PRIVACY POLICY

Information pursuant to art. 13 of regulation (EU) 2016/679 on the protection of Personal Data (GDPR).

1. DATA CONTROLLER

1.1. RAMCUBE s.r.l. (hereinafter “Data Controller”) having its seat in Via Parmigianino n. 16 – 20148 Milano (MI), in its vest of the Data Controller of your Personal Data communicated using the website www.ramcube.it (hereinafter “Personal Data”) informs you of the following, pursuant to art. 13 of the regulation (EU) 2016/679 (hereinafter “GDPR”).

2. PURPOSES OF THE PROCESSING AND RELATED LEGAL BASISA

2.1. Your Personal Data are collected and processed without your consent (article 6, letters b – c and f of the GDPR) for the following purposes:

2.1.1. The providing of the relative services that you have requested, including any registration may on www.ramcube.it, or to one or more operations requested through the Data Controller’s site.
2.1.2. Providing for any legal and/or regulatory obligations which may be encountered (e.g. invoicing, bookkeeping)
2.1.3. Meeting the Data Controller’s operating or management requests regarding services and/or products on offer to you.
2.1.4. Protecting the Data Controller’s legal rights both in and out of law courts.

2.2. With your consent (art. 7 of the GDPR), which can be subsequently revoked at any time, for the following purposes:

2.2.1. Marketing and market research: by sending out (via e-mail, mail, telephone, fax and/or text and WhatsApp messages) newsletters and commercial communications relative to products marketed by the Data Controller (and their commercial partners), events organized by the Data Controller, open house, invitation to trade shows of your interest and for the purpose of conducting (via telephone, e-mail and on-line) statistical and marketing analysis and surveys, including customer satisfaction activities. In the event of your giving consent for the purpose of profiling as stated in the following art. 2.2.2, the Data Controller will be allowed to utilize the abovementioned information in order to send you commercial information which may be of interest to you.
2.2.2. Profiling: collection of information about behavior and commercial preferences related to your company’s field in order to improve services provided to our customers, and more specifically in order to analyze information relative to your choices, preferences, interests and habits acquired by you in the context of the services offered.

3. NATURE OF PROVISION OF PERSONAL DATA AND CONSEQUENCES OF THE EVENTUAL REFUSAL

3.1. The provision of Personal Data for the purposes outlined in articles 2.1.1, 2.1.2, 2.1.3 and 2.1.4 above is, therefore, obligatory. Unwillingness to provide said data and/or the written refusal on the part of the person providing said data to allow it to be processed will make it impossible for the Data Controller to fulfill the terms of the contract and lead the Data Controller to potentially violate the requests made by the relevant authorities.
3.2. For the purposes under art. 2.2.1 e 2.2.2 above, the collection of your Personal Data is made on voluntary basis: consequently, you may decide not to provide us with any express consent, or to waive it in any moment. The lack of any express consent to process such data may cause the impossibility for the Data Controller to perform the above-mentioned activities.

4. DATI PERSONALI TRATTATI

4.1. According to the services requested by accessing the site, the Data Controller will be able to process Personal Data of different types:

4.1.1. Browsing data: IT systems and software procedures designed to make this website function come into possession of, during their normal working procedure, some personal data, the transmission of which is implicit when browsing websites. This information is not collected in order to be associated to specifically identified users; however, due to their very nature, they may, through data elaboration and association with personal data held by third parties, allow users to be identified. IP addresses or the computer domain names of users who access the site, the URL addresses of the resources requests, the time of the requests, the method used in the elaboration of the request to the server on the part of the user, the size of the file received in reply, the numerical code Indicating the state of the reply given by the server and other parameters relating to the operating system and the platform used may be found among such data. The abovementioned data are used with the sole purpose of obtaining anonymous statistical information regarding site use and to check it is working properly. Said data are deleted upon their elaboration. The data may be used to determine responsibility should any IT-related crimes damaging the site occur: with the exception of this particular eventuality, data relating to web contacts do not remain on the site for longer than seven days. As far as cookies are concerned, please see our cookie policy.
4.1.2. Personal data provided voluntarily: this includes personal identification data and contact details provided by you through the Data Controller’s website, through e-mail or other electronic communication tools and otherwise. Specifically, the Data Controller may process your personal data essentially for identification purposes such as (to give a non-exhaustive list of examples): name and surname, telephone number, company position and/or corporate framework. The Data Controller will process data provided by you observing the regulations to be applied, on the assumption that they refer to you or to third parties which have expressly authorized you to provide them based on a founded legal basis which legitimizes the use in question thereof.
4.1.3. Cookie: please see our cookie policy, accessible at the link at the foot of every page on this site.

5. MODALITIES OF DATA PROCESSING

5.1. The processing of your Personal Data is carried out by means of the operations indicated in art. 4, no. 2), GDPR and more precisely: collection, registration, organization, structuring, updating, preservation, adaptation or modification, extraction and analysis, consultation, use, communication by transmission, comparison, interconnection, limitation, cancellation or destruction. The Data Controller guarantees the logical and physical security of the data and, in general, the confidentiality of the processed Personal Data, putting in place all the necessary technical and organizational measures to prevent the loss of Personal Data, illicit or, in any case, incorrect use thereof, as well as any unauthorized access by third parties. The processing by the Data Controller of your Personal Data will be based on the principles of correctness, lawfulness, transparency and protection of your privacy and your rights, in accordance with the principles expressed by the GDPR and the Privacy Code (Legislative Decree n. 196/2003). Personal Data may be processed by paper-based instruments, computerized and telematic tools and it will include – in compliance with the limits and conditions provided for by privacy legislation – all the operations or set of operations necessary for the processing at issue. The processing of Personal Data will be carried out in compliance with confidentiality and security rules provided by for European and domestic law, regulations and provisions.

6. CATEGORIES OF PERSONAL DATA RECIPIENTS

6.1. The Personal Data you will submit us for the purposes mentioned under art. 2 above, could be transferred to:

6.1.1. Employees and collaborators of the Data Controller who will act in their capacity as authorized data processing personnel (“Data Processor/s”) and/or to consultants appointed by the Data Controller who need to process Personal Data for the performance of their duties.
6.1.2. Third parties who carry out outsourced activities on behalf of the Data Controller providing specific services as Data Processors pursuant to art. 28 GDPR. For information on the names and relative references of the Processors, you can contact the Data Controller at the following address: privacy@ramcube.it or by mail at the Data Controller headquarter.
6.1.3. To judicial or supervisory authorities, public administrations, public (national and foreign) bodies, in compliance with the provisions of the law and conforming with a previous formal request from such subjects.

6.2. Personal Data will not be disclosed or transferred to third parties. It is understood that, in the event of any extraordinary corporate transactions (e.g. transfer or lease of a company, merger, etc.) concerning the Data Controller, Personal Data could be transferred to third party (buyers/beneficiaries or successors in title to the Data Controller).

7. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

7.1. Personal Data are processed and stored on servers located in the Data Controller headquarter as on the cloud. The complex business structure of the Data Controller implies, necessarily, a cross-border circulation of data that under the law is seen as transfer of data abroad, even outside the territory of the European Union. The transfer to non EU-countries shall always be performed in compliance with the provisions of art. 45 and 46 GDPR, by providing adequate guarantees and subject to an adequacy decision adopted by the European Commission.

8. PERSONAL DATA STORAGE PERIOD

8.1. Your Personal Data will be stored for the period of time strictly necessary for the pursuit of the purposes of the data processing indicated in art. 2 above and, specifically:

8.1.1. For the purposes indicated in art. 2.1: the amount of time required to fulfil contractual obligations and, in any case, no more than 10 years from the moment in which your Personal Data have been collected for the purposes of regulatory obligations and, whatever the case may be, no longer than the terms established by law relating to statutory time limits.
8.1.2. For the purposes indicated in art. 2.2.1 (i.e. for marketing purposes and market research): 24 (twenty-four) months from the moment of acquired consent to the processing or until revocation of your consent or request for its cancellation.
8.1.3. For the purposes indicated in Art 2.2.2 (or for purposes of profiling): hey will be kept for the maximum time identified by the Italian Guarantor for the protection of Personal Data. For purposes of personalized marketing: 12 (twelve) months from the time of the acquired consent or until withdrawal of consent or your request of cancellation.

9. EXERCISABLE RIGHTS

9.1. With reference to your Personal Data you can exercise, at any time, the rights pursuant the GDPR as indicated below:

9.1.1. Right of access to Personal Data art. 15: obtain confirmation whether your data are processed or not and, in such a case, obtain information related, in particular, to: the purposes of such processing, the categories of the processed Personal Data, the storage period, the recipients to whom such data can be transferred, the right to send a complaint to the supervisory authority, the right to request the correction or cancellation or limitation of the processing or to file an opposition to the processing itself as well as the existence of an automated decision-making process.
9.1.2. Right of rectification art. 16: obtain, without undue delay, the rectification of inaccurate Personal Data and to have incomplete Personal Data duly completed.
9.1.3. Right of erasure art. 17: obtain, without undue delay, the erasure of your Personal Data, in the cases provided for by the GPDR.
9.1.4. Right to restriction art.18 – “limitation” means the marking of the data stored with the aim of limiting the processing in the future. This will imply the burden on the part of the Data Controller to suspend the processing of your Personal Data.
9.1.5. Right to Data Portability art. 20: in case of automated processing carried out on the basis of consent or in execution of a contract, to receive your data in a structured format, commonly used and readable by automatic device.
9.1.6. Right to object art. 21: object to the processing of your personal data, unless there are reasons of legitimate interest for the Data Controller to continue processing such data. You also have the right to object to processing where your personal info’s are used for direct marketing purposes.
9.1.7. Oppose the automated decision-making process, including profiling art. 22 – your Personal Data must not be subject to any automatic decision-making process by the Data Processor through the use of personal information or through the customer profiling, unless you have expressed your consent.
9.1.8. Withdrawal of consent: in the event that you have given consent to the collection, processing and transfer of your Personal Data, you have the right to revoke it for such specific processing at any time. Once we receive the notice of withdrawal of consent, we will no longer process your Personal Data, unless these are not based upon other legitimate interest-basis.
9.1.9. File a complaint pursuant to art. 77 to the competent supervisory authority based on your residence, workplace or place of violation of your rights; for Italy, is competent the Italian Guarantor for the protection of Personal Data, which can be contacted via its website: http://www.garanteprivacy.it/.
9.1.10. You may exercise your above listed rights by means of a request to be sent by e-mail to privacy@ramcube.it or by mail to the Data Controller headquarter. Requests relating to the exercise of your rights will be processed without undue delay and, in any case, within 30 (thirty) days of receipt of the request. For further information on the processing of your Personal Data by the Data Controller, you may contact the Data Controller at the following e-mail privacy@ramcube.it or by mail to the Data Controller headquarter.
CMMS3

Rotate your tablet to visualize this website properly.