Privacy statement

AppReception is a service provided by DigiBite S.r.l., Data Controller of the data collected through this website, with registered office in Via Valle d’Aosta 2/L – 41049 Sassuolo (MO) and operational headquarters and administration in Via Staffette Partigiane 65 – 41122 Modena (MO) – Italy – VAT number 03824810364 – Tel +39 059 8395864 – +39 059 821637 – Email info@appreception.it (hereinafter “AppReception” or even just “Owner”). It decides autonomously on the purposes and methods of processing, as well as on the security procedures to be applied to ensure the confidentiality, integrity and availability of the data.

Data provided voluntarily by the user
Users are asked for personal data (e.g. name, surname, email, etc.) only if they wish to make contact or use the services offered on this website. In such cases, users are provided with appropriate notice in this regard, and asked to provide consent where necessary. The processing of the data provided by the user will be carried out in accordance with the purposes and methods indicated in this notice and in the specific notices made available from time to time.

Data provided directly by the data subject by completing and submitting contact/communication forms.
The explicit and voluntary sending of messages to the contact addresses or the filling in of the forms in the relative section entails the acquisition of the sender’s contact data, as well as all the personal data included in the communications.
These data are processed for the following purposes and in accordance with the relevant legal bases for processing, for a storage period not exceeding the time necessary for the purposes for which they were collected and processed.

Type of data processed: first name, last name, email address, message.

Purposes of the processing:

• Management of the request submitted by the user.
• Provision of the requested service (e.g. estimates, information, etc.).
• With consent given, the sending of commercial information, including by email, to propose services, to conduct surveys on customer satisfaction, market research, promotional activities in general.

Legal Basis:

• The processing is necessary to respond to requests for the execution of pre-contractual and contractual measures taken at the request of the data subject.
• Consent of the data subject.

Zendesk messaging software is used to manage the chat. The data are transferred to the service provider for the provision of such service, the processing being carried out in the manner specified by its privacy policy: Policy-Zendesk.

Data provided directly by the data subject by completing and submitting the form for subscribing to the Newsletter.

Subscription to the Newsletter on this website is optional, explicit and voluntary. This activity involves the acquisition of the sender’s contact details.

These data are processed for the following purpose and in accordance with the relevant legal basis for processing, for a storage period not exceeding the time necessary for the purpose for which they were collected and processed.

Type of data processed: email address.

Purposes of the processing: commercial offers and marketing activities such as:

• Sending of Newsletters to subscribers. With the acquisition of consent, commercial information will also be sent by email to propose services, to conduct surveys on the level of customer satisfaction, market research, promotional activities in general.

Legal Basis: Consent of the data subject – Opt out: Possibility to withdraw consent in any newsletter or by writing to the Data Controller.

The MailUP platform is used to manage newsletters. The data are transferred to the service provider for the provision of such service, the processing being carried out in the manner specified by its privacy policy: gdpr-mailup.

Unsubscribing from the Service
To stop receiving the Newsletter, simply click on the “Unsubscribe” button at the bottom of each Newsletter email or send a message to the contact address privacy@digibite.it.

• Contractual purposes connected with and instrumental to the establishment and management of customer and/or supply relations, such as the acquisition of information prior to the possible conclusion of a contract.
• Fulfilment of the obligations envisaged by state laws, regulations and EU legislation, or provisions issued by authorities empowered to do so by law and by control or supervisory bodies (e.g. tax, accounting, administrative, etc.).
• Exercise of the Data Controller’s rights in court and management of any litigation.

Statistics

Collection of data and information in an exclusively aggregated and anonymous form in order to verify the proper operation of the website, with a view to continuous improvement.

None of this information is related to the physical person-user of the website, and does not allow for the identification of such persons in any way.

Security

Collection of data and information in order to protect the security of the website and users (spam filters, firewalls, virus detection) and to prevent or detect fraud or abuse of the website.

The data, including the domain names of the computers used by the users who connect to the website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the user’s operating system and computer environment are recorded automatically and may also include personal data (IP address) that could be used in accordance with applicable laws to block attempts to damage the website itself or to cause damage to other users, or in any case harmful or criminal activities. These data are never used to identify or profile the user and are periodically deleted.

Cookies

Cookies are small strings of text that visited sites send to the user’s terminal (usually the browser), where they are stored and re-sent to the same sites the next time the user visits. While browsing a website, the user may also receive cookies sent to his/her terminal by other websites or web servers (known as “third parties”), which may contain certain elements (e.g. images, maps, sounds, and specific links to pages in other domains) present on the website the user is visiting. Cookies are usually found in very large numbers in users’ browsers and can sometimes remain there for long periods of time. They are used for various purposes: computer authentication, to monitor sessions, store information on specific configurations regarding users who access the server, etc. For more information see the website’s cookie policy.

Users are free to decide whether or not to provide their personal data through this website and/or the services connected thereto. As specified on a case-by-case basis in the notices provided to the user, failure to provide data may make it impossible to provide the requested service. The mandatory nature of any information required is indicated by the (*) symbol.

Any refusal to provide certain data marked as required makes it impossible to pursue the main purpose of the activity in question. For example, such refusal could make it impossible for AppReception to provide answers to the user or any other services available on this website. Providing AppReception with further data other than those marked as required is optional and does not entail any consequences with regard to the pursuit of the main purpose of the collection.

The processing of personal data will always be based on the principles of propriety, lawfulness, transparency and protection of confidentiality by means of technical and organisational security measures in order to guarantee an adequate level of protection.

Within the AppReception website it is possible to share content via social networks. The user is free to decide whether and which content to share on one or more social networks (Facebook, LinkedIn). In this case, we inform you that no personal data of users are acquired by AppReception, and users are invited to check the settings of their social network accounts in order to identify any data acquired by external platforms.
For more information consult the websites of the social networks subscribed to (www.facebook.com, www.linkedin.com).

Personal data will be processed by in-house staff entrusted with the development and management of the website who are authorised to process them in order to achieve the aforementioned purposes and who have committed to maintaining confidentiality or stipulated an appropriate legal obligation of confidentiality.

Personal data will be processed by parties appointed as Data Processors as they process data on behalf of the Data Controller (e.g. parties it is necessary to interact with in order to provide the Services, such as hosting providers, suppliers of platforms for sending emails/texts or, again, parties appointed to perform technical maintenance including the maintenance of network equipment and electronic communication networks, etc.).

Personal data may be shared with third parties that the Data Controller has contractual relationships with for services functional to the performance of the activity (e.g. companies or professional firms that provide assistance and consultancy in administrative, legal, tax, financial and credit recovery matters relating to the provision of Services, etc.).

The data may be disclosed, even without consent, to all the inspection bodies designated to perform audits and controls, such as the Revenue Agency, ministerial bodies and competent authorities, local authorities, tax commissions of any order and degree, at their express request, which will process them as autonomous data controllers for institutional purposes and/or by virtue of the law during investigations and controls.

The personal data are not intended for publication or dissemination.

The full list of external data processors is available from the Data Controller.

The data will be processed by the Data Controller in Italy and within the territory of the European Union and the European Economic Area. If for technical, organisational and/or operational reasons it is necessary to make use of parties (among those specified in the list above) located outside the European Union or the European Economic Area, note that AppReception shall ensure that the processing of data by such parties takes place in compliance with the applicable regulations. Therefore, transfers will be made employing appropriate safeguards, such as adequacy decisions, Standard Contractual Clauses approved by the European Commission or other safeguards deemed appropriate. The data subject may request further information by writing to the following email address: privacy@digibite.it.

Personal data processed for contractual purposes connected with and instrumental to the establishment and management of customer relations and/or supply, such as the acquisition of information prior to the possible conclusion of a contract, will be kept by the Data Controller for the time strictly necessary to perform the service requested and to properly execute the contractual relationship with the user. In any event, as these personal data are processed in order to provide the Services and to enable the performance of the contractual relationship, the Data Controller may retain them for a longer period, in particular as may be necessary to protect the Controller’s interests against possible liability relating to the Products. At the end of this period, the data will be deleted.

User requests and the data contained therein will be kept only for the time necessary to allow the Data Controller to identify the proper closure of the request, and in any case for as long as may be necessary to protect the interests of the Data Controller against possible liability. At the end of this period, the data that enable the direct or indirect identification of a natural person (such as name, email address) will be rendered anonymous and kept in aggregated form for statistical purposes.

Personal data processed for the purpose of complying with national laws, regulations and EU legislation will be retained by the Data Controller for the period envisaged by specific legal obligations or applicable laws.

Any personal data processed for the purposes of commercial communications will be retained by the Data Controller until the consent given by the user is withdrawn. Once consent has been withdrawn, the Data Controller will no longer use the personal data for such purposes, but may still retain them, particularly as they may be necessary to protect the Data Controller’s interests against possible liability based on such processing.

Unless otherwise specified, the processing of personal data will take place for the entire period for which the data subject uses this website and the services provided through it. If consent is withdrawn, the personal data will be retained by the Data Controller for the purpose of proving the fulfilment of its obligations until such time as they become time-barred.

Articles 15 et seq. of the GDPR EU 2016/679 grant data subjects specific rights.

Specifically, the right to obtain confirmation as to whether or not the personal data exist, access to and correction, erasure or restriction of the processing of the personal data, or to object to the processing of the personal data, as well as the right to data portability, the disclosure of such data and the purposes the processing is based on. In addition, data subjects have the right to obtain the withdrawal of consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the withdrawal, the transformation into an anonymous form or the blocking of data processed in breach of the law, as well as, if there is an interest therein, the integration of data. Data subjects have the right to object to such processing on legitimate grounds.

The exercise of these rights is not subject to any time constraints and may be carried out free of charge by contacting the Data Controller at the references given at the beginning of this notice by ordinary post and/or email at privacy@digibite.it and/or by PEC certified email.

Data subjects who believe that the processing of their personal data carried out through this website is in breach of the provisions of the Regulation have the right to lodge a complaint with the supervisory authority (for Italy: Data Protection Authority www.garanteprivacy.it), as envisaged in Art. 77 of the Regulation itself, or to take appropriate legal action (Art. 79 of the Regulation).

AppReception reserves the right to modify or simply update the content of the website’s Policy in part or in full, including due to changes in applicable law. These changes will be binding as soon as they are published on the website. The Data Controller therefore invites the user to visit this section on a regular basis to take cognisance of the most recent and updated version of the Policy in order to be kept up to date on the personal data collected and their use by the Data Controller.