PRIVACY NOTICE AND COOKIE POLICY TEMPLATE FOR WEBSITE DATA
Updated to comply with EU Regulation 2016/679
(European Regulation on the protection of personal data)

  1. Introduction

Altamateria takes user privacy seriously and is committed to respecting it. This privacy policy (“Privacy Policy”) describes the processing of personal data carried out by Altamateria through the website alta-materia.com (Site) and the related commitments undertaken by the Company. Altamateria may process users’ personal data when they visit the Site and use the services and functionalities available on the Site. Specific notices are typically published on the sections of the Site where users’ personal data is collected, in accordance with Articles 13/15 of EU Regulation 2016/679.
Where required by EU Regulation 2016/679, users’ consent will be requested before processing their personal data. If users provide personal data of third parties, they must ensure that the communication of such data to Altamateria and its subsequent processing for the purposes specified in the applicable privacy notice comply with EU Regulation 2016/679 and applicable legislation.

  1. Identity Details of the Data Controller, Processor, and Privacy Officer

The Data Controller is SEGHERIA 3B SNC DI P. E F. BASSO, located at Via Julia 2, 33050 Trivignano Udinese (UD), Italy.

  1. Types of Data Processed

Visiting and browsing the Site generally does not involve the collection and processing of personal data, except for navigation data and cookies as specified below. In addition to so-called “navigation data” (see below), personal data voluntarily provided by users may be processed when they interact with the Site’s features or request to use the services offered on the Site. In compliance with the Privacy Code, Altamateria may also collect users’ personal data from third parties while carrying out its business activities.

  1. Cookies and Navigation Data

The Site uses “cookies.” By using the Site, users consent to the use of cookies in accordance with this Privacy Policy. Cookies are small files stored on the user’s computer hard drive. There are two main categories of cookies: technical cookies and profiling cookies.

  • Technical cookies are necessary for a website to function properly and allow user navigation. Without them, users may not be able to view pages correctly or use certain services.
  • Profiling cookies create user profiles to send advertising messages in line with preferences expressed during navigation.

Cookies can also be classified as:

  • Session cookies, which are deleted immediately after closing the browser
  • Persistent cookies, which remain in the browser for a specific period of time and are used, for example, to recognize the device accessing a site to simplify user authentication
  • First-party cookies, generated and managed directly by the website operator
  • Third-party cookies, generated and managed by entities other than the website operator
  1. Cookies Used on the Site

The Site uses the following types of cookies:
a. First-party cookies, both session and persistent, necessary to enable navigation on the Site, for internal security purposes, and for system administration
b. Third-party cookies, both session and persistent, necessary to allow users to access multimedia elements on the Site, such as images and videos
c. Third-party cookies, persistent, used by the Site to send statistical information to the Google Analytics system, through which Altamateria can conduct statistical analyses of visits to the Site. These cookies are used solely for statistical purposes and collect information in aggregate form. Through a pair of cookies, one persistent and the other session-based (which expires upon closing the browser), Google Analytics also saves a log with the start and end times of Site visits. Users can prevent Google from tracking data via cookies and processing it by downloading and installing the browser plugin available at: http://tools.google.com/dlpage/gaoptout?hl=it

  1. Third-party cookies, persistent, used by the Site to include the buttons of certain social networks (Facebook, Twitter, and Google+).
    By selecting one of these buttons, the user can publish on their personal page of the respective social network the content of the web page of the Site they are visiting.

The Site may contain links to other websites (so-called third-party sites). Altamateria does not access or control cookies, web beacons, and other tracking technologies that may be used by third-party sites accessible from the Site; Altamateria does not control the content and materials published by or obtained through third-party sites, nor their methods of processing users’ personal data, and expressly declines any responsibility for such occurrences.
The user is required to verify the privacy policies of the third-party sites they access through the Site and inform themselves about the conditions applicable to the processing of their personal data. This Privacy Policy applies solely to the Site as defined above.

  1. How to disable cookies in browsers
    If you wish, you can manage cookies directly through your browser settings. However, deleting cookies from the browser may remove preferences you have set for the Altamateria website. Therefore, it would be advisable to periodically visit this page to review your preferences.
    For further information and support, you can also visit the specific help page of the web browser you are using:
    • Internet Explorer;
    • Firefox;
    • Safari;
    • Chrome;
    • Opera
  2. Retention of personal data
    Personal data is stored and processed through IT systems owned by Altamateria or managed by third-party technical service providers; for further details, please refer to the section “Scope of accessibility of personal data” below. Data is processed exclusively by personnel specifically authorized, including staff assigned to perform extraordinary maintenance operations. Personal data will be retained for the duration of the contract and after the end of the contract to fulfill Altamateria’s legal obligations, including claims for potential complaints, in accordance with applicable law, after which they will be deleted or anonymized.
    If we consent to processing our products and services for direct marketing purposes after the contract expires, we will process the data until the consent is revoked.
  3. Purposes and methods of data processing
    Altamateria may process the user’s common and sensitive personal data for the following purposes: allowing users to utilize the services and features available on the Site, managing user requests and reports, sending newsletters, handling applications received through the Site, etc.
    Additionally, with the user’s further and specific optional consent, Altamateria may process personal data for marketing purposes, i.e., to send the user promotional material and/or commercial communications related to the Company’s services, at the contacts provided, through both traditional (e.g., postal mail, operator-assisted phone calls, etc.) and automated means (e.g., internet communications, fax, email, SMS, applications for mobile devices such as smartphones and tablets – so-called APPS – social network accounts such as Facebook or Twitter, automated operator phone calls, etc.).
    Personal data is processed in both paper and electronic formats and entered into the corporate information system in full compliance with EU Regulation 2016/679, including security and confidentiality requirements, and adhering to principles of fairness and lawfulness of processing. In compliance with EU Regulation 2016/679, data is stored and retained for the time necessary to achieve the purposes for which it is processed and, in any case, for as long as you decide to remain registered on our website.
  4. Security and quality of personal data
    Altamateria is committed to protecting the security of user personal data and complies with security provisions under applicable law to prevent data loss, unlawful or improper use of data, and unauthorized access, with particular reference to the Technical Regulations on Minimum Security Measures. Additionally, Altamateria’s IT systems and software are configured to minimize the use of personal and identifying data; such data is processed solely to achieve the specific purposes pursued from time to time.
    Altamateria employs multiple advanced security technologies and procedures to protect users’ personal data, such as storing personal data on secure servers located in controlled and protected locations. The user can help Altamateria update and maintain the accuracy of their personal data by notifying any changes to their address, qualifications, contact information, etc.
  5. Scope of communication and access to data
    The user’s personal data may be communicated to:
  • all parties to whom access to such data is recognized by regulatory measures;
  • our collaborators and employees, within the scope of their duties;
  • all natural and/or legal persons, public and/or private, when the communication is necessary or functional to the performance of our activities and in the ways and for the purposes outlined above.
  1. Nature of providing personal data
    The provision of certain personal data by the user is mandatory to enable the Company to manage communications, requests received from the user, or to re-contact the user to follow up on their request. This type of data is marked with an asterisk [*], and in such cases, the provision is mandatory to allow the Company to follow up on the request, which otherwise cannot be fulfilled. Conversely, the collection of other data not marked with an asterisk is optional: failure to provide it will not result in any consequences for the user.
    The provision of personal data by the user for marketing purposes, as specified in the section “Purposes and methods of processing,” is optional, and refusal to provide it will have no consequences. Consent provided for marketing purposes is understood to extend to communications made using both automated and traditional means, as exemplified above.
  2. Rights of the data subject

12.1 Art. 15 (Right of access), 16 (Right to rectification) of EU Reg. 2016/679
The data subject has the right to obtain from the data controller confirmation as to whether or not personal data concerning them is being processed and, if so, access to the personal data and the following information:
a. the purposes of the processing;
b. the categories of personal data concerned;
c. the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular, recipients in third countries or international organizations;
d. the retention period of the personal data envisaged or, if not possible, the criteria used to determine that period;
e. the existence of the right to request from the data controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
f. the right to lodge a complaint with a supervisory authority;
h. the existence of automated decision-making, including profiling, and, at least in such cases, meaningful information about the logic involved and the significance and envisaged consequences of such processing for the data subject.

12.2 Right pursuant to Art. 17 of EU Reg. 2016/679 – Right to erasure (“right to be forgotten”)
The data subject has the right to obtain from the data controller the erasure of personal data concerning them without undue delay, and the data controller is obliged to erase personal data without undue delay if one of the following grounds applies:
a. the personal data is no longer necessary concerning the purposes for which it was collected or otherwise processed;
b. the data subject withdraws consent on which the processing is based per Article 6, paragraph 1, letter a), or Article 9, paragraph 2, letter a), and if there is no other legal ground for the processing;
c. the data subject objects to the processing under Article 21, paragraph 1, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing under Article 21, paragraph 2;
d. the personal data has been unlawfully processed;
e. the personal data must be erased to comply with a legal obligation under Union or Member State law to which the data controller is subject;
f. the personal data has been collected in connection with the offer of information society services referred to in Article 8, paragraph 1, of EU Reg. 2016/679.

12.3 Right pursuant to Art. 18 – Right to restriction of processing
The data subject has the right to obtain from the data controller restriction of processing where one of the following applies:
a. the accuracy of the personal data is contested by the data subject, for a period enabling the data controller to verify the accuracy of the personal data;
b. the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of its use instead;
c. the data controller no longer needs the personal data for processing purposes, but the data subject requires it for the establishment, exercise, or defense of legal claims;
d. the data subject has objected to processing under Article 21, paragraph 1, of EU Reg. 2016/679, pending verification of whether the legitimate grounds of the data controller override those of the data subject.

12.4 Right pursuant to Art. 20 – Right to data portability
The data subject has the right to receive the personal data concerning them that they have provided to a data controller in a structured, commonly used, and machine-readable format, and has the right to transmit those data to another data controller without hindrance from the original data controller.

  1. Withdrawal of Consent for Data Processing
    The data subject has the right to withdraw their consent for the processing of their personal data by sending a registered letter with return receipt to the following address:
    SEGHERIA 3B SNC DI P. E F. BASSO
    Via Julia 2, – 33050 – Trivignano Udinese (UD) (Italy), accompanied by a photocopy of their identity document, with the following text:
    <withdrawal of consent for the processing of all my personal data>
    Alternatively, the request can be sent via certified email (PEC) to the following address: segheria3b@galileopec.it.
    After completing this process, your personal data will be removed from the records as quickly as possible.

If you would like more information regarding the processing of your personal data, or to exercise the rights referred to in point 7 above, you may send a registered letter with return receipt to the following address:
SEGHERIA 3B SNC DI P. E F. BASSO
Via Julia 2, – 33050 – Trivignano Udinese (UD) (Italy), accompanied by a photocopy of your identity document, with the following text:
<withdrawal of consent for the processing of all my personal data>
Alternatively, you may send the request via certified email (PEC) to segheria3b@galileopec.it.

Before we can provide or modify any information, it may be necessary to verify your identity and ask you a few questions. A response will be provided as soon as possible.