Privacy Policy

Dear User, this information notice is provided pursuant to Article 13 of European Regulation 2016/679 regarding the protection of personal data, taking into account Recommendation No. 2/2001 adopted on May 17, 2001, to users accessing the www.antifurtoarnia.it website and relates to all personal data that the Data Controller collects and holds about its users. This information notice is provided for this website and not for any other websites and/or applications that may be accessed by the user through links to third-party external pages.

DATA CONTROLLER:
The data controller is ACME21 S.R.L. with registered office at Via Galilei 2 Faenza 48018 (Ra) VAT: 02574730392, email: info@antifurtoarnia.it. For more information, you can contact the Data Controller at any time using the provided contact details.

DATA COLLECTED:
Personal data may be provided directly by the data subject or, in the case of usage data, collected automatically during access and navigation on the website. The user assumes all responsibility regarding the accuracy and truthfulness of the data provided and guarantees, if applicable, that they have the right to communicate third-party personal data, thereby releasing the Data Controller from any liability.

DETAILS ABOUT THE PROCESSING OF PERSONAL DATA
1. Management of information, assistance, or contact requests The voluntary, explicit, and optional sending of messages to the Data Controller's contact addresses implies the acquisition of the sender's contact data necessary to respond, as well as any personal data included in the communication. The processing purpose for these data categories is managing requests for information, assistance, or any other requests addressed to the Data Controller via the contacts available on the website or through the contact form. The legal basis for the processing is the performance of a contract to which the data subject is party or to carry out pre-contractual measures adopted at their request. Providing personal data for the above purpose is optional, but in its absence, it will not be possible to process the request for information or support.
2. Purchase of goods and products The user, if intending to purchase products made available through the website, completes the form by entering the requested data, some of which are mandatory and as such marked by an asterisk. The processing purpose is the management, including administrative, of received orders and activities required to ensure the correct performance of the contract. The legal basis for the processing is the performance of a contract to which the data subject is a party or to carry out pre-contractual measures adopted at their request. Providing personal data for the above purpose is mandatory to the extent that these data are necessary for fulfilling the contractual obligations undertaken by the Data Controller.
3. Promotional, commercial communications, and direct marketing The user may consent to receive promotional, commercial, and informational communications at the indicated contacts, for products or services similar to those made available through the website. The purpose of processing these data categories is to send promotional and commercial communications through automated means such as email, SMS, instant messaging like messenger and WhatsApp, and by traditional means such as postal mail and operator calls. The legal basis for the processing is the user's consent, allowing them to subscribe to specific and further services such as the sending of future informational and promotional communications. For this reason, you have the right to withdraw this consent at any time, without affecting the lawfulness of processing based on consent before withdrawal and without any adverse consequence for the data subject.
4. Statistical information and monitoring of service operation While navigating the website, the Data Controller automatically collects certain data, the so-called navigation data. The computer systems and software procedures responsible for the operation of this website acquire, during their normal operation, some personal data whose transmission is implicit in Internet communication protocols. This information is not collected to be associated with identified data subjects but, by its very nature, could, through processing and association with data held by third parties or the data controller, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, URI addresses of the requested resources, the time of the request, the method used to submit the request to the server, the numeric code indicating the response status from the server (success, error, etc.), and other parameters related to the user's operating system and computer environment. The purposes of processing these data categories are gathering statistical information, also aggregated, about the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.) and monitoring the correct functioning of the website and available services. Certain data collected automatically during navigation are necessary for the use of web services, and providing them is mandatory to access the site and its services.
5. Disclosure of data to third parties operating in the beekeeping sector Only if the data subject gives consent, their personal data may be disclosed to third-party companies operating in the beekeeping sector, which may process the data to send the data subject commercial and/or promotional communications regarding their products and services. The legal basis for the processing is the user's consent, to allow subscription to specific and additional services such as sending future informational and promotional communications. For this reason, users have the right to withdraw this consent at any time, without affecting the lawfulness of processing based on consent before withdrawal and without any adverse consequences for the data subject.

RECIPIENTS
The provided personal data may be communicated to appropriately appointed recipients who will process the data as data processors or authorized parties. In particular, the data subject’s personal data may be communicated to recipients belonging to the following categories: authorized authorities for legal compliance; companies for computer equipment repair and maintenance; companies managing the website, and, in general, to allow suppliers to perform technical, logistical, or other activities on behalf of the Data Controller. Our suppliers have access only to personal data necessary to perform their tasks, commit themselves to not use the data for other purposes, and are required to process personal data in accordance with applicable regulations. In any case, disclosure of processed personal data is excluded. The complete list of data processors, joint controllers, and persons authorized to process personal data can be requested by sending a request to info@antifurtoarnia.it.

PROCESSING METHODS AND STORAGE PERIOD
Processing is carried out using electronic and telematic tools, with organizational methods related to the purposes described. In particular, the collected personal data are stored for a period established by considering the purposes for which they are collected. Personal data collected for purposes related to the execution of a contract or pre-contractual measures are stored until the contract has been fully performed, except for legal obligations requiring longer storage periods. Personal data collected and processed on the basis of the user's explicit consent are stored until such consent is withdrawn. Specific security measures are observed to prevent data loss, unlawful or improper use, and unauthorized access.

DATA SUBJECT RIGHTS
Pursuant to Articles 15–22 of Regulation EU 2016/679, data subjects are granted a series of rights. Right of access: data subjects, under Article 15, have the right to obtain confirmation of the existence of processing of personal data concerning them and, if so, to obtain a copy thereof. They also have the right to access personal data concerning them and receive further information, such as the purpose of processing, categories of recipients, data storage period, and available rights. Right to rectification: the data subject, pursuant to Article 16, has the right to obtain the rectification of inaccurate personal data or the completion of incomplete data. Right to erasure: the data subject has the right to obtain the erasure of personal data concerning them, without undue delay, if any of the reasons set out in Article 17 apply. Right to restriction of processing: the data subject has the right, in cases provided for by Article 18 of Regulation 2016/679, to obtain restriction of processing. Right to data portability: the data subject has the right to receive in a structured, commonly used, and machine-readable format the personal data concerning them and has the right to transmit those data to another controller without hindrance, as provided for by Article 20 of Regulation 2016/679; Right to object to processing: the data subject has the right to object to the processing of personal data concerning them as provided for by Article 21 of Regulation 2016/679. The data subject also has the right to lodge a complaint with the competent supervisory authority, the Privacy Guarantor. Requests concerning the above rights must be sent in writing to the Data Controller. The Data Controller will, within the time limits established by current law, promptly respond to requests to exercise data subject rights. Any clarification or request for further information can be addressed in writing to the Data Controller, including using the dedicated form available at the following link: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1089924

UPDATES AND CHANGES
The Data Controller reserves the right to modify, supplement, or periodically update this Privacy Policy, in accordance with applicable legislation or measures taken by the Data Protection Authority. These changes or additions will be communicated to data subjects via email and through a link to the Privacy Policy page on the website. Nevertheless, each data subject is invited to regularly review the Privacy Policy to check for the latest version of the information notice.