Cookie & Privacy Policy

Browsing data

During ordinary activity, the IT systems and software procedures designed for the functioning of the website acquire some personal data which is implicitly shared when using internet communication protocols. This information is not gathered for specific purposes but, due to its very nature, through processing and by association with data withheld by third parties, it may allow to identify users. Data which falls within this category includes: IP addresses or domain names of computers used by users access the website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtain in response, the numeric code which identifies the state of the response given by the server (success, error, etc.) and other parameters pertaining to the operating system and the user's IT environment. This data is used only to obtain anonymous statistical information pertaining to the use of the website and in order to verify its correct functioning; it is immediately deleted after the processing. This data could be used to verify responsibility in the event of hypothetical IT crimes to the detriment of the website.

Profiling data

No profiling data is directly acquired in relation to the consumption habits or choices of the data subject.

Cookies

Like other websites, this website stores the cookies on the browser used by the data subject in order to transfer personal information and to enhance the experience. As a matter of fact, cookies are strings of small-sized text which the websites visited by the user send to the terminal (usually the browser) where they are stored, even for long periods of time, and are then re-transferred to the websites upon the next visit.

As explained below, it is possible to choose if and which cookies to accept, bearing in mind that, refusing to use cookies, could have an impact on the possibility of carrying out some transactions on the website or on the precision and appropriateness of some recommended customisable content, or on the ability to identify the user upon a subsequent visit. If no choice is made in this regard, the pre-established settings and all the cookies will be activated; in any case the data subject can, at any time, choose their preferences or make amendments.

Technical cookies

We use technical cookies, specifically the so-called session cookies, which are not stored permanently on the users' computer and disappear when the browser is closed. Their use is strictly limited to sharing the session's ID data (random numbers generated by the server) required to enable safe and efficient website browsing and which make it possible to avoid using other IT techniques which may impact on the user's browser confidentiality and do not allow the acquisition of personal user ID. Then we use analytics cookies which help to understand how users interact with website content, gathering information (geographical info, web background info, technology used, language, pages accessed, visited and exited, time spent on the website, etc.) and generating statistics pertaining to the use of the website without personally identifying individual visitors. All of these are deemed technical cookies for which user permission is not required; therefore, the opt-out mechanism applies. Technical cookies are not disclosed to third parties as they are necessary or useful for the functioning of the website; therefore, they are only treated by qualified individuals such as data clerks, processing managers or systems administrators.

Third Party Cookies

Lastly, the website incorporates cookies and other elements (tags, pixels, etc.) belonging to third parties (both independent and of which the Holder has no responsibility) which perform profiling activities. For these cookies, please see the relevant websites:

https://policies.google.com/technologies/cookies

Data voluntarily provided by the user

The optional, explicit and voluntary disclosure of an email address to the addresses indicated on the website entails the subsequent acquisition of the address of the sender, which is necessary to reply to requests, and of any other personal data included in the email. Even the voluntary and explicit disclosure of the forms filled out on the website which contain the data of the data subject require processing in order to adhere to the pre-contract obligations or to execute the services set forth by sending the forms. Such information in the forms can refer to biographical data, contact data, addresses, phone numbers, email addresses of the data subjects and third parties identified and identifiable with the website user. In any case, specific summary information will be progressively indicated or viewed on the pages of the websites designed for specific upon request services.

Newsletters and Mailing lists

The email contacts used to send information from the website come from the voluntary registrations on behalf of the recipient whose confirmation is always requested, in addition to information acquired for product sales, services provided by the Holder or similar activities. This includes the disclosure of information, promotional communications and material. We hereby highlight that contacts are not acquired through public subscriber directories. If the communications are not of interest to the recipient, it is possible to avoid any further contact, by clicking on the link contained in every message or by writing to the contacts at the bottom of this page, exercising one's right to be removed from the newsletter.

Bookings

The system upon registration allows us to request information for the services provided.

Reserved Area

The information (texts, videos and images) that the user downloads from the reserved area is protected via encoding and authentication systems and is accessible only to authorised users, or to the direct data subjects and/or the intermediaries involved. Such information is not disseminated.

Purposes and Legal Basis of the data processing

Personal data is used (in ref. to art. 6 (b) of the GDPR):

to allow website browsing

to potentially carry out the service requested within the realm of the normal activities carried out by MAXEMA SRL (Ateco Code 22.29.02 production of plastic stationery).

Furthermore, all personal data can be treated:

for purposes connected to obligations set forth by laws and provisions set by authorities who have permission to do so in accordance with the law (see articles 6(c) and 9 (b, g, h) of the GDPR);

for the confirmation, execution or defence of a right in a judicial and extra-judicial context (legitimate interest) on behalf of the undersigned company (see articles 6(f) and 9(f) of the GDPR);

for direct marketing purposes, according to the legitimate interest, specifically of the Holder; for cookies and advertising IDs used to show advertisements and announcements; for emails to send newsletters; for browsing and user logs to protect the site and service from cyber-attacks; in this case, the data subject can always deny consent so the Holder can withdraw from processing (see articles 6(f) of the GDPR);

for purposes pertaining to the activity for which the data subject has the right to give or deny his consent; for example, adhering to the newsletter to receive information, promotions and sales of products and services, customer satisfaction feedback, sending data to third-party managers to receive information, promotions and marketing (GDPR art. 6 (a));

with the consent of the data subject in the case of sensitive data (see art. 9(a) of the GDPR)

Data Processing Method

Data processing connected to web services takes place through automated tools for the time required to execute the actions for which the data was collected; it takes place in servers located in Italy and is managed by technical staff responsible for processing or people responsible for maintenance and administration operations. Specific safety measures are observed to prevent the loss of data, illegal and incorrect use, unauthorised access and the loss of privacy. The structure is equipped with anti-intrusion devices, firewalls, logs and disaster recovery. Specific data encryption and segregation mechanisms are used, as are user authentication and authorisation.

Data processing entails its collection, registration, organisation, preservation, processing, amendment, cancellation and destruction or the combinations of two or more of such operations. With regard to the above-mentioned purposes, the personal data processing occurs via manual and IT tools, with logics which are strictly correlated to the purposes; in any case, in order to guarantee the safety and confidentiality of the personal data, the data will be processed within the respect of the methods set forth in art. 5 Reg. EU 2016/679, which foresees, amongst other things, that the data is processed in a legal manner and correctly, gathered and registered for specific, explicit, exact and legitimate purposes, and, if necessary, updated, pertinent, complete and not exceeding the purposes of the processing. This is done in the respect of the user's rights and fundamental freedoms, and the dignity of the data subject with particular reference to confidentiality and personal identity, through measures of protection and safety. The undersigned company has implemented and will further perfect the safety access and data preservation system.

There is no automated decisional process (e.g. profiling).

Data storage period

The personal data will be preserved for as long as the processing purposes are in force in relation to the processed data category.

Recipient Categories

The (essential) data is shared:

  1. with data processing clerks and managers, both internal and external to the undersigned company, who carry out specific tasks and operations (website admin, data browsing analysis, traffic, email management and forms sent voluntarily by the user, carrying out requests and orders, etc.)
  2. in the cases and by the subjects indicated by the law;

The data will not be disseminated unless required by the law in an anonymous form; the data subject will be informed in advance. With the exception of what is specified for cookies and third-party elements, without the prior general consent of the data subject to third-party communications, it will be possible to carry out only the services which do not foresee such communications. In case of need, specific and deliberate consent will be requested and the subjects who receive the data will use them as autonomous holders. In some cases (not subject to the ordinary management of this website), the Authority can ask news and information for purposes of personal data management monitoring. In these cases, a response is compulsory; failure to respond will incur in an administrative sanction.

Rights of the data subject

At any moment, the data subject can: exercise his/her rights (accessibility, rectification, cancellation, limitation, portability, opposition, absence of automated decision processes) where applicable against the processing holders, pursuant to articles from 15 to 22 of the GDPR (see below); complain to the Guarantor (www.garanteprivacy.it); if the processing is based on consent, revoke the consent given, considering that the revocation of the consent does not affect the lawfulness of the processing based on the consent before the revocation.

Disabling Cookies

Almost all browsers offer the chance to manage and activate cookies in a way that respects user preferences. In some browsers, it is possible to set rules to manage the cookies site by site; this option offers a more precise user privacy control; another function available on some browsers is the incognito browse mode that eliminates all the cookies generated once the browser is closed.
Consult the following instructions for cookie management on the different browsers:

  1. Chrome: https://support.google.com/chrome/answer/95647?hl=it
  2. Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
  3. Internet Explorer 11: http://windows.microsoft.com/it-it/windows-vista/block-or-allow-cookie
  4. Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT

Contacts

The data processing holder is Maxema srl in the person of its temporary legal representative, Moro Massimiliano.
The Data Protection Officer is Moro Massimiliano.
The headquarters are located in Via Vittime delle Foibe, 15, Volpiano, (TO) cap. 10888.
The contact details are: phone +39 0119704500; fax +39 0119704550; e-mail maxema@maxema.com
The complete list of data processing managers is available upon request.