The following Privacy Policy aims to illustrate the methods and purposes of the processing of personal data carried out by Allevi Design & Development Srl as the data controller of the website www.allevi.it and the related services.

The company Allevi Design & Development Srl respects the privacy of every user who visits the Site and uses the Services.

The Policy does not apply to third-party sites accessible through links on the website of the data controller.
The processing of Users’ personal data takes place in full compliance with Regulation (EU) 2016/679.

  1. Identity and contact details of the Data Controller

The Data Controller is the company Allevi Design & Development Srl, located at Viale Brianza, 19 – 20821 Meda (MB) – VAT number 12558020967, email: info@allevi.it.

  1. Categories of processed personal data

The Data Controller may process the following categories of personal data of Users:

  • Data provided by the user: Identifying and contact data (mainly name, surname, telephone contacts, and email) voluntarily entered by the user when filling out the data request form; the optional, explicit, and voluntary sending of messages to the contact addresses of the Data Controller, as well as the completion and submission of any forms on the website, result in the acquisition of the sender’s contact data necessary to respond, as well as all personal data included in the communications; if necessary, specific information is published on the web pages set up for the provision of different services and different purposes.
  • Browsing data: The computer systems and software procedures involved in the operation of this website acquire, during their normal operation, some personal data, the transmission of which is implicit in the use of Internet communication protocols.

This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters related to the user’s operating system and computer environment.

Such data, necessary for the use of web services, are also processed for the purpose of:

  • obtaining statistical information on the use of services (most visited pages, number of visitors per hourly or daily range, geographical areas of origin, etc.);
  • monitoring the proper functioning of the offered services.
  • Cookies and other tracking systems: please refer to the cookie policy available in the dedicated section.
  1. Purposes and legal bases of the processing of personal data

The Data Controller processes user data to enable the navigation of its website and to be able to respond to any requests voluntarily sent by the user.

Any further processing occurs only on the basis of obligations provided by law and on the basis of legitimate interest. For any other processing purposes, explicit consent from the User to the Data Controller is required.

In particular, Allevi Design & Development Srl collects and processes personal data of Users for the following purposes:

  1. Purposes strictly related and instrumental to administrative and accounting management;
  2. Purposes related to legal and tax obligations as required by laws, regulations, European legislation, as well as provisions issued by Authorities and Supervisory and Control Bodies;
  3. Allowing the user to browse the website;
  4. Responding to user requests sent through the website;
  5. Allowing users to use the services available on the website;
  6. Improving the presentation, features, and functionality of the website and services.
  1. Data retention periods

The personal data processed by Allevi Design & Development Srl based on the user’s consent will be retained for the time strictly necessary to achieve the purposes for which they were originally collected and, in any case, will no longer be processed following the possible revocation of the given consent.

Where the processing of personal data is instead carried out to fulfill legal, tax, or judicial obligations, the data may be retained for a maximum of ten (10) years.

Browsing data do not persist for more than seven days and are deleted immediately after their aggregation, except for any needs related to investigating crimes by the judicial authority.

  1. Provision and methods of processing

The provision of data such as surname/name/phone contact/address/email is mandatory in order to respond to requests voluntarily submitted by the User.

All personal data will be processed through the use of both paper and computerized tools.

The Data Controller has implemented all necessary technical and organizational measures to ensure a high level of security, with the aim of minimizing the risks of destruction or loss, including accidental loss, of the data, unauthorized access, or processing not allowed or not in compliance with the purposes outlined in this document. This is done in accordance with Articles 24, 25, and 32 of the GDPR.

However, since it is not possible to guarantee that the security measures adopted for the website and data transmission are such as to exclude any risk of unauthorized access or data dispersion, we urge the user to ensure that their computer is equipped with updated antivirus software for network data protection and that their Internet service provider has also taken suitable measures for the security of data transmission.

  1. Recipients of personal data – Communication and dissemination of personal data

The processed personal data will be subject to communication to specific entities. Based on the roles and tasks performed, both internal and external personnel are authorized to process data within the limits of their competencies and in accordance with the instructions provided by the Data Controller. The same data may be communicated to authorized individuals appointed as Data Processors.

  1. Transfer of personal data abroad

The Data Controller does not transfer personal data to third countries; however, it reserves the right to use cloud services, and in such cases, service providers will be selected from those who provide adequate guarantees, as envisaged by Article 46. GDPR 679/16.

  1. Processing of personal data of minors

The use of the website and services is reserved for users who are of legal age. Allevi Design & Development Srl does not process personal data of minors.

  1. Rights of the Data Subject

The Data Controller is freely contactable for any request related to this Policy by writing to info@allevi.it.

The user may, at any time, exercise the rights outlined in Articles 15/16/17/18/20/21 of GDPR 679/16.
The aforementioned rights can be exercised by sending a specific request to the Data Controller through the contact channels indicated in this information.

  1. Cookie Policy

For the use of cookies, please refer to the specific “Cookie Policy” section where suitable information is provided.

  1. Links to third-party websites

Allevi Design & Development Srl cannot in any case be held responsible for the processing carried out through or in connection with such third-party websites. Users are therefore encouraged to exercise the utmost caution in this regard, reviewing the terms of use and the privacy and cookie policies published on the visited portals.

  1. Changes and Updates

This Policy has been updated and is effective as of 25/05/2018.

Any further changes will be communicated to users through means and timing deemed most appropriate by the Data Controller, particularly through publication on the website.