What Types of Information We Collect
While not all information that you provide or that we collect is personally identifiable information, this policy includes all information that we collect, that you provide, or that is provided to us by a third party, including personally identifiable information. Personally identifiable information includes, but is not limited to, your name, address, phone number, email address, user name and password for restricted access portions of our sites and those of our partners, and information about your devices used to access the sites. While providing some requested information on our sites is completely voluntary (for example, participating in surveys), certain parts of our sites require your personally identifiable information to either access the site or to permit the site to process correctly. This policy covers both mandatory information that you provide, as well as any voluntary information that you provide.
Additional examples of information that we collect include:
- User content, created by you during your use of a site
- Payment information, when purchasing a product or service from us
- Device information, such as your type of device, your IP address, and your service provider
- Usage information and browsing history while you are accessing any of our sites
- Location data
- Demographic information
How We Collect Information
We receive and store any information you knowingly enter on a site, whether via computer, mobile phone, other wireless device, or that you provide to us in any other way. We also receive and store information that is automatically collected through the technology. In addition, we receive and store information that is provided by third parties. We explain each method for collecting information and the types of information collected through each method in greater detail below.
This policy does not apply to websites, services or practices of companies that we do not own or control, which are subject to their own terms and conditions, even if they help us operate our sites or even if you interact with us. However, this policy does apply to information that is collected by us through third-party websites, social media sites, or services.
Information That You Provide
You may choose to voluntarily provide us with information about you at various places on the sites. Information, including personal information, may be collected at any point on our sites. You may provide information to us when you engage in any of the following activities:
- Purchase, order, return, exchange, or request information about our products or the sites;
- Create an account;
- Contact customer service;
- Participate in interactive features on the sites;
- Connect, discuss, tag, tweet, post, pin, or otherwise mention us or the sites through a social media service;
- Sign up for emails, mobile messages or social media notifications;
- Enter a contest or sweepstakes;
- Participate in a survey or a focus group;
- Provide a review, an image, an opinion, or similar content;
- Apply for employment; and
- Make comments, suggestions or provide other input on any of the sites.
YOU ARE SOLELY RESPONSIBLE FOR THE CONTENT OF THE INFORMATION YOU PROVIDE ON THE SITES AND AGREE TO PERMIT US TO ACCESS, USE OR REUSE SUCH CONTENT AS PERMITTED IN THIS POLICY AND IN OUR USER GENERATED CONTENT POLICY, IF APPLICABLE.
Automatically Collected Information
The sites automatically log information about you from your browser or mobile device when you visit the sites. The sites may use tracking pixels, web beacons, cookies and other technology to get and store information like your IP addresses, clickstream data, date and time of visits, and browser, Operating System and Internet Service Provider information, as well as other information.
Cookies enable us to offer secure pages to you without asking you to sign in repeatedly. Most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser, and you can also set how you wish the browser to delete cookies. Disabling cookies may affect the functionality of a site or may require that you re-enter data each time you visit a site, however.
Web beacons and other technologies like pixels allow us and our authorized third parties to monitor and collect certain information about users of the sites, web-based documents, e-mail messages or other communications, such as the type of browser requesting the web beacon, the device identifier of the device that the web beacon is sent to and the time the web beacon was viewed.
Information Provided By Third Parties
We engage with service providers that we use, data management or analytics companies, advertising networks, demographics companies, third parties that provide us information about you and your devices, and other collaborative third parties. We also receive information about you from our family of companies, including subsidiaries, affiliates, and parent, that you have interacted with.
How We Use the Information That We Collect and Store
We and authorized third parties engaged by us to provide services may use the information on the basis of various legal grounds, which are more fully explained in this section. We may use the information for compliance purposes, in situations where you provide consent for its use, as might be required to perform a contract with you, or for legitimate business purposes. More specifically, legitimate business purposes may include the following:
- Authenticate your identity,
- Associate your data with a unique identifier,
- Send you information,
- Deliver promotional material, including coupons, mobile coupons, newsletters and marketing communications, receipt messages, emails mobile messages, and other electronic forms of communication,
- Process and respond to requests for products, information or services,
- Fulfil and manage purchases, orders, payments, returns, or exchanges,
- Administer contests, sweepstakes and promotions,
- Conduct research and analysis,
- Manage customer service,
- Create aggregate reports that do not identify you personally,
- Customize or tailor your experience on any of our sites,
- Combine the various pieces of information that we have about you,
- Improve the sites,
- Improve or inspire our products,
- Market our products;
- Improve our internal operations (including troubleshooting, testing and analyzing usage),
- Count unique users/browsers, visits and page views;
- Monitor traffic and conversion patterns through our various product and service offerings on the sites,
- Determine whether messages were opened, links were clicked or notifications/offers were acted upon,
- Other uses consistent with our legitimate business purposes;
- Help prevent fraudulent transactions, and
- Assist law enforcement, monitor against theft or other crime or breach, and respond to subpoenas (Such disclosures may be carried out without notice to you.).
How We Share Information
We are not in the business of selling or renting your personally identifiable information. We may share information about you with third parties under the following circumstances; however, these third parties are not permitted to share or use the information for any purposes, except providing services to us:
- to help us market our products (for example, special offers) and some third party marketing or advertising purposes, though we do not share personally identifiable information about you with third parties for third party marketing or advertising purposes not consistent with the terms of this policy and applicable law;
- to provide data analysis and strategy services;
- when you consent to disclosure;
- with our parent, subsidiaries, divisions, and affiliates; and
- to enforce or apply our agreements or protect our rights.
We may disclose personally identifiable information under special circumstances, such as to comply with subpoenas, court orders, legal process or other valid law enforcement measures; to comply with a legal obligation; at the request of governmental authorities conducting an investigation; to verify or enforce compliance with the policies governing the sites and applicable laws; to protect the legal rights, interests, or safety of the sites, our users or others; or when your actions violate our terms. Such disclosures may be carried out without notice to you.
We may transfer personally identifiable information as an asset in connection with a proposed or actual merger or sale (including any transfers made as part of an insolvency or bankruptcy proceeding) involving all or part of our business or as part of a corporate reorganization, stock sale or other change in control.
How We Secure Information
The sites take appropriate organizational, technical, administrative, and physical precautions to protect your personally identifiable information in compliance with applicable laws. We outsource a team that is responsible for implementing information security controls that are appropriate for the nature of the data involved. Our information security procedures are reviewed regularly and updated as necessary to meet the sensitivity of the information we handle, our legitimate business needs, and regulatory changes, as well as to respond to changing technology. While we believe our measures reduce the likelihood of security problems to a level consistent with the type of data involved, we cannot guarantee the security of your personal information.
How We Retain Information
Social Media Platforms
You may have rights under various Indina and other laws. We will honour your rights under applicable data protection laws. Your rights may vary under the laws of each country. Please contact us using the information in the “Contact Information” Section below to make a request to access your information for a permitted purpose under applicable law. If you are not satisfied with our handling of your access request, you may have the ability to lodge a complaint with the appropriate supervisory authority if you live, work, or were infringed upon within the European Economic Area.
We provide mechanisms for updating and correcting your personal information on the sites. If you have registered for an online account, you may access and update certain personal information that you have provided to us by logging into your online account and using the features and functionalities available there.
In addition, you may also make a request for access to, to rectify or remove, or to restrict use of your personal information by sending an email at firstname.lastname@example.org. You may also have rights to object to your personal information being used, to ask for the transfer of personal information you have made available to us and to withdraw consent to the use of your personal information. Please contact us at email@example.com to make a request.
We may request additional information from you in order to verify your identity before accommodating an access request. If we are unable to honour a request, we will explain why.
Opting Out of Certain Contact
We may contact you if you have opted in to receive messages from us. If you no longer wish to receive messages, you may opt out of receiving these communications by changing your notification settings in your account or by opting out of a mobile messaging campaign or by unsubscribing via the opt-out link included in each e-mail or by otherwise following the instructions in the applicable technology. You may also opt out at any time by emailing firstname.lastname@example.org. You may also manage some third party advertising preferences through third party opt-out and do-not-call programs. In addition, you may choose not to provide your location to us in connection with your use of our mobile applications by declining any prompt requesting location information and by customizing your mobile device settings to prevent sharing of location information. If you turn off ad tracking or location tracking, we will no longer use information collected from your device’s advertising identifier for the purposes of advertising.
If you are not 16 or older, you are not authorized to use the sites. We do not solicit or knowingly collect any personal information from children, and we will delete any information later determined to be from a user younger than 16.
Notification of Changes
This Policy is effective April 01, 2019.
GDPR PRIVACY NOTICE
- GENERAL INFORMATION
This is to inform you that relationships established with Archnit International. and/or with other companies in the Archnit and/or associated companies (Data Controllers) may involve the processing of personal data in accordance with the following general principles:
• all data are processed lawfully, fairly and in a transparent manner in relation to the Data subject, in accordance with the general principles laid down in Article 5 of the GDPR;
• specific security measures are observed to prevent loss of data, unlawful or incorrect use of them, modification of the data and unauthorized access.
Companies with registered and/or administrative office in 309, Pride Classic,Near Patidar Chowk, Sadhuvasvani Road, Rajkot 360005, Gujarat-India:
Email address: email@example.com
- SUBJECT OF THE PROCESSING
The Data Controller may collect the following types of data:
2.1. Personal data processed
The Data Controller processes personal data of contacts, visitors, clients, suppliers, candidates, employees, holders of corporate offices, website users and third parties, acquired and used in the context of the business activity carried out by the Data Controller.
The data collected relate to, for example: first name, family name, company name, personal/financial details, profession, address, telephone, email, and bank and payment references.
2.2. Cookies and browsing data
Among the browsing data collected are IP addresses or the domain names of computers used by users who connect to the website, the addresses of the resources requested, the time of the request, the method used to make the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment.
2.3. Images and videos
Archnit International is authorized to use, edit, reproduce and publish images and/or audio and video recordings of the Data Subject, and those of his or her children who are minors, taken during events organized by Archnit International (also in the case of events managed by third parties) in which the Data Subject takes part.
These images/recordings are the property of Archnit International who is entitled to modify them and correct them, without prejudice to the safeguarding of the decency and dignity of the Data Subject.
Recordings and photographs taken may be disseminated by means of internal communication tools (e.g. intranet, etc.) or external ones: sustainability report, Archnit International website or group sites, social media (Instagram, Facebook, Youtube etc.), trade-fair events (either in Italy or abroad), competitions, exhibitions, publications, films and company communications.
The Data Subject releases Archnit International. and the other companies that are Data Controllers from any liability concerning any unlawful, illegitimate or incorrect use of images and audio and video recordings by third parties.
The use of images and audio and video recordings is granted free of charge by the Data Subject.
Archnit International is not obliged to mention the name of the Data Subject recorded and/or photographed.
2.4 Specific information: CCTV systems
There is a CCTV system in operation in certain areas of the company premises; this has been installed and is used for the purposes of securing and safeguarding assets (legitimate interest of Controller). The areas subject to recording are suitably signed with specific signs saying CCTV IN OPERATION. The recordings will be kept for periods of time compatible with the limits laid down by prevailing legislation. Only internal officials, regularly authorized and instructed, may access the recordings, as well as external subjects appointed for possible maintenance activities on the system and/or surveillance services.
- PURPOSES AND LEGAL BASIS FOR THE PROCESSING
The personal data is processed to:
• comply with the obligations laid down by the law, by a regulation, by Indian rules or by an order from the authorities;
• marketing purposes (including sales communications, promotions and invitations to events, newsletters and communications for company initiatives);
• profiling purposes, for marketing activities;
• exercise a legitimate interest as well as a Controller’s right (for example: the right to a defence in a court of law, the safeguarding of credit positions, ordinary internal operational, management and accounting requirements);
• conclude contractual relationships and grant professional appointments;
• evaluate/hire new personnel and manage the work relationship;
• fulfil pre-contractual, contractual, administrative and fiscal obligations deriving from existing relationships, as well as manage the necessary communications connected with these and safeguard the rights generated by the relationship.
The above purposes represent suitable legal bases for the lawfulness of the processing according to Article 6, subparagraph 1, points (b), (c) and (f) of the GDPR. If it is intended to carry out processing for different purposes the appropriate consent will be requested from the data subjects.
Lack of consent to the processing of personal data will render it impossible to establish a relationship with the Data Controller.
- METHODS OF PROCESSING
Personal data are subject to processing as referred to in Article 4 paragraph 2 of the GDPR, either in paper or in electronic and/or automated form. The Data Controller will process the personal data for the time necessary to fulfil the purposes for which they were collected and the relative legal obligations.
- SCOPE OF THE PROCESSING
The data are processed by regularly authorized and instructed internal persons in accordance with Article 29 of the GDPR. The Data Subject may request the scope of communication of his or her personal data, obtaining information on the external persons who operate as independent Data Processors or Controllers (consultants, technicians, banks, hauliers, etc.). We would also inform you that the personal data may be subject to communication between the Group’s companies and/or dissemination and/or transfer to non-EU countries. The Florim group uses Microsoft cloud services and outsourcing companies to manage and store data, and these bodies undertake to guarantee compliance with the GDPR.
If it should be necessary, in the context of bids/tenders or in complying with regulatory obligations (e.g. joint and several liability, laws against bribery, organized crime, money laundering, etc.) to acquire from clients/suppliers the personal data of their employees, it is agreed between the parties that Archnit International and/or the other companies who are Data Controllers will be legally authorized for the processing as external Processor (Article 28 GDPR) or as an authorized person (Article 29 GDPR). In the context of this relationship Florim and/or the other companies who are Data Controllers undertake to process these data in accordance with the requirements for compliance laid down by the GDPR, guaranteeing their possible communication to further subjects exclusively in the context of specific legal obligations.
- RECIPIENTS OF THE DATA
The personal data may be communicated to external subjects operating as data controllers, for example, supervisory and monitoring authorities and bodies and in general public or private subjects legally authorized to request the data, such as, for example:
- Financial Administrators and other agencies and public service corporations in fulfilment of regulatory obligations.
• Financial Administrators and other agencies and public service corporations upon request of the same.
The data may be processed, on behalf of the Controller, by external subjects appointed as data processors, who carry out specific activities on behalf of the Controller, such as:
• Agents and brokers for our company.
• Shipping agents for dispatching products ordered.
• Banks for managing payments.
• Agencies, or other bodies, appointed to provide commercial information or send publicity or information material.
• Business information companies.
• Companies and legal offices for protecting rights arising from the contract.
• Archnit International information systems and outsourcing companies for data management and storage.
- RIGHTS OF THE DATA SUBJECT
Archnit International and/or the other companies who are Data Controllers guarantee that you can exercise at any time the rights laid down in Article 12 of the GDPR. In particular, you have the right:
• to know if the Controller holds and/or processes personal data relating to the you and to access them fully, and also to obtain a copy (Article 15 Right of access);
• to rectify inaccurate personal data or to supplement incomplete personal data (Article 16 Right to rectification);
• to erase personal data in the Controller’s possession if one or more of the grounds laid down in the GDPR applies (Article 17 Right to erasure);
• to ask the Controller to restrict the processing only of some of the personal data, if one of the reasons laid down in the GDPR applies (Article 18 Right to restriction of processing);
• to request and receive all the personal data processed by the controller, in a structured, commonly used and machine-readable format or to request that those data are transmitted to another Controller without hindrance (Article 20, Right to data portability);
• to object, wholly or in part, to the processing of personal data for purposes of sending publicity materials and market research (Article 21 Right to object);
• to object, wholly or in part, to the processing of personal data by automated or semi-automated means for profiling purposes.
• to lodge a complaint with the competent supervisory authority of the Member State in which the data subject resides or works or of the State in which the presumed infringement has taken place.
These rights may be exercised by notifying the Data Controller at the following email address: firstname.lastname@example.org.