Updates

Date last updated: May 2018.

We have updated the entire document to clarify and reflect our last position regarding the safeguarding of user privacy. We have included our services provided in a single document in order to minimize redundancies and improve transparency.

Introduction

The statement outlined below establishes the boundaries of what Dimcar s.r.l. processes and what the User, as visitor and data subject is entitled to.

Limits of applicability of the treatment

This Processing of personal data is applicable to this website www.dimcar.it and not necessarily to other sites of the company Dimcar s.r.l. on the World Wide Web. When you access another site, read the Personal Data Processing applicable to the site you are visiting. If you do not accept these personal data processing criteria, please exit this site. By accessing and using this site, you accept the criteria for processing your personal data as defined below. Dimcar s.r.l. is committed to protecting the privacy of visitors to its websites in accordance with Regulation (EU) 2016/679 ("GDPR").

Data controller

The "data controller" is DIMCAR s.r.l. Address Via Taurisano, 101 – Z.A. - 73059 – Ugento (LE), email address info@dimcar.it, hereinafter referred to as ("Company").

Personal data processed

"Data" means those relating to natural persons processed by the Company for the stipulation and execution of the contractual relationship with its customers/ clients legal entities referred to below ("Customers")such as those of the legal representative who signs the contract in the name and on behalf of the Customer, as well as employees/ customers of the Customer, involved in the activities referred to in the contract. In the latter case, the source of the Data is the Customer. Examples of the data we collect and store include: • Your email address, used as identification for our services or as your primary communication method. • Your name, address, telephone numbers and additional contact information are used to provide registration, shipping and billing verification services. • Your IP address and unique device identifiers are used for fraud prevention and security purposes. • Other information you provide to us through physical means or computer systems may be stored on a case-by-case basis depending on the reason for which it was provided.

Purpose of processing

The User Data is collected to allow the Data Controller to provide its services, as well as for the following purposes: Statistics, Advertising, Hosting and backend infrastructure, Interaction with social networks and external platforms and Viewing content from external platforms. The types of Personal Data used for each purpose are indicated in the specific sections of this document: In particular, Navigation Data are processed exclusively:

• for the operational management of navigation;
• for the management of data security.

As for the Personal Data voluntarily provided by the User, they are processed for the following purposes, in addition to those indicated below:

• for the production of anonymous and aggregated use statistics;
• protection or defence of rights in court;
• compliance with obligations under applicable laws or regulations, including those relating to accounting and taxation;
• fulfillment of the specific purposes for which such Data have been provided by the User (e.g. provision of a service, response to specific questions forwarded through contact forms, assistance requests, etc.);
• management of the User’s registration and/or access to any reserved areas available on the site;
• sending newsletters to the User, with the latter’s consent;
• participation of the User in initiatives, in compliance with the rules governing such activities or any regulations published on the site.

In order to pursue the purposes of processing described above, the Company uses the following services, listed for processing purposes. Hosting and backend infrastructure

• This type of services has the function of hosting data and files that allow www.dimcar.it to work, allow its distribution and provide a ready-to-use infrastructure to provide specific features of www.dimcar.it.
• Some of these services operate through geographically located servers in different locations, making it difficult to determine the exact location where Personal Data is stored.
• Interaction with social networks and external platforms
• This type of service allows you to interact with social networks, or with other external platforms, directly from the pages of www.dimcar.it.

In the event that an interaction service with social networks is installed, it is possible that, even if users do not use the service, the same collects traffic data related to the pages where it is installed.

Like button and Facebook social widgets (Facebook, Inc.)

• The "Like" button and Facebook social widgets are social networking services provided by Facebook, Inc.
• Personal Data collected: Cookies and Usage Data.
• Place of processing:USA – Privacy Policy

Pinterest and social widgets (Cold Brew Labs, Inc.)

• The Pinterest button and Pinterest social widgets are social networking services provided by Cold Brew Labs, Inc.
• Personal Data collected: Cookies and Usage Data.
• Place of processing: USA – Privacy Policy

Publicity
This type of services allow you to use your User Data for commercial communication purposes in various advertising forms, such as banners, videos, etc. This does not mean that all Personal Data is used for this purpose. Data and conditions of use are indicated below.

Statistics
The services contained in this section allow the Data Controller to monitor and analyze traffic data, www.dimcar.it uses this service in order to carry out aggregate analysis on its Users and, thus, improve the performance of the website www.dimcar.it. We adopt the following so-called tracking technologies: Google Analytics.

Sharing functionality via social networks

• On www.dimcar.it is available the functionality of sharing through social networks. This feature allows Users to send invitations, news or other types of communications and/ or the sharing of content present or actions taken by the User (e.g. sharing comments etc.) on the site in use, through the use of social networks external to www.dimcar.it (e.g. Facebook, Twitter, Google+ etc.). In such cases, the User must be aware that any Personal Data provided may also be processed by third parties who own such social networks according to their privacy policy and without any possibility for the Data Controller to exercise any type of control or influence on such subsequent treatment arrangements.
• The User is invited to read and accept the privacy policies of these third parties available for consultation at the links in the section dedicated to each of these services within this document.

Safety

The processing of personal data will also be carried out with the support of computer or telematic means to store, manage and transmit the data themselves, in any case by means suitable for ensuring their security and confidentiality. In particular, note that, becoming aware of the risks related to the disclosure of personal data (provided in person, by phone or through the Internet), no system is totally secure or tamper-proof or hacker-proof. Dimcar s.r.l. has put in place, pursuant to Regulation (EU) 2016/679 ("GDPR"), all the measures reasonably necessary to prevent and minimize risks due to unauthorized access, treatment, alteration or destruction not authorized or contrary to the law.

Identification of the visitor and cookies

If the user freely chooses to authenticate himself with his personal data, the site may send some particular files in order to identify them. These files are commonly known as "cookies". The "cookies" will be used exclusively to guide the user to the completion of the requested operations, will not retain statistical information or browsing preference on this site and will not be used for advertising purposes. If you prefer not to receive "cookies" or wish to be informed in advance, you can set your web browser accordingly, provided that your browser allows it.

Minors

No information may be sent to Dimcar s.r.l. by persons under 18 years of age without the consent of their parents or their deputies, neither persons under the age of 18 years can make purchases or perfect legal acts on this site without the aforementioned consent, unless this is permitted by the regulations in force.

Retention period

Contractual duration and, after termination, the ordinary limitation period of 10 years. In the case of legal disputes, for the duration of the same, until the exhaustion of the time limits for the availability of appeals. In the case of Marketing purposes, up to the revocation of consent that is 24 months from the provision of consent for purchase data only. After the above retention periods, the Data will be destroyed or made anonymous, compatible with the technical procedures of deletion and backup.

Method of treatment

The processing of data takes place with or without the aid of electronic or, in any case, automated, computer or telematic tools, with logics strictly related to the purposes expressed above. The processing of data will be carried out in a lawful and correct manner and in accordance with the above mentioned legislation, by means of instruments capable of guaranteeing its security and confidentiality and may also be carried out by means of automated instruments capable of storing, managing and transmitting the data. The processing will be carried out, mainly by the internal organization of the company under the direction and control of the Data Controller and for the purposes indicated above, also by group companies or third parties. The storage of Data will take place in a form that allows the identification of the data subject for a period of time not exceeding that necessary for the purposes for which they were collected or subsequently processed

Provision of data

The provision of Data is mandatory for the conclusion of the contract and/or for its execution. The refusal to provide the Data does not, therefore, allow the establishment of the contractual relationship and/ or to fulfill the resulting obligations.

Recipients of data

Data may be communicated to external parties operating as data controllers, by way of example, authorities and supervisory and control bodies and in general subjects, public or private, entitled to request Data such as Revenue Agency and/ or Guardia di Finanza, or to Banking Institutions for obtaining entrustments. The Data may be processed, on behalf of the owner, by external parties designated as data processors, who carry out on behalf of the owner specific activities, by way of example, accounting, tax and insurance obligations, mail shipments, management of receipts and payments, etc.

Persons authorised to process

The Data may be processed by employees of the company departments responsible for the pursuit of the purposes indicated above, which have been expressly authorized to process and have received appropriate operational instructions.

Data transfer to non-EU countries

Where necessary, Personal Data may be transferred abroad to non-European countries whose level of data protection has been deemed adequate by the European Commission pursuant to art. 45 of the GDPR or after signing the standard contractual clauses (Standard Contractual Clauses) adopted/approved by the European Commission pursuant to art. 46, 2, lett. c) and d) with the reference supplier or after adoption of the other guarantees under art. 46 and 47 of the GDPR. A copy of these guarantees can be obtained by sending a request by email to info@dimcar.it

Rights of the data subject - Complaint to the supervisory authority

• Pursuant to Article 7 d.lgs. n. 196/2003 and related legislative provision GDPR 2016/679, the interested party may contact the Company by contacting the Sales Office via e-email to info@dimcar.it the interested party may ask the Company for access to the Data concerning him, their cancellation, the correction of inaccurate Data, the integration of incomplete Data, the cancellation of Data, limitation of the processing carried out for the legitimate interest of the data controller;
• the data subject, moreover, in the event that the processing is based on consent or contract and is carried out with automated tools has the right to receive in a structured format, commonly used and machine-readable Data, and, where technically feasible, to transmit them to another holder without hindrance;
• the data subject shall have the right to lodge a complaint with the competent supervisory authority in the Member State where he is habitually resident or working or in the State where the alleged infringement occurred;
• the data subject has the right to withdraw the consent given at any time for marketing purposes and to oppose the processing of the data processed for the same purposes. It remains without prejudice to the possibility for the data subject who prefers to be contacted for the aforementioned purpose exclusively through traditional methods of expressing his opposition only to receiving communications through authorized methods;

Duties of society

• Guarantee the rights of data subjects;
• You guarantee the provisions of Legislative Decree No. 196 of 30 June 2003 pursuant to art. 13 (Code on the protection of personal data);
• Guarantee the provisions of EU Regulation 2016/679 on data protection (GDPR, General Data Protection Regulation EU 2016/679);
• Promptly inform the data subject in case of a personal data breach;
• Respond to all requests of the interested parties no later than 3gg working;
• Ensure the correct management and processing of data in line with the rules;
• Ensure and ensure the security and confidentiality of the data in line with the rules;