Arxis Srl, St. Torri Bianche n.9 20871 Vimercate (MB), in its capacity as Data Controller, hereby informs you that your personal data, acquired to allow compliance with the anti-contagion measures relating to SARS Covid-2 will be managed using electronic and hardcopy means.
All Data Subjects who access Arxis’s headquarters (workers, maintenance technicians, visitors, etc.) will be subject to the checks.
The check is restricted to verifying the authenticity, validity and integrity of the certification and does not involve the collection of data in accordance with the provisions of Prime Ministerial Decree dated June 17, 2021, Legislative Decree 127 dated September 21, 2021 or the provisions of the Personal Data Protection Authority. Since collection does not take place, data retention is not necessary.
The check is necessary in order to access Arxis’s offices in full compliance with current legislation. This check does not give rise to any automated decision, nor to profiling.
Arxis will ensure that this processing is carried out in full compliance with the aforementioned regulations and confidentiality obligations, providing precise instructions regarding any persons in charge of the checks.
In case of need, a Data Subject party may exercise the rights provided for in Articles 15-22 of GDPR 679/2016, which are detailed in the information available on the website www.Arxis and displayed at the reception desk at the entrance to the offices.
To exercise their rights, or any need, a Data Subject may contact the Data Controller directly at the operational headquarters or by using a dedicated e-mail address: privacy@arxis.
Should the Data Subject not be satisfied with the behavior of Arxis s.r.l., they may contact the Supervisory Authority in accordance with the instructions listed on the page https://www.garanteprivacy.it/home/footer/contatti.
October 14, 2021
This policy describes how the Arxis site is managed in terms of the processing of personal data belonging to the users visiting it. This informational notice is provided under art. 13 of the Genral Regulations (EU) 2016/679 regarding Personal Data Protection Code (GDPR) and Italian Legislative Decree 196/2003, to those interacting with Arxis S.r.l. webservices, which are accessible electronically at the address: www.arxis.it. The informational notice only refers to the Arxis site and does not cover other sites accessible via links from Arxis’s pages.
The informational notice is also based on Recommendation no. 2/2001 issued by the European Data Protection Authorities, which identifies certain minimum requirements for online personal data collection and, in particular, the methods, times and nature of the information that data controllers are required to provide to users when the latter connect to web pages, regardless of the purpose of the visit.
This Policy provides guidance on the processing of data acquired through consultation of the website; for a complete overview of the data processing by the company, you are invited to consult Arxis informational notice on data processing.
Data relating to identified or identifiable individuals can be processed following a visit to the site. The “Data Controller” responsible for processing the data is Arxis S.r.l., whose headquarters are in Vimercate, at St. Torri Bianche, 9 in the person of its legal representatives pro tempore.
The processing of data related to the web services on the site is performed exclusively by Arxis staff that have been assigned the task of processing. No personal data deriving from the web service shall be disseminated. Personal data provided by users is used solely for the purpose of performing the service requested and is only communicated to third parties in case in which doing so is necessary to achieve said purpose.
During the course of normal operation, the computer systems and software procedures used for the operation of the website acquire certain personal data, the transmission of which is implicit in the use of the Internet network, which is based on the TCP/IP protocol.
The information is not collected so that it may be associated with identified individuals, but which by their very nature could, through processing and associations with data stored by third parties, allow the identification of the users browsing.
This category of data includes “IP addresses” or the domain names of the computers used by the users who browse the website, the URI (Uniform Resource Identifier) notation addresses of the required resources, the time of the request, the method used to submit the request to the web server, the size of the file obtained in response, the numeric code indicating the response status provided by the web server (successful, error, etc.) and other parameters related to the operating system and the user’s computing environment. The data is only used for the purpose of obtaining anonymous statistical information on the use of the site and to check its proper functioning.
Please note that the aforementioned data may be used to establish liability in the event of cybercrimes perpetrated on the Arxis website or other related or linked sites: this exception aside, web contact data is retained for the time required to complete the activity requested and no longer than 90 days from the date of acquisition.
The Arxis website can also be visited by minors under eighteen years of age, since it only collects technical and commercial information data for the provision of IT services.
The request for information on the Arxis website Contacts page involves the acquisition of certain personal data, including the applicant’s e-mail address.
No user personal data is acquired by the site.
No cookies are used for the transmission of personal data, nor are there any so-called persistent cookies of any kind, i.e. user tracking systems.
The use of so-called session cookies (which are not persistently stored on the user’s computer and vanish when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) needed to allow the site to be browsed safely and efficiently.
The so-called session cookies used on the site avoid the use of other potentially damaging computer techniques for the confidentiality of user browsing and do not allow the acquisition of the user’s personal identification data.
Aside from that specified for browsing data, users are free to provide the personal data shown in the specific electronic application form. However, their non-provision means it shall not be possible to satisfy the contact request.
3.4 PROCESSING PROCEDURES AND SECURITY MEASURES
Arxis has implemented the necessary measures to ensure that processing is carried out in full compliance with the rights of the Data Subjects and the legislation in force. As regards information security, the Arxis management system is certified according to the ISO 27001 standard.
Personal data is stored solely for the purposes of the activity for which it was recorded and, of course, in compliance with any relevant legal provisions. This means that, when such data is no longer functional to those principles, it is permanently deleted. The Data Controller will make every effort, within the limits established by legislation, to ensure that any recipients of said data shall also delete it.
The Data Subjects to whom the personal data collected in the specific section refers shall be able to exercise the rights provided for by CHAPTER III of the GDPR, more specifically:
Given the method of processing, it is very unlikely that there will be requests regarding data portability. In any specific cases, Arxis shall assess the reasons for the request to comply with the provisions of the GDPR.
Should the actions resulting from the exercise of the rights referred to in points 2.2 and 3 be deemed incompatible with the management of the contractual relationship, Arxis shall highlight the fact in order to reach an agreement on the matter.
The right of the Data Subject to submit a complaint to the Supervisory Authority remains unaffected if they are not satisfied with the behavior of Arxis s.r.l. in their regard.
Arxis does not carry out automated decision-making processes and shall not disclose the personal data collected.
To exercise your rights, or for any need you may have, please contact the Data Controller directly (Arxis S.r.l. – St. Torri Bianche, 9 –20871 Vimercate,), or through the dedicated e-mail address: info@arxis.
After having analyzed the breaches of the Code, emerging as a result of its own checks or reports from stakeholders, Arxis shall decide on the existence or otherwise of such breaches, on the adoption of the appropriate measures and the imposition of the relative sanctions in agreement with the manager of the perpetrator of the censured behavior.
Recipients must avoid situations and/or activities that could lead to conflicts of interest with those of Arxis or that could interfere with the Recipient’s ability to make impartial decisions, thereby safeguarding the best interests of Arxis.
The acquisition and processing, as well as the storage of information and personal data of staff and other subjects whose data the Company possesses, takes place in compliance with specific procedures aimed at preventing unauthorized persons and/or entities from gaining their knowledge, as well as any misuse of this information. These procedures comply with current regulations.
Arxis also undertakes to safeguard and protect company resources and assets, as well as to manage its assets and capital by adopting all the necessary precautions to ensure full compliance with the laws and regulations in force.
Arxis recognizes the value of competition when inspired by the principles of fairness, fair competition and transparency towards the operators present on the market.
Relations with institutional interlocutors are maintained exclusively through the persons appointed to do so.
In this regard, the Company adopts the most appropriate measures to avoid the risks associated with carrying out its business activities and, where this is not possible, for an adequate assessment of the existing risks, with the aim of addressing them directly at source and guaranteeing their elimination or, where this is not possible, their management.
Compliance with the principles of correctness, transparency and good faith in relations with all contractual counterparties must be guaranteed.
Arxis rejects any form of criminal organization (in particular mafia-type associations), of a national and transnational nature. The Company adopts suitable measures to prevent the danger of its own or its employees’ involvement in relationships and activities for any reason and in any way whatsoever, even in the form of mere assistance and help, with such organizations. To this end, Arxis does not establish any relationship of a working, collaborative or commercial nature with subjects, whether they are natural or legal persons, directly or indirectly involved in criminal organizations or, in any event, linked by kinship and/or affinity with exponents of known criminal organizations, as well as not financing or, in any event, facilitating any activity referable to such organizations.
Breaches of the general principles of the Code by suppliers result in the right of the Company to implement express termination clauses included in the individual supply contracts, together with the provision of specific declarations regarding knowledge of the principles contained in the Code and the undertaking of the obligation to observe these principles.
Any reports concerning the Chairman of the Board of Directors must be sent to one of the other two Directors.