Privacy policy

(information pursuant to Article 13 of Law 196/2003 (Italian Privacy Code) and Articles 12.13 and 14 of the European Privacy Regulation (Individuals) n.679 / 2016 GDPR)

The imac.it website (later refered to as Site or Website) collects some personal data from the users. The User is invited to read this document carefully, before giving any personal information to our Organization.

We pay great attention to privacy and we are committed to being clear about our procedures.

This page describes the privacy policies adopted in relation to the processing of personal data. The processing of personal data of the interested party (defined in accordance with the rules referred to and, hereinafter referred to, also User and / or Customer) will be based on principles of correctness, lawfulness, transparency, purpose limitation and conservation, minimization and accuracy, integrity and confidentiality, as well as the principle of accountability pursuant to art. 5 of the Rules. Your personal data will therefore be processed in accordance with the laws in force, including the Regulations, and the confidentiality obligations set out therein.

By processing personal data we mean any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data.

We inform you that the personal data subject to processing may consist of any information suitable to make the data subject identified or identifiable, depending on the type of services requested and the decisions you have made in this regard.

Data holder

The Data Controller and Data Processor (R.P.D.) is:

Mr. Gianluca Gattazzo, legal representative of:

Imac S.r.l. Unipersonale based in Via Ghisa 24 – 36071 Tezze di Arzignano (VI) – Italy

VAT number: IT-01780990246

Email: info@imac.it

Telephone: +39 0444 482301    Fax: +39 0444 482500

The data processors are the Data Controller, its Employees and / or Subjects authorized by the same.

Contact details of the R.P.D.

For any information, or to exercise the rights (more summarized below) as per art. from 7 to 10 of Legislative Decree 196/2003 and referred to in Articles. from 15 to 22 of EU Regulation N. 2016/679, you can contact the owner / manager at the office, at the following addresses:

  • Postal service: writing to the address indicated above;
  • email, writing to: privacy@imac.it

All personal data are collected directly from the interested party.

Information concerning the Website

In addition to the information reported in the previous paragraph, the following additional information is reported:

This website collects, independently or through third parties, some Personal Data of its Users, represented by usage data and Cookies.

For more information about cookies, please read the specific document. On all pages, within the footer below, you can find a link to read the cookie policy.

Rights of the interested party

In relation to the treatments described in this Notice, as an interested party you may, under the conditions established by applicable legislation, exercise the rights provided therein and / or enshrined in articles 15 to 21 of the GDPR and, in particular, the following rights:

Right of access – Article 15 GDPR: the right to obtain confirmation that personal data concerning you is being processed and, in this case, obtain access to your personal data, including a copy thereof.

Right of rectification – Article 16 GDPR: right to obtain, without undue delay, the correction of inaccurate personal data concerning you and / or the integration of incomplete personal data;

Right to cancellation (right to be forgotten) – Article 17 GDPR: right to obtain, without undue delay, the cancellation of personal data concerning you.

Right of limitation of treatment – Article 18 GDPR: right to obtain limitation of treatment, when:

  • the interested party disputes the accuracy of personal data, for the period necessary for the holder to verify the accuracy of such data;
  • the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited;
  • personal data are necessary for the interested party to ascertain, exercise or defend a right in court;
  • the interested party opposed the treatment pursuant to art. 21 GDPR, in the period of waiting for the verification on the possible prevalence of legitimate reasons of the holder of the treatment with respect to those of the interested party.

Right to data portability – Article 20 GDPR: right to receive, in a structured format, commonly used and readable by an automatic device, the personal data concerning you provided to the Owner and the right to transmit them to another holder without impediments, if the processing is based on consent and is carried out by automated means. In addition, the right to obtain that your personal data are transmitted directly from the Bank to another holder if this is technically feasible;

Right to Objection – Article 21 GDPR: right to object, at any time for reasons related to its particular situation, to the processing of personal data concerning you based on the lawfulness of legitimate interest or the execution of a task of public interest or the exercise of public powers, including profiling, unless there are legitimate reasons for the owner to continue the treatment that prevail on the interests, rights and freedoms of the interested party or for the establishment, exercise or defense of a right in court. Furthermore, the right to oppose the processing at any time if personal data are processed for direct marketing purposes, including profiling, to the extent that it is related to such direct marketing.

Right of revocation – The interested party has the right to revoke your consent at any time. The withdrawal of consent does not affect the lawfulness of the treatment based on consent prior to revocation.

Complaint to the supervisory authority – In any case you (the person concerned) always have the right to lodge a complaint with the competent supervisory authority (Guarantor for the protection of personal data), pursuant to art. 77 of the Regulations, if you believe that the processing of your data is contrary to the law in force. Authority for the protection of personal data, Piazza di Montecitorio n. 121, 00186, Rome (RM).

The above rights may be exercised against the Owner, by contacting the references described above.

The exercise of your rights as an interested party is free under Article 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Owner may charge a reasonable fee for the costs, in light of the administrative costs incurred to manage your request, or deny the satisfaction of your request.

Purpose of treatment

In this section we list the purposes of the treatments. For more specific information on individual services / tools active on the website, we invite you to view the section below called ‘Detail on the processing of personal data’

Finality of evasion of User’s requests

The personal data of Users are collected and processed by the Owner for the sole purpose of processing their request.

The User’s data collected by the Owner, via the website, for this purpose include: the name, surname, email, and any personal information of the User that may be voluntarily sent also through the use of the specific ‘Direct Contact Form’ available on the Site and / or in any way voluntarily transmitted, also by email, by the User.

In order to comply with precise legal and / or pre-contractual and / or contractual obligations, no other processing will be carried out by the Owner in relation to the personal data of the Users and under no circumstances will the Data Controller make it accessible to the other Users and / or to third parties the personal data of the Users.

Administrative and accounting procedures

To perform activities of an organizational, administrative, financial and accounting nature, such as internal organizational activities and functional activities for the fulfillment of contractual and pre-contractual and / or legal obligations;

Tax and accounting obligations and / or labor legislation

This treatment is necessary to fulfill a legal obligation to which the data controller is subject, that is, to the execution of a contract to which the data subject is party or to the execution of measures pre-contractual measures adopted at the request of the same.

Consultancy activities

The processing is necessary for the execution of a contract of which the interested party is a party or for the execution of pre-contractual measures adopted at the request of the same, or the processing is necessary for the execution of a contract of which the person concerned is a party or to take pre-contractual measures to him if requested by the same.

Obligations of law

Obviously to fulfill the obligations established by law, by an authority, by a regulation or by European legislation.

Obligations deriving from contracts

with the interested party and / or for the completion of the relative pre-contractual activity;

Browsing the Website

This treatment may be necessary for the request and / or provision of services.

Statistics

This treatment is necessary for statistical purposes, to monitor the progress of advertising campaigns, to improve the quality and performance of the website.

Finality of marketing

The treatment, with prior consent, is intended to allow the owner to start marketing campaigns, online and / or offline, in order to advertise their products and / or services.

Security and anti-fraud

Some personal data can be processed for security purposes, especially IT, to prevent data breaches and for reduce the risk of fraud.

The provision of personal data for the purposes of processing indicated above is optional but necessary, as failure to provide them could make it impossible for Imac to respond to requests received and / or, in any case, to carry out the services requested.

Warning on the data of third parties

The transmission of personal data of third parties, which you have communicated to us, may occur in the use of our Services.

In such cases, you stand as the independent data controller, assuming all obligations and the responsibilities of the law, at the same time you confer on the subject every wider indemnity with respect to each connected, relative to challenge, claim, request for compensation for damage from treatment, etc. that should reach the Data Controller from third parties due to the treatment you may have carried out in the sense described above.

In any case, if you provide or otherwise treat personal data of third parties in the use of the Site, ensure from now that this particular hypothesis of treatment is based on the prior acquisition – on your part – of the consent of the third party to the processing of the information concerning him, in this assuming all responsibility.

Processing methods

The Data Controller will process the personal data of the Users using manual and IT tools, with logics strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of the data.

Storage duration

Your personal data are stored with us for the time strictly necessary for the pursuit of the above mentioned purposes (i limitation principle of the conservation ‘, art.5, GDPR) or the different conservation period linked to legal obligations or the protection of rights exercisable at each location, including judicial protection. The verification of the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically.

Location of the data

The data will be stored at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located.

In the case of third-party IT services, data retention is the responsibility of third parties.

Data recipients

In the limits relevant to the processing purposes indicated, your data may be communicated to partners, consultancy companies, consultants, private companies, public bodies, appointed by the Data Controller or recipients for legal obligations or to fulfill your specific requests.

Your data will not be disclosed in any way except as indicated above. The Data Processors and Data Processors are promptly identified in the Document on Privacy, updated periodically.

Transfer of data abroad

Data collected are not subject to transfer abroad. In some cases, some user data could be sent electronically to foreign companies. More information in the section ‘Detail on the processing of personal data’ at the bottom of the page.

Consequences of non-disclosure of personal data by the interested party

As indicated above, the conferment of personal data by the interested party is optional but necessary for legal or contractual obligation. or a necessary requirement for the conclusion of a contract. Failure to provide such data will make it impossible for us to process the services requested.

Automated decision-making process, including profiling

Present or not, with the exception of any processes related to the navigation of the website, for which please refer to Cookie Policy published in the appropriate section of the site and in the section ‘Detail on the processing of personal data’ at the bottom of the page.

Details on the processing of personal data

In the following section, we will list all the services on the site that collect personal data indicating the legal basis for processing.

Note: for the needs of ordinary business operations, some services may not be active although they are listed in the list.

Server Logs

When you visit the website, some personal data is collected on the server, including:

  • IP address
  • visited page
  • time and date of the visit
  • version and type of browser used
  • user agent
  • referrer URL

This data is recorded automatically, electronically, within specific log of the server where the site is hosted.

The data are used only and exclusively for:

  • Security / Anti fraud: logs are essential to ensure high security standards and to prevent fraud within the site, or through it
  • Data breach: in the case of data breach it is essential to use the logs to rebuild the events and to secure the systems
  • Obligations of law and defense in court

Legal status of the treatment: legitimate interest pursuant to article 6 point 1.f to ensure security and avoid fraud.

Contacting the user

Contact form

The User, filling in with their Data contact form, you consent to their use to respond to requests for information, quote, or any other nature indicated by the header of the form.

Personal Data collected: name, surname, email.

Mailing List or Newsletter

With the registration to the mailing list or to the newsletter, the User’s email address is automatically added to a list of contacts to which email messages can be transmitted containing information, including commercial and promotional, related to this Application. The email address of the User may also be added to this list as a result of registration to this Application or after making a purchase.

Personal Data collected: name, surname, e-mail.

Social Features

Invite and suggest friends

This Application can use the Personal Data provided to allow users to invite their friends – for example through the phonebook, if access has been authorized – and to suggest friends or connections inside.

Personal Data collected: Various types of Data.

Public profile

Users can have a profile public viewable by other Users. In addition to the Personal Data provided, this profile may contain the User’s interactions with this Application.

Personal Data collected: name, surname, email, phone, photo username and password.

Address management and sending email messages

This type of service allows you to manage a database of email contacts, telephone contacts or contacts of any other type, used to communicate with the User.
These services may also allow the collection of data relating to the date and time the messages are displayed by the User, as well as to the user’s interaction with them, such as information about clicks on links in messages.

MailChimp (The Rocket Science Group, LLC).

MailChimp is an address management and emailing service provided by The Rocket Science Group, LLC.

Personal data collected: name, surname, email.

Data processing: United States

Privacy policyclick here

Statistics

The services contained in this section allows the Data Controller to monitor and analyze traffic data and is used to keep track of User behavior.

Google Analytics (Google Inc.)

Google Analytics is a web analytics service provided by Google Inc. («Google «). Google uses Personal Data collected for the purpose of evaluating the use of this Application, compiling reports and sharing them with other services developed by Google.
Google may use Personal Data to contextualise and personalize the advertisements of its advertising network.

Personal Data collected: Cookies and Usage Data.

Treatment Location: United States of America

Privacy policyclick here

Monitoring conversions of Facebook Ads (Facebook, Inc.)

Tracking conversions of Facebook Ads is a statistics service provided by Facebook, Inc. the data coming from the Facebook ad network with the actions carried out within this application.

Personal Data collected: Cookies and Usage Data.

Treatment Location: United States

Privacy Policyclick here

Google AdWords Conversion Monitor (Google Inc.)

Conversion Tracking for Google AdWords is a statistics service provided by Google Inc. linking data from the network of Google AdWords ads with the actions performed within this application.

Personal data collected: Cookies and usage data.

Treatment location: United States

Privacy policy: click here

Protection by SPAM

This type of services analyzes the traffic of this Application, potentially containing Users’ Personal Data, in order to filter it from parts of traffic, messages and contents recognized as SPAM.

Google reCAPTCHA (Google Inc.)

Google reCAPTCHA is an SPAM protection service provided by Google Inc.

Personal Data collected: Cookies and Usage Data.

Treatment Location: United States of America

Privacy policyclick here

Remarketing and behavioral targeting

This type of service allows us and our partners to communicate, optimize and serve advertisements based on past usage of this Application by the User.
This activity is carried out by tracking of Usage Data and the use of Cookies, information ions that are transferred to the partners to whom the activity of remarketing and behavioral targeting is connected.
In addition to the possibilities of making the opt-out offered by the following services, the User can opt for the exclusion from the reception of the cookies related to a third party service, visiting the opt-out page of the Network Advertising Initiative.

Remarketing with Google Analytics for display advertising (Google Inc.)

Google Analytics for display advertising is a remarketing and behavioral targeting service provided by Google Inc. linking the tracking activity carried out by Google Analytics and its Cookies with the Adwords advertising network and the Doubleclick Cookie.

Personal Data collected: Cookies and Usage Data.

Treatment Location: United States of America

Privacy policyclick here

Facebook Remarketing (Facebook, Inc.)

Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Application with the Facebook advertising network.

Personal Data collected: Cookies and Usage Data.

Treatment Location: United States of America

Privacy Policyclick here

Facebook Custom Audience (Facebook, Inc.)

Facebook Custom Audience is a service remarketing and behavioral targeting provided by Facebook, Inc. that links the activity of this Application with the Facebook advertising network.

Personal Data collected: Cookies and email.

Treatment location: United States of America

Privacy policyclick here

Interaction with social networks and external platforms

This type of services allow interaction with social networks, or other external platforms, directly from the pages of this Application.
The interactions and information acquired by this Application are in any case subject to the User’s privacy settings related to every social network.
In the case where a service of interaction with social networks is installed work, it is possible that, even if the users do not use the service, the same collect traffic data related to the pages in which it is installed.

Like button and social widgets of Facebook (Facebook, Inc.)

The «Like» button and Facebook social widgets are services of interaction with the social network Facebook, provided by Facebook, Inc.

Personal Data collected: Cookies and Usage Data.

Treatment location: United States

Privacy Policyclick here

AddThis (Oracle Corporation)

AddThis is a service provided by Oracle Corporation that displays a widget that allows interaction with social networks and external platforms and the sharing of the contents of this Application. Depending on the configuration, this service may show widgets belonging to third parties, for example social networks on which to share interactions. In this case, also the third parties that provide the widget will be aware of the interaction and the Usage Data related to the pages in which this service is installed.

Personal Data collected: Cookies and Usage Data.

Treatment Location: United States of America

Privacy policyclick here

Viewing content from external platforms

This type of service allows you to view content hosted on external platforms directly from the pages of this Application and to interact with them.
In the case where a service of this type is installed, it is possible that, even if users do not use the service, the same collect traffic data for the pages in which it is installed.

YouTube (Google Inc.)

YouTube is a video content display service managed by Google Inc., which allows this application to integrate such contents within their pages.

Personal Data collected: Cookies and Usage Data.

Treatment location: United States of America

Privacy policyclick here

Widget Google Maps (Google Inc.)

Google Maps is a map visualization service managed by Google Inc. that allows this application to integrate such contents within its pages.

Personal Data collected: Cookie and Usage data.

Treatment location: United States of America

Privacy policy: click here

Google Fonts (Google Inc.)

Google Fonts is a service of visualization of styles of character managed by Google Inc. that allows this Application of to integrate such contents within their pages.

Personal Data collected: Usage data and various types of Data as specified in the privacy policy of the service.

Treatment location: United States of America

Privacy policy: click here

Interaction with data collection platforms and other third parties

This type of service allows Users to interact with data collection platforms or other services directly from the pages of this Application in order to save and reuse the data.In the case where one of these services is installed, it is possible that, even in the case of Users do not use the service, the same collect usage data related to the pages in which it is installed.

MailChimp (The Rocket Science Group, LLC.)

The MailChimp widget allows you to interact with the service of managing email addresses and sending messages MailChimp provided by The Rocket Science Group LLC

Personal data collected: name, surname, email address, gender, date of birth, address, cap, city, province, country, Cookie, and Usage data.

Personal data collected: name, surname, email.

Treatment location: United States of America

Privacy policyclick here

More about Personal Data

Push notifications

This application can send push notifications to the User.

Online sales of goods and services

The Personal Data collected is used for the provision of services to the User or for the sale of products, including payment and delivery. The Personal Data collected to complete the payment may be those relating to the credit card, the bank account used for the transfer or other payment instruments provided. The payment data collected by this application depends on the payment system used.

Last update: 24 September 2018