data set  out above – purpose:  protection of rights in court – legal basis: legitimate interest – data retention term: for the term specified by the statute of limitations  concerning rights that may be enforced in court.

Data required and processed previously will be retained for a period of 10 years for  civil law matters (Article   2946 of the Italian Civil Code). or for any other term envisaged (including therein by criminal law or otherwise) in order to submit evidence required to establish, exercise, or  defend the Data Controller’s rights in court.

2.5 For all the data set  out above – purpose:  compliance with a legal requirement or upon request by a public authority, e.g. in the event of judicial investigations and assessments – legal basis:  legal requirement – data retention term: throughout the term established by applicable regulations.

Data required (in accordance with the law) by police forces, judicial authorities, information and security bodies or other public entities for State defence or security purposes or to prevent an offence, establish whether an offence has been committed, or to prosecute the perpetrator of an offence.

Apart from that stated earlier in relation to navigation data (which is required in order to use the Site correctly and without which the Site is technically inaccessible), Data Subjects may provide personal data in order to receive a reply from Axel Technology S.r.l.. If such data is not provided, Axel Technology S.r.l will be unable to comply with any request involving the processing of personal data.  The same applies in the event of e-commerce orders, in which case, the aforesaid data is required in order to process the orders placed.  Failure to provide data requested on the basis of a legal requirement will result in the consequences and/or penalties envisaged by applicable laws.

Personal data is processed using manual, computerised and automated systems for the time strictly necessary  in order to achieve the purposes for which it was collected.   The Data Controller has specific security measures in place to ensure the Processing is carried out in compliance with the law, in particular to prevent the loss of such data and the unlawful or improper use thereof, as well as unauthorised access to databases.  In any case, personal data processing will be carried out  exclusively by authorised internal parties, who have been duly informed of the  restrictions  envisaged  by data protection legislation and internal procedures.

In addition to this information, in order to guarantee accurate, transparent processing of your data, you are advised that:

  • you are entitled to access to your personal data, by request to the Data Controller, and to  seek confirmation (or otherwise) of  the existence of the said data; likewise you are entitled to request the rectification or erasure of the data and the limitation of the processing (through a temporary hold) concerning your data.
  • you are entitled to oppose the processing of your data, at any time, for reasons relating to their own particular situation, in the event of: i) processing required in order to carry out activity in the public’s interest or connected to the exercise of public authority, or  ii) in the event of pursuit of a legitimate interest by the Data Controller;
  • if you have consented to one or more specific purposes, you are entitled to withdraw such consent at any time;
  • you are entitled to file a complaint with the following supervisory authority: “Garante per la protezione dei dati personali” i.e. the Italian Data Protection Authority, (http://www.garanteprivacy.it); alternatively, you are nevertheless entitled to file a complaint with the competent authority of the member state where you usually reside or work, or to the authority with jurisdiction where the alleged infringement occurred.
  • you are entitled to the portability of your personal data (for data whose legal basis is contractual or consensual performance) upon request to the Data controller, which shall be complied with via a file in .csv, .xml or similar format.

The processing is performed via automated processes which do involve the profiling of the Data Subjects.

To exercise the aforesaid rights, users may send an email to privacy@axeltechnology.com, using the header: “Privacy – exercise of rights pursuant to  Section 12 of Regulation n. 679/2018“.

The personal data collected on the Site is not subject to dissemination or communication and will not be sold or assigned to third parties. Nevertheless, data will be disclosed in the case of requests therefor (in accordance with the law) by police forces, judicial authorities, information and security bodies or other public entities for State defence or security purposes or to prevent an offence, establish whether an offence has been committed, or to prosecute the perpetrator of an offence.