Dear User, ARCO SPEDIZIONI S.p.A. has great respect for its Customers’ privacy. The data provided by the users via the website will be treated with the utmost care and with all the necessary measures to guarantee their safety, in full compliance with the regulations in force to protect the confidentiality of data. We wish to inform you that the “European Regulation 2016/679 concerning the protection of individuals regarding the processing of personal data, as well as their free circulation” (hereinafter “GDPR”) provides for the protection of individuals with regard to the processing of personal data as a fundamental right. Pursuant to article 13 of the GDPR, therefore, we inform you that:

1. A.DATA CATEGORIES: We may process your personal data such as:

a. Automatically collected data. The computer systems and the programmes dedicated to the operation of this website detect, during their ordinary functioning, some data (which transmission is implied in the use of the Internet communication protocols), potentially associated with identifiable users. The collected data include the IP addresses and domain names of the computers used by the users who log in, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code including the reply state provided by the server (completed successfully, error, etc.) and other parameters concerning the users’ operating system, browser and computer environment, the name of the Internet service provider (ISP), date and time of visit, referral page and logout.

b. Data provided voluntarily by the user Voluntary and explicit sending of e-mails to the addresses listed in the several access channels of this site does not imply a request for consent and involves the acquisition of the sender’s address and data, necessary to reply to requests, as well as of any other personal data included in the message.
Such data are voluntarily provided by the user when requesting provision of the service. By including a comment or other information, the user expressly accepts the privacy policy, and in particular agrees that the included contents are freely spread to third parties, as well.
On the contrary, specific summary guidelines will be displayed on the site pages designated for special services on request (form). The user must therefore explicitly consent to the use of the data reported in the forms in order to send the request.

c. Cookies. The site uses cookies The data collected thanks to cookies may be used to access parts of the site, for statistical purposes or to make the browsing experience more enjoyable and more effective in the future, trying to assess users’ behaviour and to change the offer contents according to their behaviour. For further information, a specific cookie policy is available.

d. Plug-ins. The site incorporates plug-ins and/or buttons for social networks, as well, to allow easy sharing of contents on your favourite social networks. Such plug-ins are programmed not to set up cookies when the users access the page, to protect their privacy. Cookies may be set up, if provided so by social networks, only when the users make actual and voluntary use of plug-ins. If the Users are browsing as logged in the social network, the use of cookies is meant to be accepted via the website when subscribing to the social network. The collection and use of the information obtained by means of plug-ins are ruled by the related privacy policies of the social networks. Please make reference to them.

1. B.DATA CONTROLLER The data controller is ARCO SPEDIZIONI S.p.A., Via Buonarroti, 203 – 20900 Monza (MB) – VAT number 08975100150
2. C.PERSONAL DATA SOURCE: The personal data held by the Data Controller are directly collected from the users.
3. D.PURPOSES OF DATA PROCESSING AND LEGAL BASIS Purposes and legal basis of your data processing:
   1. As for automatically collected data, the legal basis is the data controller’s legitimate interest and the purpose is to ensure and enhance the web surfing experience.
   2. As for data provided voluntarily by the users, the legal basis is the consent and, as for sending e-mails to our addresses, the purpose is to be able to send replies to specific requests made by the users; as for the forms, the purpose is included in the specific guidelines.
   3. As for cookies and plug-ins please make reference to the cookies policy
4. E.CONTACT INFORMATION: For any information contacted the email address: privacy@arcospedizioni.it
5. F.DATA RECIPIENTS: Within the limits relevant to the specified processing purposes, your data may be communicated to partners, consulting agencies, private companies, third party technical service providers, hosting providers, IT companies, communication agencies …
6. G.TRANSFER OF DATA TO A THIRD COUNTRY: We may share some of the collected data with services located out of the European Union. In particular via social plug-ins and Google Analytics. Transfer is authorised and strictly regulated by Article 45, paragraph 1 of EU Regulation 2016/679, hence it does not require specific authorisations.
7. H.RETENTION PERIOD: According to the storage limitation principle (art. 5, GDPR), the obsolescence of the data stored, in relation to the purposes they were collected for, is periodically verified. In particular:
   1. the automatically collected data are processed, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to check regular operation, also for safety purposes or according to the deadlines provided for by Law .
   2. Data voluntarily provided by the users will be kept for a period not exceeding the achievement of the purposes they are processed for or according to the deadlines provided for by Law.
8. I.USERS’ RIGHTS The users are always entitled to request the Data Controller to access, rectify or cancel their data, to limit or object to the processing, to request data portability, to revoke consent to the processing by relying on these and other rights provided for by the GDPR by simple notice to the Data Controller. The users may also lodge a complaint with a supervisory authority.
9. J.MANDATORY OR OPTIONAL CONSENT: Providing data is mandatory when browsing our website concerning points D.1 and D.2 of the above-mentioned purposes, to allow correct provision of the service. Providing consent of your data for points D.3 is optional, instead, and will not compromise the provision of the service in any way.
10. K.DATA PROCESSING METHODS: The personal data provided will be subject to processing operations in compliance with the above-mentioned regulations and confidentiality obligations which the Data Controller’s activity is based on. The data will be processed by IT, paper and any other type of suitable supports, in compliance with the appropriate security measures pursuant to Article 5 paragraph 1 letter F of the GDPR
11. L.FINAL NOTES AND UPDATING METHODS: The privacy policy has been prepared for this website only, and not for other websites which may be browsed by the users via links included in this site. The privacy policy may be modified due to the introduction of new regulations on the subject. The users are therefore welcomed to check this page on a regular basis to be constantly updated with the latest legislation. Previous versions of these guidelines may be requested to the Data Controller, any time.