PRIVACY POLICY
Contact Privacy Notice
(Art. 13 Reg. UE 2016/679)
Ageing Tech S.r.l., in its capacity as Data Controller, pursuant to Article 13 of Regulation (EU) No. 2016/679, the General Data Protection Regulation ("GDPR"), as well as the applicable national legislation, provides this Privacy Notice to users, hereinafter referred to as the "Data Subject", in order to describe the categories of personal data processed, the purposes and methods of processing relating to Data Subjects who browse the institutional website or submit their personal data through the contact form available on the website. Personal data are processed in accordance with the principles of lawfulness, fairness and transparency, data minimisation, accuracy, storage limitation, integrity and confidentiality, while ensuring that the Data Subject may exercise the rights provided for by applicable law.
1. Data controller
The Data Controller is Ageing Tech S.r.l., via Alberto Cadlolo 134, 00136 Roma, P.IVA 14929961002
2. DPO
The Data Protection Officer of Ageing Tech S.r.l. (DPO) may be contacted for the exercise of the rights set out in Articles 15 to 22 of the GDPR and/or for any clarification regarding the processing of personal data carried out by the Company. The DPO can be contacted at the following email address: dpo.viviana.majkic@ageingtech.it
3. Categories of Personal Data Processed
Through the contact form, the Company collects the following ordinary personal data:Dati identificativi (Nome e cognome);
email address;
information voluntarily included by the Data Subject in the message.
4. Purposes of Processing
Personal data are processed exclusively for purposes related to the management of the website and interaction with users. In particular, browsing data are used to ensure IT security, the proper technical functioning of the systems and the investigation of any liability in the event of offences committed against the website. Personal data voluntarily provided through the contact form, including name, surname, email address and the content of the message, are processed in order to respond to requests for assistance, general information or to prepare personalised quotations relating to software licences, SaaS services and hosting solutions requested by the Data Subject.
5. Legal Bases for Processing
The processing of personal data is based on the following legal bases, depending on the Data Subject's interaction with the website:
Legitimate Interest (Article 6(1)(f) GDPR): This legal basis applies to: browsing data necessary for the security and operation of the website; the management of generic information requests submitted through the contact form, such as opening hours, contact details or non-commercial information, since the Company has an interest in responding to visitors and ensuring an effective assistance service.
Performance of Pre-contractual Measures (Article 6(1)(b) GDPR): This legal basis applies to requests submitted through the contact form concerning quotations, technical details on software, SaaS services or hosting solutions, where processing is necessary in order to take steps at the request of the user prior to entering into a contract.
Compliance with Legal Obligations (Article 6(1)(c) GDPR): This legal basis applies where the content of the communication requires specific retention for administrative or legal purposes.
6. Methods of Processing
Personal data are processed using IT and telematic tools, according to logic strictly related to the purposes indicated above and, in any case, in a manner designed to ensure the security and confidentiality of the data. The Company adopts appropriate technical and organisational security measures, including, by way of example, the use of secure communication protocols and the limitation of access to authorised personnel only, in order to prevent data loss, unlawful or improper use and unauthorised access.
7. Nature of Data Provision
The provision of personal data through the contact form is optional. However, failure to provide the data marked as mandatory will make it impossible for the Company to respond to the Data Subject's requests or to prepare quotations for the requested software and hosting services. This is without prejudice to the processing of browsing data necessary for the proper technical functioning of the website.
8. Data Retention Period
- The personal data collected, including name, surname, email address and the content of the communication, will be retained for different periods depending on the nature of the interaction:
- Browsing data: browsing data are retained for the time strictly necessary to ensure the security of the website and, as a rule, are deleted within 30 days, without prejudice to any retention periods required by law or to the need to investigate offences by the Judicial Authority.
- Information Requests and Generic Contacts: personal data, including name, surname, email address and the content of the communication, will be retained for the time necessary to provide the requested response and will be deleted within 12 months from the closure of the conversation, unless further exchanges of communication become necessary.
- Pre-contractual Negotiations: in the event of quotation requests or technical analyses, personal data will be retained for the duration of the validity of the offer or for a maximum of 24 months from the last contact, in order to allow negotiations to resume at the user's request.
- Legal Obligations and Legal Defence: Where correspondence becomes relevant for contractual, tax or potential dispute management purposes, personal data will be retained in accordance with the ordinary limitation periods provided for by the Italian Civil Code.
9. Recipients and Disclosure of Personal Data
The user's personal data will not be disseminated, sold or exchanged with third parties. Personal data may be disclosed exclusively to specific recipients where necessary for the operation of the website and the provision of the requested services:
- Authorised Personnel of the Company: Employees and collaborators of Ageing Tech S.r.l., duly instructed and bound by confidentiality obligations, may process personal data in order to manage commercial requests and technical support activities.
- For the provision of web services, the Company relies on Register S.p.A., VAT No 04628270482, who acts as Data Processor pursuant to Article 28 GDPR. This provider supplies the technological infrastructure and servers on which the website is hosted. Its technical personnel may have access to the systems exclusively for maintenance, technical support or system security purposes, in accordance with the Data Processing Agreement entered into with the Data Controller.
- Public Authorities: personal data may be disclosed to police forces or judicial authorities only where required by law or following a formal request..
10. Data Location and Transfers Outside the EU
The Data Controller declares that all personal data processing takes place within the European Economic Area (EEA). Thanks to the choice of a European technology partner, the servers and infrastructure are located within the territory of the European Union, ensuring full compliance with GDPR security standards and excluding any transfer of personal data to third countries that do not provide an adequate level of protection.
11. Exercise of the Data Subject's Rights
In accordance with Chapter III of the GDPR, Articles 15 to 22, the Data Subject may exercise the following rights at any time against the Data Controller:
- the right to access and obtain a copy of the personal data held;
- the right to request rectification of inaccurate personal data;
- the right to request erasure of personal data, also known as the "right to be forgotten";
- the right to obtain restriction of processing;
- the right to receive personal data in a structured, commonly used and machine-readable format, where applicable;
- the right to object to processing on grounds relating to the Data Subject's particular situation;
- the right to withdraw any consent given, without affecting the lawfulness of processing based on consent before its withdrawal;
- the right not to be subject to automated decision-making, including profiling, where applicable;
- the right to lodge a complaint with the Supervisory Authority, namely the Italian Data Protection Authority, the Garante per la Protezione dei Dati Personali, following the procedures and instructions published on the Authority's official website.
To exercise the rights listed above, the Data Subject may contact the Data Protection Officer at any time by sending an email to: dpo.viviana.majkic@ageingtech.it.
12. Cookies and Tracking Tools
The website uses only technical cookies that are strictly necessary for the operation and security of the platform. No advanced tracking options, profiling cookies or marketing cookies are active. Due to the technical nature of these tools, the user's prior consent is not required, while this Privacy Notice remains applicable.
The data collected will never be used for purposes other than those listed above without the Data Subject's explicit consent.
THE DATA CONTROLLER
Ageing Tech S.r.l
