Cookie Policy
The information contained in this cookie policy (the “Cookie Policy“) is provided by the Data Controller (as described below), in addition to the information regarding the processing of personal data, which is always accessible on this website (the “Site“).
This Cookie Policy describes the different types of cookies that can be installed through the Site, their related purposes, the time-limit for storing any personal data thus collected, and the methods used to control the installation of these cookies.
Information relating to cookies installed by Amba Roma Srl through websites managed by third parties (the “Third Party Sites“) can be found in the section: “PROFILING COOKIES INSTALLED THROUGH THIRD PARTY SITES”.
DATA CONTROLLER
Amba Roma Srl, with registered office at Via Vittorio Veneto no. 62, 00187 Rome (RM) (hereinafter, also the “Data Controller” or “The Company“).
COOKIES USED BY THIS WEBSITE
Cookies are small text files that the websites visited by the user send to the browser of his device (PC, Notebook, Smartphone, Tablet, etc.), where they are stored before being sent back to the same sites during the next visit by the same user.
The Data Controller hereby states that this Site uses the types of cookies described below, including in combination with each other, and in full compliance with current legislation; and that these are classified according to the terms and directions of the competent authorities, including the Italian Data Protection Authority (the “Guarantor“) and the European Data Protection Board (EDPB).
The user is free, at any time, to manage their preferences in relation to cookies installed through the Site, by accessing this link Cookie settings
TECHNICAL COOKIES
These cookies that are essential to enable the transmission of information on the electronic communications network, and for the use of services requested by the user, such as home banking activities (viewing bank statements, bank transfers, the payment of bills, etc.), since these cookies serve to identify the user during the session. Without the use of these cookies, browsing the Site and certain operations requested by the user could not be carried out or would be less secure.
Because of the particular purposes for which technical cookies are used, their storage on the user’s device does not require his prior consent.
ANALYTICAL COOKIES
These are cookies used to produce statistics, in an aggregate and strictly anonymous form, for internal research into the number of users and how they visit the Site.
For the purposes of analytics cookies, the Data Controller uses an irreversible encryption mechanism for the user’s IP address (the address assigned to his device and necessary for browsing the Internet) and other relevant data, in order to identify the visitor to the site. More particularly, the IP address of each user is replaced by an alphanumeric code that has no link with the IP address or other information related to the user, and whose sole purpose is to distinguish one user from another.
The installation of analytics cookies is aimed solely at improving the service provided by the Data Controller to all users, as well as enhancing and improving the Site.
Under the terms of current legislation, the installation of this type of cookie does not require the prior consent of the user.
PROFILING COOKIES
These are the cookies used to send advertising messages, in line with the preferences expressed by the user while browsing the web. These cookies can be stored on the user’s device via the Site, either directly by the Data Controller or by other parties (hereinafter, “Third Parties“).
The prior consent of the user is required for the installation of profiling cookies.
PROFILING COOKIES INSTALLED BY THE DATA CONTROLLER
These profiling cookies are installed directly by the Data Controller via the Site; all profiling cookies installed by the Data Controller expire within 24 (twenty-four) months.
PROFILING COOKIES INSTALLED BY THIRD PARTIES
Cookies managed by Third Parties, acting as independent data controllers, are also installed via this Site.
PROFILING COOKIES INSTALLED VIA THIRD PARTY SITES
These are profiling cookies installed by the Data Controller via a Third Party Site. These cookies are used so that while the user is browsing the Third Party Site, he can receive advertising messages in line with the preferences expressed during the course of his web browsing.
All profiling cookies installed through a Third Party Site have a maximum lifespan of 24 (twenty-four) months.
THE PURPOSE AND LEGAL BASIS OF PROCESSING, AND TYPE OF DATA PROCESSED
Subject to the free and informed consent of the user, the Data Controller will process the information collected through first party profiling cookies for the following purposes:
- for both customers and non-customers of the Company: the promotion and sale of certain “dedicated” products and services, identified by processing and analyzing data (and by the use of certain techniques or automated systems) in relation to the user’s preferences, habits and consumption choices, and designed to divide users into homogeneous groups, based on particular behavior or characteristics. Such purposes will only be pursued by means of the browsing data collected through the abovementioned profiling cookies installed via the Site, and not by mixing or enhancing this information with other data that are already available to the Data Controller.
The legal basis for such processing is the consent of the user of the Site, who is free to grant consent or not and may revoke it at any time.
The provision of the data necessary for these purposes is not mandatory, and the refusal to provide them does not result in any negative consequences for the user or prevent him browsing the Site, but just makes it impossible for him to receive specific marketing messages.
WITHDRAWAL OR MODIFICATION OF CONSENT FOR THE INSTALLATION OF COOKIES
The Data Controller hereby declares that the user of the Site may amend his choices regarding the storage of cookies at any time.
PERSONAL DATA RECIPIENTS OR CATEGORIES OF RECIPIENTS
The data may be communicated to the following:
- i) those subjects (e.g. administrative, judicial or supervisory authorities) to whom such communication is necessary in order to fulfil an obligation established by law, by a regulation or by Community legislation;
- ii) third parties, suppliers of products and/or services.
These recipients may, where appropriate, process personal data as independent or responsible data controllers. The categories of independent data controllers, and a list of the data processors to whom your data may be communicated, can be requested from the company’s Data Controller.
In addition, natural persons in the following categories may become aware of your data in their role as authorized processers, but only with respect to the data required to carry out the tasks assigned to them: employees of the Company or seconded to it, temporary workers, interns, consultants and employees of external companies appointed as managers.
TRANSFER OF DATA TO THIRD COUNTRIES
The Data Controller wishes to inform you that personal data can only be transferred to countries outside the European Economic Area (so-called Third Countries) if these are recognized by the European Commission as offering an adequate level of personal data protection and are fully compliant with the relevant legislation and always ensure that data subjects can exercise their rights.
RIGHTS OF DATA SUBJECTS
EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 (the “GDPR“) gives natural persons, individual companies and/or freelancers specific rights, including the right to know what personal data are held by the Data Controller and how they are used (right of access), to obtain updating, rectification or integration, when required, as well as cancellation, transformation into anonymous form or limitation.
Users may, at any time, revoke any consent given to the storage of cookies on their device and to the possible processing of personal data resulting from the use of cookies, in the terms indicated above.
The Data Controller emphasizes that the withdrawal of consent will only take effect for the subsequent processing.
DATA RETENTION PERIOD AND RIGHT TO ERASURE (I.E. THE RIGHT TO BE FORGOTTEN)
The Data Controller will process the information collected as strictly necessary for the pursuit of the predetermined purposes; the data collected through first party profiling cookies will be processed for a maximum period of 6 months.
At the end of this retention period, the information collected will be deleted or stored in a form that does not allow the identification of the user (e.g. irreversible anonymization), unless their further processing is necessary for one or more of the following purposes: i) resolution of pre-litigation and/or litigation initiated before the expiry of the retention period; ii) to follow up investigations/inspections by internal control functions and/or external authorities initiated before the expiry of the retention period; iii) to respond to requests from public authorities in Italy and/or abroad received/made known to the Data Controller before the expiry of the retention period.
METHODS OF EXERCISING THE RIGHTS
To exercise the rights referred to in the previous paragraph, each user may contact:
Amba Roma Srl, with registered office in Via Vittorio Veneto, 62 00187 Roma (RM), tel. +39 340 562 5602, e-mail address: info@ic-rome.com
The deadline for replying is one (1) month, which can be extended up to two (2) months in particularly complex cases; the Data Controller must in any case give a reply within one (1) month.
The exercise of rights is, in principle, free; the Data Controller reserves the right to request an expense contribution in the event of manifestly unfounded or excessive (also repetitive) requests.
The Data Controller has the right to request the information necessary to identify the user.
COMPLAINTS OR NOTIFYING THE DATA PROTECTION SUPERVISORY AUTHORITY
The Data Controller informs that the user has the right to lodge a complaint or make a report to the Guarantor or to appeal to the Judicial Authority. The Guarantor’s contact details are available at the following link: http://www.garanteprivacy.it.