Privacy Policy
This Application collects some Personal Data from its Users.
This document can be printed using the print command in any browser settings.
Data Controller
XMS Group
Email address of the Data Controller: [info@xmsgroup.it](mailto:info@xmsgroup.it)
Types of Data collected
Among the Personal Data collected by this Application, either independently or through third parties, are: various types of Data; name; email; cookies; usage data.
Full details on each type of data collected are provided in the dedicated sections of this privacy policy or by specific information texts displayed prior to data collection.
Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of this Application.
Unless otherwise specified, all Data requested by this Application is mandatory. If the User refuses to provide it, the Application may not be able to provide the Service. In cases where this Application indicates some Data as optional, Users are free not to provide such Data without any consequences on the availability or operation of the Service.
Users who are uncertain about which Data is mandatory are encouraged to contact the Controller.
The possible use of Cookies – or other tracking tools – by this Application or by the owners of third-party services used by this Application, unless otherwise specified, is aimed at providing the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy, if available.
The User assumes responsibility for the Personal Data of third parties obtained, published, or shared through this Application and guarantees to have the right to communicate or disseminate it, releasing the Controller from any liability towards third parties.
---
### Methods and place of Data processing
Processing methods
The Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data.
Processing is carried out using IT and/or telematic tools, with organizational methods and logics strictly related to the purposes indicated. In addition to the Controller, in some cases, other parties involved in the organization of this Application (administrative, sales, marketing, legal staff, system administrators) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) may have access to the Data and may also be appointed, if necessary, as Data Processors by the Controller. The updated list of Data Processors can always be requested from the Data Controller.
Legal basis of processing
The Controller processes Personal Data relating to the User if one of the following conditions applies:
* the User has given consent for one or more specific purposes
* processing is necessary for the performance of a contract with the User and/or for pre-contractual measures
* processing is necessary for compliance with a legal obligation to which the Controller is subject
* processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller
* processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party
It is always possible to ask the Controller to clarify the specific legal basis of each processing activity, and in particular, to specify whether the processing is based on the law, provided for by a contract, or necessary to conclude a contract.
Location
Data is processed at the operational offices of the Controller and in any other place where the parties involved in the processing are located. For more information, please contact the Controller.
User’s Personal Data may be transferred to a country other than the one where the User is located. For more information on the location of processing, the User can refer to the section on details about the processing of Personal Data.
Users have the right to obtain information regarding the legal basis of data transfers outside the European Union or to an international organization governed by public international law or formed by two or more countries, such as the UN, as well as regarding the security measures adopted by the Controller to protect the Data.
The User can verify whether any of the above-mentioned transfers take place by examining the relevant sections of this document or by asking the Controller using the contact details provided.
Retention period
Data is processed and stored for as long as required by the purposes for which it was collected.
* Personal Data collected for purposes related to the execution of a contract between the Controller and the User will be retained until such contract has been fully executed.
* Personal Data collected for purposes related to the legitimate interests of the Controller will be retained until such interests are met.
* When processing is based on the User’s consent, the Controller may retain Personal Data for a longer period until such consent is withdrawn.
Once the retention period expires, Personal Data will be deleted. Therefore, after this period expires, the right of access, deletion, rectification, and data portability can no longer be exercised.
---
### Purpose of Data Processing
User Data is collected to allow the Controller to provide the Service, comply with legal obligations, respond to requests or legal actions, protect its rights and interests (or those of Users or third parties), detect malicious or fraudulent activity, as well as for the following purposes: contacting the User, interaction with social networks and external platforms, displaying content from external platforms, and statistics.
For more detailed information on the purposes of processing and the Personal Data processed for each purpose, the User may refer to the section “Details on the processing of Personal Data.”
---
### Details on the processing of Personal Data
Contacting the User – Contact form (this Application)
By filling in the contact form with their Data, the User consents to their use to respond to requests for information, quotes, or any other nature indicated by the form’s header.
Personal Data processed: email; name; various types of Data.
Interaction with social networks and external platforms
This type of service allows interaction with social networks or other external platforms directly from the pages of this Application.
Interactions and information acquired by this Application are subject to the User’s privacy settings for each social network.
This type of service may still collect traffic data for pages where the service is installed, even if Users do not use it.
Facebook “Like” button and social widgets (Facebook, Inc.)
The Facebook “Like” button and social widgets are services allowing interaction with the Facebook social network, provided by Facebook, Inc.
Personal Data processed: Cookies; Usage data.
Processing location: United States – Privacy Policy.
Statistics – Google Analytics with anonymized IP (Google LLC)
Google Analytics is a web analysis service provided by Google LLC. Google uses the collected Data to track and analyze the use of this Application, prepare reports, and share them with other Google services.
This integration anonymizes your IP address.
Personal Data processed: Cookies; Usage data.
Processing location: United States – Privacy Policy – Opt Out.
Displaying content from external platforms – Google Fonts (Google LLC)
Google Fonts is a font display service provided by Google LLC that allows this Application to incorporate such content within its pages.
Personal Data processed: Usage data; various types of Data.
Processing location: United States – Privacy Policy.
---
### User Rights
Users may exercise certain rights regarding their Data processed by the Controller, including:
* Withdraw consent at any time
* Object to data processing
* Access their Data
* Verify and request correction
* Request restriction of processing
* Request deletion or removal of their Data
* Receive their Data and have it transferred to another controller
* Lodge a complaint with the relevant data protection authority
How to exercise rights
To exercise their rights, Users may send a request to the Controller using the contact details provided in this document. Requests are processed free of charge and handled by the Controller as soon as possible, in any case within one month.
---
### Cookie Policy
This Application uses tracking tools. For more information, Users may consult the Cookie Policy.
---
### Legal action
User’s Personal Data may be used by the Controller in legal proceedings or in the preparatory stages leading to possible legal action due to misuse of this Application or related Services by the User.
---
### Changes to this privacy policy
The Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if possible, on this Application, as well as, where technically and legally feasible, by sending a notice to Users via one of the contact details available to the Controller. Users are encouraged to check this page frequently, referring to the date of the last modification indicated at the bottom.
Where changes affect processing whose legal basis is consent, the Controller will collect the User’s consent again if necessary.
---
Legal references
This privacy statement is drafted based on multiple legislative systems, including Articles 13 and 14 of Regulation (EU) 2016/679 (GDPR).
Unless otherwise specified, this privacy policy exclusively concerns this Application.
