PRIVACY AND COOKIE POLICY

This Privacy and Cookie Policy refers to the processing of data supplied or otherwise acquired during the visit to the Website www.ebm-group.com (hereinafter the "Site") or the use of company contacts provided through the Site itself in accordance with the 2016/679 European Regulation (hereinafter "Regulation").

1. DATA CONTROLLER AND CONTACT DETAILS

Pursuant to art. 4 of the Regulation, the Data Controller is EBM srl (hereafter "Controller") with registered office in Via Dante Alighieri, 60 – 35014 Fontaniva (PD).
• Phone: +39 0424 541384
• Fax: +39 0424 543492
• Email: info@ebm-group.com

2. CATEGORIES OF THE DATA PROCESSED AND PURPOSE OF THE PROCESSING
2.1 BROWSING DATA

The IT systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allows users to be identified.
This category of data includes IP addresses or domain names of the computers used by users who connect to the Site, URI addresses (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters related to the operating system and the user's computer environment.

These data are used in order to:
• obtain anonymous statistical information on the use of the Site;
• manage control needs of how to use it, identify anomalies and / or abuse;
• ascertain responsibility in case of hypothetical computer crimes against the Site or third parties.
The processing of such data is legitimized by the need to make the Site functionalities usable subsequent to the user access.

2.2 DATA VOLUNTARILY PROVIDED BY THE INTERESTED PARTY

The collection of users’ personal data can be done voluntarily by sending an e-mail to the addresses listed on the Site and / or through the contact form on the Site.
This implies the collection, by the Controller, of the sender's email address, necessary to respond to the request, and any other item of personal data requested or transmitted voluntarily which are contained in the communication.

Personal data collected through this method will be used by the Data Controller for the sole purpose of:
a) following up requests for information (generally following the receipt of an e-mail containing requests for information and questions of initiative of the interested party);
b) providing any subsequent related communications.

The legal basis which legitimizes the processing is the execution of a contract of which the interested party is a part or the execution of pre-contractual measures taken at the request of the same.

Regarding the purposes referred to in points a) and b), the provision of such data is optional and any refusal will make it impossible for the Controller to implement the commitments undertaken and / or to respond to customer requests expressed through contacts present on the Site.

2.3 COOKIES

Through the cookies, a site remembers the user's actions and preferences (such as login data, the chosen language, font size, other display settings, etc.) so that they do not have to be indicated again when the user returns to visit this site or browse from one page to another.
Cookies, therefore, are used to perform computer authentication, monitoring sessions and storing information regarding the activities of users accessing a site and may also contain a unique identification code that allows to track the user's browsing within the site for statistical or advertising purposes.
Some operations could not be performed without the use of cookies, which in some cases are therefore technically necessary for the functioning of the site.
During browsing on a site, the user can also receive on his/her computer or mobile device website or web server cookies other than the one he / she is visiting (c.d. "third party" cookies).

Two macro-categories are identified:

A. TECHNICAL COOKIES.
These cookies are used for the sole purpose of transmitting a communication on an electronic communication network, or as strictly necessary to provide a service explicitly requested by the user. In other words, these are cookies that are essential for the operation of the site or necessary to perform activities requested by the user.

For the installation of these cookies the prior consent of users is not required, with the obligation to give the information to the user. Technical cookies will therefore always be used and sent, unless the user changes the settings on his browser.

They can be divided as follows
a) browsing or session cookies, which guarantee the normal browsing and use of the Site (allowing, for example, to authenticate to access restricted areas); b) analysis cookies (analytics cookies), assimilated into technical cookies when used directly by the site operator to collect information, in aggregate form, on the number of users and how they visit the site and understand which parts or elements are most appreciated; c) functional cookies, which allow the user to browse according to a series of selected criteria (for example the language, the products selected for purchase) in order to improve the service provided to him/her.

Technical cookies can be:
• persistent cookies: once the browser is closed they don’t get destroyed but remain up to a preset expiration date • session cookies: they get destroyed every time the browser is closed

B. PROFILING COOKIES.
Profiling cookies are designed to create profiles related to the user and are used in order to send advertising messages reflecting the preferences expressed by the user in the context of the browsing. Due to the particular invasiveness that such devices can have in the private sphere of users, European and Italian legislation requires that the user must be adequately informed about their use and express his/her valid consent.

COOKIES MANAGING

At any time, the user may refuse to accept all or some of the cookies used by this Site simply by selecting, on his/her browser, the settings that allow them to be rejected.
Each browser has specific configuration instructions. Further information on the procedures to be followed to disable cookies can be found on the website of the browser provider.
Google Chrome: https://support.google.com/chrome/answer/95647?hl=it
Mozilla Firefox: http://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie
Internet Explorer: https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies
Apple Safari: https://support.apple.com/it-it/guide/safari/sfri11471/mac

Disabling cookies you can still use some parts of the site, but some services may not be able to use.

TYPES OF COOKIES USED BY THE SITE

This Site uses both persistent and session cookies to improve your browsing experience.
This Site uses profiling cookies and "Third Party" cookies.

Concerning the cookies used by third parties, google.com you can consult the privacy policy at the following links:
google.com https://www.google.it/policies/privacy/partners/
statcounter.com https://statcounter.com/about/legal/#privacy


3.RECIPIENTS OF PERSONAL DATA

The processing of the collected data is carried out by the internal staff for this purpose identified and authorized to the processing according to specific instructions given in compliance with current legislation. The data collected, where necessary the execution of the indicated purposes, may be processed by third parties specifically authorized or appointed external Processors, or, as the case may be, communicated to them as independent Controllers, and specifically to companies, associations and professionals (both individuals and legal entities) who provide assistance and advice to the Controller) and / or perform services related to the performance of the purposes indicated.
The Controller agrees to entrust the data exclusively to persons who, through technological connotation, experience, ability and reliability, provide a suitable guarantee of full compliance with the Regulation, with particular regard to data security and respect for the fundamental freedoms of the interested party. Your personal data will not be disseminated.

4. DATA RETENTION PERIOD

All data will be kept for the time necessary for the fulfillment of any obligations, including fiscal or accounting, related or arising from the specific service required, pursuant to art. 5, paragraph 1, letter e) of the Regulation.

5. DATA PROCESSING METHODS

The processing of your personal data will be carried out according to the principles of lawfulness, correctness and transparency, to protect your privacy and your rights. The Data Controller also undertakes to process your data in compliance with the principle of "minimization", ie by acquiring and processing data limited to what is necessary and with organizational and logical methods strictly related to compliance with the stated purposes. These data will be stored on computer media, on paper and on any other type of appropriate support, in compliance with the Regulation, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction.

6. RIGHTS OF THE INTERESTED PARTY

We inform you that you have the right to request the Data Controller:
• access to your data (Article 15 of the Rules);
• data rectification (Article 16);
• deletion of data (Article 17);
• limitation of processing (Article 18).

You also have the right to:
• oppose the data processing (Article 21);
• the data portability (Article 20).

Finally, please note that you have the right to complain with a supervisory authority if you believe there has been a violation of your data and you also have the right to revoke the consent given at any time, without prejudice to the lawfulness of the processing carried out before the revocation. You may exercise your rights at any time by contacting the Data Controller or writing an email to the addresses indicated in point 1.