Privacy Policy

Privacy Policy pursuant to Art. 13 EU Reg. 679/2016

What is this document?

We are Aindo SpA and this notice has been drafted pursuant to Art. 13 of EU Regulation 679/2016 (“GDPR”). In this document we explain how we process, protect and store the data of each visitor (“User”) collected through the website (“the Website”).

 

1. Who processes your data? (Data Controller)

💡 Who is the Data Controller? The Data Controller is the natural or legal person who determines the purposes and means of processing personal data. In practice, it is the entity that collects and manages your personal data and takes legal responsibility for it.

The Data Controller is Aindo SpA (“Aindo” or the “Controller”), VAT number: 01313960328, with registered office at Località Padriciano, 99, 34149 Trieste (TS).

 

2. What data do we process?

  • Browsing data including: IP address, URI (Uniform Resource Identifier) addresses of requested resources, request time, the method used to submit the request to the server, the size of the file received in response, the numeric code indicating the status of the server response (success, error, etc.) and other parameters relating to the operating system and the user’s IT environment (“Browsing Data”).
  • Data voluntarily provided by the user for handling information requests, including: first name, last name, email address, phone number, professional information, VAT number (“Contact Data”).
  • Data required for user registration on the platform: Contact Data.

 

💡 What is the legal basis for processing? The legal basis is the condition that allows Aindo to lawfully process personal data. For more information you can read Art. 6 of Regulation (EU) 2016/679 (“GDPR”) at this link.

💡 On what legal basis do we rely? There may be different legal bases justifying the processing of data.

  • Consent: processing occurs because the User has given their consent.   >  
  • Performance of a contract: processing is necessary to conclude or perform our contract.   >  
  • Legal obligation: processing is required by a specific legal provision.   >  
  • Legitimate interest: processing is necessary to fulfil our legitimate interest. For each processing activity based on this legal basis, we have carefully verified that your rights and interests do not override ours.

A) Creation of user profile on the platform. Legal basis: Contract — Art. 6.1(b) GDPR

B) Sending communications and responses to requests relating to Aindo’s activities. Legal basis: Contract — Art. 6.1(b) GDPR

 

C) Sending newsletters and/or other materials for marketing communication purposes. Legal basis: Consent — Art. 6.1(a) GDPR

 

D) Improving the website by analysing how Visitors or Users navigate and/or use it. Aindo collects and stores the User’s Browsing Data. Legal basis: Legitimate interest — Art. 6.1(f) GDPR

 

E) Detecting or preventing fraudulent activities and exercising the Controller’s rights in court. Aindo will process the User’s Contact Data. Legal basis: Legitimate interest — Art. 6.1(f) GDPR

 

F) Sending informational communications (soft spam). Aindo will use the User’s Contact Data to send communications relating to products similar to those of interest to the User. Legal basis: Legitimate interest — Art. 6.1(f) GDPR

 

4. Processing methods

Processing is carried out using automated and/or manual IT and telematic tools designed to ensure appropriate security measures to prevent unauthorised access, disclosure, loss, improper, unlawful or unauthorised use of data.

 

5. Location of data processing

Personal data are processed at the Controller’s registered office and on the servers hosting the website. Personal data are stored on servers located within the EU and will under no circumstances be transferred outside them. The Data Controller guarantees that when cloud providers, services or platforms established outside the EEA are used, the processing of personal data by these recipients is carried out in accordance with applicable law. Transfers are made using appropriate safeguards, such as adequacy decisions, standard contractual clauses approved by the European Commission, or other safeguards provided for under the GDPR.

 

6. How long might we process your data?

We retain your data for:

  • the period necessary to respond to requests relating to Aindo’s activities and in any case never for more than 12 months;
  • until deletion of the user profile in the case of a platform registration request;
  • until withdrawal of consent with regard to sending newsletters and/or other materials for marketing communication purposes, and in any case never for more than 24 months.

After this period we will proceed to fully delete or anonymise the data.

 

7. With whom do we share your data?

The parties who may become aware of your personal data, to the extent strictly necessary to fulfil the purposes set out in paragraph 3, are entities formally appointed by Aindo. In addition to internal staff — specifically authorised pursuant to Art. 29 GDPR — to ensure the provision of the service, personal data may be disclosed to external parties who may act as independent controllers or processors. In particular, your data may be disclosed to:

  • providers of internet services and platforms used by the Controller as organisational tools, communication channels and/or promotional channels;
  • authorities whose right of access to personal data is expressly recognised by law, regulations or measures issued by the competent authorities.

The relationships with the parties listed above are formalised by a contract pursuant to Art. 28 GDPR. To find out who the processors appointed by Aindo are, you can contact us at [email protected]

 

8. Your privacy rights

💡 What are privacy rights? The GDPR recognises important rights that you can exercise by contacting the Data Controller. To learn more about your rights you can read Chapter 3 of the GDPR at this link.

You have the right to exercise the following rights:

  • Right of access to data;
  • Right to rectification;
  • Right to erasure (right to be forgotten);
  • Right to restriction of processing;
  • Right to data portability;
  • Right to object;
  • Right to lodge a complaint with the competent national authority (Italian Data Protection Authority — Garante per la Protezione dei Dati Personali).

 

9. Who to contact

For any communication relating to the processing of your data, including the exercise of your rights, you can write to us by email at: [email protected]

 

10. Amendments

Aindo reserves the right to modify or simply update the content of this notice, in part or in full, including due to changes in applicable law. Aindo will inform Users of such changes as soon as they are introduced, and they will be binding as soon as they are published on its website or otherwise communicated to them. Aindo therefore invites users to pay attention to the latest version of the notice shown through these channels so as to always be up to date on the data collected and how Aindo uses it.

Join Us

Want to learn more or work with us? We'd love to hear from you.

Contact us today