DATA PROCESSING HOLDER
Dogma Systems Srl a Socio Unico
Via Giacomo Matteotti, 2/C
60020 Polverigi (AN)
VAT Nr. IT02150890420
The Data Protection Officer (DPO) is Mr. Mauro Chiarugi:
amministrazione@dogmasystems.com

TYPES OF DATA COLLECTED
Among the Personal Information collected by this Application, either independently or through
third parties, there are: Cookies, Usage Data, email address, first name, last name, phone
number and various types of Data.

Full details on each type of data collected are provided in the dedicated sections of this privacy
policy or through specific information texts displayed before the data are collected.
Personal Data may be freely provided by the User or, in the case of Usage Data, collected
automatically during the use of this Application.

All the Data required by this Application are mandatory and, in the absence of their provision, it
may be impossible for this Application to provide the service. In cases where this Application
indicates some Data as optional, Users are free to refrain from communicating such Data,
without this having any consequence on the availability of the service or on its operation.
Users who have doubts about which data are mandatory, are encouraged to contact the
owner.

Any use of Cookies – or other tracking tools – by this Application or by third party service
providers used by this Application, unless otherwise specified, is intended to provide the
service requested by the User, in addition to the additional purposes described in this
document and in the Cookie Policy, if available.

The User assumes the responsibility of the Personal Data of third parties published or shared
through this Application and guarantees to have the right to communicate or disseminate
them, freeing the Owner from any liability to third parties.

METHOD AND PLACE OF THE TREATMENT OF DATA COLLECTED

Method of treatment
The Data Controller processes the Personal Data of Users by adopting appropriate security
measures to prevent unauthorized access, disclosure, modification or destruction of Personal
Data.
Processing is carried out using IT and / or telematic tools, with organizational methods and
with logic strictly related to the purposes indicated. In addition to the Data Controller, in some
cases, the Data may have access to the Data subjects of the persons involved in the
organization of the site (administrative, commercial, marketing, legal, system administrators)
or external subjects (as suppliers of third party technical services, postal couriers, hosting
providers, IT companies, communication agencies) also appointed, if necessary, Data
Processors by the Data Controller. The updated list of Managers can always be requested
from the Data Controller.
Place
The Data are processed at the operational headquarters of the Data Controller and in any
other place where the parties involved in the processing are located. For further information,
please contact the owner.
Times
The Data are processed for the time necessary to perform the service requested by the User,
or required by the purposes described in this document, and the User can always ask for the
interruption of treatment or deletion of data.

PURPOSE OF DATA PROCESSING COLLECTED
The Data concerning the User is collected to allow the Owner to provide its services, as well
as for the following purposes: Saving and managing backups, Analytics, Displaying content
from external platforms, Registration and authentication, SPAM protection, Social interaction
external networks and platforms, Remarketing and behavioral targeting and Contacting the
User.
The types of Personal Data used for each purpose are indicated in the specific sections of this
document.

SCOPE OF COMMUNICATION AND POSSIBLE DIFFUSION

The data of customers and customers can be communicated to public administrations or
public service when the application for participation in procedures for the selection of the
contractor is presented, for the purpose of awarding contracts or concessions for the supply of
goods or services, as required by the legislation on public procurement, for purposes of
technical qualification.
The data relating to the contract and service activity can be communicated to commercial
consultants for administrative and accounting purposes and to lawyers for possible
management of disputes.
The data, with the exception of those of a sensitive and judicial nature, may be disclosed to
those (private or public administration), even outside the European Union, in its legitimate
interest and taking advantage of a right expressly attributed to it by specific legislation in force.
subject, requires an assessment of the identity of the service provider provided by Dogma
SystemsTM Srl (a Socio Unico)for investigative purposes or in any case for the protection of
one’s own legitimate interest.
The data may also be communicated or made accessible to the subsidiaries and / or affiliates
of Dogma SystemsTM Srl (a Socio Unico), to other parties involved in the maintenance of IT
systems as well as to the parties involved in specific processing phases, as managers of
Dogma SystemsTM Srl (a Socio Unico), whose names can be verified at the request of the
interested parties.
The data may also be disclosed to police bodies or judicial authorities for the purpose of
ascertaining or suppressing crimes committed by users of electronic services, where
necessary.
The data are not subject to disclosure, except for the data of companies and companies for
commercial reference purposes.

PARTICULAR TREATMENTS FOR THE VERIFICATION OF CUSTOMER IDENTITY
In addition, we inform you that Dogma Systems has adopted a system of audio-video
recording called “Video Secure Identity” (in the abbreviation “ViSI”), which is used for the
identification of the interested party and for the registration of consent, in order to correctly
execute requests for the conclusion of contracts for the supply of goods or for the execution of
services at a distance, without the necessary physical presence.
The data recorded through the ViSI system, in order to issue digital signature certificates and /
or PEC boxes, are stored in digital format for a period of 20 years, in accordance with the
provisions of art.32, co.3 , letter j) of the d. lgs. 82/2005 and s.m.i. (Digital Administration
Code).
As for the “PEC” service, we inform the holders of certified mailboxes that is mandatory by
Dogma Systems, as service provider, registration and retention of traffic data for purposes of

investigation and prosecution of offenses , excluding however the contents of the
communications. Traffic data may be communicated to the judicial authorities and to the police
for the purposes mentioned above.

DETAILS ON THE PROCESSING OF PERSONAL DATA
Personal Data is collected for the following purposes and using the following services:
Mailing list or newsletter
By registering with the mailing list or the newsletter, the User’s email address is automatically
added to a list of contacts to which email messages containing information, including
commercial and promotional information, relating to this Application may be transmitted. The
email address of the User could also be added to this list as a result of registration to this
Application or after making a purchase.
• Personal Data collected: surname, email address and first name

Contact by phone
Users who provided their telephone number may be contacted for commercial or promotional
purposes related to this Application, as well as to satisfy requests for support.
• Personal Data collected: telephone number

Contact form
By filling out the contact form with their Data, the User consents to their use to respond to
requests for information, quotes, or any other kind indicated by the form header.
• Personal Data collected: surname, email address, first name and various types of Data

Interaction with social networks and external platforms
This type of services allows you to make interactions with social networks, or other external
platforms, directly from the pages of this application. The interactions and information acquired
by this Application are in any case subject to the User’s privacy settings related to each social
network. In the event that an interaction service with social networks is installed, it is possible
that, even if the Users do not use the service, the same collect traffic data relating to the pages
in which it is installed;

+1 button and Google+ social widgets (Google Inc.)
The +1 button and Google+ social widgets are services for interacting with the Google+ social
network, provided by Google Inc.

• Personal Data collected: Cookies and Usage Data
• Place of processing: USA – Privacy Policy

Like button and Facebook social widgets (Facebook, Inc.)
The “Like” button and Facebook social widgets are services of interaction with the social
network Facebook, provided by Facebook, Inc.
• Personal Data collected: Cookies and Usage Data
• Place of processing: USA – https://www.facebook.com/about/privacy/

YouTube social button and widgets (Google Inc.)
The button and the social widgets of YouTube are services of interaction with the YouTube
social network, provided by Google Inc.
• Personal Data collected: Usage Data
• Place of processing: USA – Privacy Policy

Protection from SPAM
This type of service analyzes the traffic of this application, potentially containing personal data
of users, in order to filter it from parts of traffic, messages and content recognized as SPAM

Google reCAPTCHA (Google Inc.)
Google reCAPTCHA is a protection service from
Use of the reCAPTCHA system is subject to Google’s privacy policy and terms of use
• Personal Data collected: Cookies and Usage Data
• Place of processing: USA – Privacy Policy

Registration and authentication
By registering or authenticating the User allows the Application to identify it and give it access
to dedicated services. Depending on the following, the registration and authentication services
may be provided with the help of third parties. If this happens, this application will be able to
access some data stored by the third party service used for registration or identification.

Google OAuth (Google Inc.)
Google OAuth is a registration and authentication service provided by Google Inc. and
connected to the Google network.
• Personal Data collected: various types of Data as specified in the privacy policy of the
service.
• Place of processing: USA – Privacy Policy

Remarketing and behavioral targeting
This type of service allows this Application and its partners to communicate, optimize and

serve advertisements based on the past use of this Application by the User. This activity is
carried out by tracking Usage Data and the use of Cookies, information that is transferred to
the partners to whom the activity of remarketing and behavioral targeting is connected. In
addition to the options for the opt-out offered by the following services, the User can opt for the
exclusion from the reception of cookies related to a third party service, by visiting the opt-out
page of the Network Advertising Initiative.

Remarketing with Google Analytics for display advertising (Google Inc.)
Google Analytics for display advertising is a remarketing and behavioral targeting service
provided by Google Inc. that links the tracking activity carried out by Google Analytics and its
Cookies with the Adwords advertising network and the Doubleclick Cookie.
• Personal Data collected: Cookies and Usage Data
• Place of processing: USA – Privacy Policy

Facebook Remarketing (Facebook, Inc.)
Facebook Remarketing is a remarketing and behavioral targeting service provided by
Facebook, Inc. which links the activity of this Application with the advertising network
Facebook.
• Personal Data collected: Cookies and Usage Data
• Place of processing: USA – https://www.facebook.com/about/privacy/

Saving and managing backups
This type of services allows saving and management of backups of this application on external
servers managed by the service provider. These backups may include both the source code
and the contents thereof and the data provided to this Application by the User.

Backup to Google Drive (Google Inc.)
Google Drive is a backup rescue and management service provided by Google Inc.
• Personal Data collected: various types of Data as specified in the privacy policy of the
service.
• Place of processing: USA – Privacy Policy

Statistics
The services contained in this section allow the Data Controller to monitor and analyze traffic
data and are used to keep track of User behavior.

User ID extension for Google Analytics (Google Inc.)
Google Analytics on this Application uses a function called User ID. This allows a more
accurate tracking of Users by assigning each one a unique ID for various sessions and
devices, but in such a way as not to allow Google to personally identify an individual or
permanently identify a specific device. The User ID extension also allows you to connect Data
from Google Analytics with other User Data collected by this Application. The Opt Out link

provided below will disable the tracking for the device you are using, but does not exclude
additional tracking activities made by the Owner. To deactivate the latter, contact the owner
via the contact email address.
• Personal Data collected: Cookie.
• Place of processing: USA – Privacy Policy – Opt Out

Google Analytics with anonymized IP (Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses
the Personal Data collected for the purpose of tracking and examining the use of this
Application, compiling reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualise and personalize the advertisements of its
advertising network. This integration of Google Analytics makes your IP address anonymous.
Anonymisation works by shortening the IP address of the Users within the borders of the
member states of the European Union or in other countries participating in the agreement on
the European Economic Area. Only in exceptional cases, the IP address will be sent to
Google’s servers.
• Personal Data collected: Cookies and Usage Data
• Place of processing: USA – Privacy Policy – Opt Out

Google Analytics (Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses
the Personal Data collected for the purpose of tracking and examining the use of this
Application, compiling reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualise and personalize the advertisements of its
advertising network
• Personal Data collected: Cookies and Usage Data
• Place of processing: USA – Privacy Policy – Opt Out;

Google Tag Manager (Google Inc.)
Google Tag Manager is a statistical service provided by Google Inc
• Personal Data collected: Cookies and Usage Data.
• Place of processing: USA – Privacy Policy

Tracking conversions of Google AdWords (Google Inc.)
Google AdWords Conversion Tracking is a statistics service provided by Google Inc. that links
data from the Google AdWords ad network with actions taken within this Application
• Personal Data collected: Cookies and Usage Data
• Place of processing: USA – Privacy Policy

Tracking conversions of Facebook Ads (Facebook, Inc.)
Tracking conversions of Facebook Ads is a statistics service provided by Facebook, Inc. that

connects data from the Facebook ad network with the actions performed within this
Application.
• Personal Data collected: Cookies and Usage Data.
• Place of processing: USA – Privacy Policy

Displaying content from external platforms
This type of service allows you to view content hosted on external platforms directly from the
pages of this application and interact with them. In the event that a service of this type is
installed, it is possible that, even if the Users do not use the service, the same collect traffic
data relating to the pages in which it is installed.

Google Fonts (Google Inc.)
Google Fonts is a service of visualization of styles of character managed by Google Inc. that
allows this Application to integrate such contents within its pages.
• Personal Data collected: Usage Data and various types of Data as specified in the
privacy policy of the service
• Place of processing: USA – Privacy Policy

Google Maps widget (Google Inc.)
Google Maps is a map visualization service managed by Google Inc. that allows this
application to integrate such contents within its pages.
• Personal Data collected: Cookies and Usage Data.
• Place of processing: USA – Privacy Policy

YouTube Video Widget without cookies (Google Inc.)
YouTube is a video content display service managed by Google Inc. that allows this
application to integrate such content within its pages. This widget is set so that YouTube does
not save information and cookies about Users on this Application, unless they play the video.
• Personal Data collected: Usage Data.
• Place of processing: USA – Privacy Policy

YouTube Video Widget (Google Inc.)
YouTube is a video content display service managed by Google Inc. that allows this
application to integrate such content within its pages.
• Personal Data collected: Cookies and Usage Data
• Place of processing: USA – Privacy Policy
Wistia (Wistia, LLC)
Wistia is a video content visualization service managed by Wistia, LLC that allows this
application to integrate such contents within its pages.

• Personal Data collected: Cookies and Usage Data.
• Place of processing: USA – Privacy Policy

Required Location

Permission required FINE_LOCATION

FINE_LOCATION is used in app for to get location data, if it is not present we cannot get latitude and longitude of user current location which is required for our car CHECKIN and CHECKOUT. Also it is required in our module Inventory for the same purpose. Background permission is used in android version greater than 30, therefore it is added.

ADDITIONAL INFORMATION ABOUT TREATMENT

Defense in court
The User’s Personal Data may be used by the Owner in court or in the stages leading to his
possible establishment for the defense against abuse in the use of this Application or related
services by the User.
The User declares to be aware that the Data Controller may be required to disclose the Data
at the request of the public authorities.

Specific information
At the request of the User, in addition to the information contained in this privacy policy, this
Application may provide the User with additional and contextual information regarding specific
services, or the collection and processing of Personal Data.

System logs and maintenance
For needs related to operation and maintenance, this Application and any third party services
used by it may collect System Logs, which are files that record the interactions and which may
also contain Personal Data, such as the User IP address.

Information not contained in this policy
More information in relation to the processing of Personal Data may be requested at any time
to the Data Controller using the contact information.

Exercise of rights by Users
The subjects to whom the Personal Data refer have the right at any time to obtain confirmation
of the existence or otherwise of the same with the Data Controller, to know its content and
origin, to verify its accuracy or request its integration , the cancellation, updating, rectification,
transformation into anonymous form or blocking of Personal Data processed in violation of the
law, as well as to oppose in any case, for legitimate reasons, to their processing. Requests
should be addressed to the Data Controller.
This Application does not support “Do Not Track” requests.
To know if any third-party services used support them, the User is invited to consult their
respective privacy policies.

Changes to this privacy policy
The Data Controller reserves the right to make changes to this privacy policy at any time by
giving notice to Users on this page. Please therefore consult this page often, referring to the
date of the last modification indicated at the bottom. In case of non-acceptance of the changes
made to this privacy policy, the User is required to cease using this Application and may
request the Data Controller to remove his Personal Data. Unless otherwise specified, the
previous privacy policy will continue to apply to Personal Data collected until then.

Exercise of the rights of the interested party
The interested party has the right to request, at any time, the modification of the structures
governed by this paragraph through the exercise of the rights referred to in the following
paragraph

The rights of the interested party
The interested party may exercise the rights referred to in articles 15 to 22 of the European
regulation 679/16

Art 15 – Right of access by the data subject
1. The data subject shall have the right to obtain from the controller confirmation as to
whether or not personal data concerning him or her are being processed, and, where
that is the case, access to the personal data and the following information:
a. the purposes of the processing;
b. the categories of personal data concerned;
c. the recipients or categories of recipient to whom the personal data have been or
will be disclosed, in particular recipients in third countries or international
organisations;
d. where possible, the envisaged period for which the personal data will be stored,
or, if not possible, the criteria used to determine that period;
e. the existence of the right to request from the controller rectification or erasure of
personal data or restriction of processing of personal data concerning the data
subject or to object to such processing;
f. the right to lodge a complaint with a supervisory authority;
g. where the personal data are not collected from the data subject, any available
information as to their source;

h. the existence of automated decision-making, including profiling, referred to in
Article 22(1) and (4) and, at least in those cases, meaningful information about
the logic involved, as well as the significance and the envisaged consequences
of such processing for the data subject.

2. Where personal data are transferred to a third country or to an international
organisation, the data subject shall have the right to be informed of the appropriate
safeguards pursuant to Article 46 relating to the transfer.
3. The controller shall provide a copy of the personal data undergoing processing. For any
further copies requested by the data subject, the controller may charge a reasonable
fee based on administrative costs. Where the data subject makes the request by
electronic means, and unless otherwise requested by the data subject, the information
shall be provided in a commonly used electronic form.
4. The right to obtain a copy referred to in paragraph 3 shall not adversely affect the rights
and freedoms of others.

Art 16 – Right of rectification
The data subject has the right to obtain from the data controller the correction of inaccurate
personal data concerning him without undue delay. Taking into account the purposes of the
processing, the data subject has the right to obtain the integration of incomplete personal data,
also by providing an additional declaration.

Art 17 – Right to cancellation
1. The data subject has the right to obtain from the data controller the deletion of personal
data concerning him without undue delay and the data controller is obliged to cancel
the personal data without undue delay if one of the following reasons exists:
• personal data are no longer necessary with respect to the purposes for which
they were collected or otherwise processed; 4.5.2016 EN Official Journal of the
European Union L 119/43;
• the interested party revokes the consent on which the processing is based in
accordance with Article 6 (1) (a) or Article 9 (2) (a) and whether there is no other
legal basis for the processing;
• the interested party opposes the processing pursuant to Article 21 (1) and there
is no legitimate overriding reason to proceed with the processing or opposes the
processing pursuant to Article 21 (2);
• personal data have been processed unlawfully;
• personal data must be deleted to fulfill a legal obligation under Union or Member
State law to which the controller is subject;

• the personal data have been collected in relation to the information society
service offer referred to in Article 8 (1).

2. The controller shall, if he / she has made personal data public and is obliged, pursuant
to paragraph 1, to delete it, taking into account the available technology and
implementation costs, shall take reasonable steps, including technical measures, to
inform the data controllers who are processing personal data of the request of the
person concerned to delete any link, copy or reproduction of his personal data.
3. Paragraphs 1 and 2 shall not apply to the extent that treatment is necessary:
• for the exercise of the right to freedom of expression and information;
• for the fulfillment of a legal obligation requiring treatment under Union law or the law of
the Member State to which the controller is subject or for the performance of a task
carried out in the public interest or in the exercise of public authority as the data
controller is invested;
• for reasons of public interest in the public health sector in accordance with Article 9 (2)
(h) and (i) and Article 9 (3);
• for the purposes of archiving in the public interest, for scientific or historical research, or
for statistical purposes in accordance with Article 89 (1), insofar as the right referred to
in paragraph 1 risks rendering impossible or seriously affecting the achievement of the
objectives of this treatment;
• for the assessment, exercise or defense of a right in court.

Art 18 – Right to limit the processing
1. The data subject has the right to obtain from the data controller the limitation of
processing when one of the following hypotheses occurs:
• the interested party disputes the accuracy of personal data, for the period
necessary for the data controller to verify the accuracy of such personal data;
• the processing is illegal and the interested party opposes the cancellation of
personal data and asks instead that its use is limited;
• although the data controller no longer needs it for processing purposes,
personal data are necessary for the data subject to ascertain, exercise or
defend a right in court;
• the interested party objected to the treatment pursuant to Article 21 (1), pending
verification of the possible prevalence of the legitimate reasons of the data
controller with respect to those of the interested party

2. If the processing is restricted pursuant to paragraph 1, such personal data shall only be
processed, except for storage, with the consent of the data subject or for the
establishment, exercise or defense of a right in court. or to protect the rights of another
natural or legal person or for reasons of significant public interest of the Union or of a
Member State. L 119/44 EN Official Journal of the European Union 4.5.2016.
3. A data subject which has obtained a processing restriction pursuant to paragraph 1
shall be informed by the controller before the limitation is revoked.

Art 19 – Right to obtain notification from the data controller in cases of rectification or
cancellation of personal data or cancellation of the same
The controller shall inform each of the recipients to whom the personal data have been
transmitted of any correction or cancellation or limitation of the processing carried out in
accordance with Article 16, Article 17 (1) and Article 18, unless proves impossible or involves
a disproportionate effort. The data controller informs the recipient of these recipients if the data
subject requests it.

Art 20 – Right to portability
1. The data subject shall have the right to receive personal data concerning him / her
provided to a data controller in a structured, commonly used and readable form by
automatic device and has the right to transmit such data to another data controller
without impediments on the part of the data controller to whom he has provided them if:
• processing is based on consent pursuant to Article 6 (1) (a) or Article 9 (2) (a) or
on a contract within the meaning of Article 6 (1) (b) ;
• the treatment is carried out by automated means.
2. In exercising its rights relating to the portability of data in accordance with paragraph 1,
the data subject shall have the right to obtain direct transmission of personal data from
one controller to another, if technically feasible.
3. The exercise of the right referred to in paragraph 1 of this Article shall be without
prejudice to Article 17. This right does not apply to the treatment necessary for the
performance of a task carried out in the public interest or in connection with the
exercise of official authority as the data controller is invested.
4. The right referred to in paragraph 1 must not affect the rights and freedoms of others.

Art 21 – Right of opposition
1. You have the right to object at any time, for reasons connected with your particular
situation, to the processing of your personal data pursuant to Article 6, paragraph 1,
letters e) of), including profiling on the basis of these provisions.
The data controller refrains from further processing personal data unless he
demonstrates the existence of binding legitimate reasons to proceed with the
processing that prevail over the interests, rights and freedoms of the data subject or for
the assessment, exercise or the defense of a right in court.
2. If personal data are processed for direct marketing purposes, the data subject has the
right to object at any time to the processing of personal data concerning him / her for
such purposes, including profiling in so far as it is related to such marketing direct.

3. If the data subject objects to processing for direct marketing purposes, personal data
are no longer processed for these purposes. 4.5.2016 EN Official Journal of the
European Union L 119/45
4. The right referred to in paragraphs 1 and 2 shall be explicitly brought to the attention of
the interested party and shall be presented clearly and separately from any other
information at the latest at the time of the first communication with the data subject.
5. In the context of the use of information society services and without prejudice to
Directive 2002/58 / EC, data subjects may exercise their right to object by automated
means using technical specifications.
6. Where personal data are processed for the purposes of scientific or historical research
or for statistical purposes in accordance with Article 89 (1), the data subject shall have
the right to object to the processing of personal data for reasons connected with his
particular situation concerning him, unless the treatment is necessary for the execution
of a task of public interest

Art 22 – Right to refuse the automated process
1. You have the right not to be subjected to a decision based solely on automated
processing, including profiling, which produces legal effects concerning yourself or
which significantly affects your person.
2. Paragraph 1 shall not apply where the decision:
• is necessary for the conclusion or execution of a contract between the data
subject and a data controller;
• is authorized by the law of the Union or of the Member State to which the
controller is subject, which also specifies appropriate measures to protect the
rights, freedoms and legitimate interests of the data subject;
• is based on the explicit consent of the person concerned.
3. In the cases referred to in paragraph 2 (a) and (c), the controller shall implement
appropriate measures to protect the rights, freedoms and legitimate interests of the
data subject, at least the right to obtain human intervention from the holder treatment,
to express their opinion and to challenge the decision.
4. The decisions referred to in paragraph 2 shall not be based on the particular categories
of personal data referred to in Article 9 (1), unless Article 9 (2) (a) or (g) applies, and
adequate measures to protect the rights, freedoms and legitimate interests of the data
subject are not in force.
In this sense, the data subject is allowed to access his / her data for:
• Verify its veracity;
• Change them if they become inaccurate;
• Integrate them also with a supplementary declaration;

• Request cancellation;
• Limit the treatment;
• Oppose to treatment;
• The data controller is obliged to respond without undue reason.

Data cancellation
DOGMA SYSTEMS Srl A Socio Unico, in compliance with the corresponding right of access to
the interested party, has prepared procedures for which the interested parties can request the
cancellation without unjustified delay of personal data or the limitation of the processing of
personal data concerning them for the following reasons:
• Because the data are no longer necessary for the purposes for which they were
collected
• Because the interested party has revoked the consent
• Because the interested party opposes the treatment
• Because the data is treated illegally

DEFINITIONS AND LEGAL REFERENCES

Personal Data (or Data)
It constitutes personal data any information relating to a natural person, identified or
identifiable, even indirectly, by reference to any other information, including a personal
identification number.

Usage Data
This information is collected automatically by this Application (or by third-party applications
that this Application uses), including: IP addresses or domain names of the computers used by
the User that connects with this Application, the addresses in Uniform Resource Identifier
(URI) notation, the time of the request, the method used in submitting the request to the
server, the size of the file obtained in response, the numerical code indicating the status of the
response from the server (success, error, etc. ) the country of origin, the characteristics of the
browser and the operating system used by the visitor, the various temporal connotations of the
visit (for example the time spent on each page) and the details relating to the itinerary followed
within the Application, with particular reference to the sequence of pages consulted, to the
parameters related to the operating system and to the IT environment you.

User
The individual who uses this application, which must coincide with the interested party or be
authorized by him and whose personal data are being processed.
Interested
The natural or legal person to whom the Personal Data refers.

Data Processor (or Manager)
The natural person, legal person, public administration and any other body, association or
body appointed by the Data Controller to process Personal Data, as prepared by this privacy
policy.

Data Controller (or Holder)
The natural person, legal entity, public administration and any other body, association or body
to which they are responsible, even together with another owner, decisions regarding the
purposes, methods of processing personal data and the tools used, including the profile of the
security, in relation to the operation and use of this Application. The Data Controller, unless
otherwise specified, is the owner of this Application.

This Application
The hardware or software tool through which the Personal Data of Users are collected.

Cookie
Small portion of data stored in the User’s device.

Legal references
Notice to European Users: this privacy statement has been prepared in fulfillment of the
obligations under Art. 10 of the Directive n. 95/46 / EC, as well as the provisions of Directive
2002/58 / EC, as updated by Directive 2009/136 / EC, concerning Cookies.