Data Controller

Aermec SpA, info@aermec.com

Type of Data collected

The Personal Data collected by this Application, autonomously or through third parties, include: Cookies,

Use data, geographical position, email, name, surname, username, password, country and city.

Other Personal Data collected could be indicated in other sections of this privacy policy or through

information viewed when the Data themselves are collected.

The Personal Data can be entered voluntarily by the User or be collected automatically while using this

Application.

Any use of Cookies - or other tracking instruments - by this Application or by the controllers of third party

services used by this Application, when not otherwise specified, is to identify the User and record the

relative preferences for purposes strictly linked to providing the service requested by the User.

The User not providing their Personal Data could block this Application from providing its services.

The User is liable for the Personal Data of third parties published or shared through this Application and

guarantees that they have the right to communicate or disclose them freeing the Controller of any liability

towards third parties.

How and where Data collected is

processed

How data is processed

The Controller processes the Personal Data of Users using security measures that block the unauthorised

access, disclosure, modification or destruction of Personal Data.

Data is processed using electronic and/or computer means, applying organisational methods and logic

that is strictly linked to the purposes indicated. In some cases, along with the Controller, parties involved

in organising the services could have access to the Data (personnel, commercial, marketing, legal

administration and system administrators) or external parties (such as the suppliers of third party technical

services, postal couriers, hosting providers, computer companies, communication agencies) Processors

appointed by the Controller if needed. The Data Controller can always be asked to provide an updated

list of Processors.

Place

The Data are processed in the operational offices of the Controller and wherever the parties involved in

processing are located. For further information please contact the Controller.

Time

The Data are processed for the time needed to perform the service requested by the User, or required

by the purposes described in this document. The User may always ask for Processing to be interrupted

and the Data deleted.

Purpose of the Data Processing

User Data are collected to enable the Controller to provide its services and for the following purposes:

Statistics, Registration and authentication, Access to accounts on third party services, Interaction based

on position, Management of addresses and to send email messages, Hosting and back-end

infrastructures, Monitoring the infrastructure, Contract the User.

The Personal Data types used for each purpose are indicated in the specific sections of this document.

Details of Personal Data

Processing

The Personal Data are collected for the following purposes and using the following services:

Access to accounts on third party services

This type of service enables this Application to collect Data from your accounts on third party services

and perform actions with them. These services are not activated automatically; they require the express

consent of the User.

Management of addresses and sending email massages

This type of service enables management of an email contact database, or contacts of any other kind,

used to communicate with the User. These services could also enable collection of data related to the

date and time messages are viewed by the User and how the User interacts with them, as well as

information on clicks on connections found in the messages.

Personal Data collected: email.

Hosting and back-end infrastructures

This type of service hosts data and files that enable the Application to operate, allow distribution and

make a ready-to-use infrastructure available to allocate specific Application functionalities. Some of these

services operate through servers located in different geographical areas, making it difficult to know exactly

where the Personal data are stored.

OVH

OVH is a service supplied by OVH SAS Correspondant informatique et libertés – 2, Rue Kellermann -

59100 Roubaix.

Personal Data collected: sundry Data types based on what is specified by the service privacy policy.

Place of processing: France - Privacy Policy

Interaction based on the position

Geo-localisation (This Application)

This Application can collect, use and share Data related to the geographical position of the User, in order

to provide services based on that position. Most browsers and devices have pre-defined tools that can

be used to deny geographical tracking. If the User should specifically have authorised the possibility, this

Application can receive information on their geographical position.

Personal Data collected: geographical position.

Infrastructure monitoring

This service enables the Application to monitor the use and conduct of its components, to improve

services and functionalities, for maintenance or to resolve problems. The Personal Data processed

depend on the characteristics and implementation methods of these services, which by their very nature

filter Application activities.

Personal Data collected: sundry Data types based on what is specified by the service privacy policy.

Registration and authentication

Through registration and authentication the User enables the Application to identify them and provide

access to dedicated services. Based on what is indicated below, the registration and authentication

services could be supplied by third parties. If this happens, this application can access some Data stored

by the third party service used for registration of identification.

Personal Data collected: sundry Data types based on what is specified by the service privacy policy.

Statistics

The services in this section enable the Data Controller to monitor and analyse traffic data and are used

to keep track of User conduct.

Google Analytics (Google Inc.)

Google Analytics is a website analytic service supplied by Google Inc. (“Google”). Google uses the

Personal Data collected to track and examine how this Application is used, fill in reports and share them

with the other services developed by Google. Google could use the Personal Data to contextualise and

personalise the adverts on its advertising network.

Personal Data collected: Cookies and use Data.

Place of processing: USA – Privacy Policy – Opt Out

Statistics collected directly (This Application)

This Application uses an internal statistic system that does not involve third parties.

Personal Data collected: Cookies and use Data.

Further information on the

Personal Data

Push notifications

This Application can send the User push notifications.

Unique device identification

This Application can track Users by saving a unique identification code for their device, for statistical

purposes or to store User preferences.

More information on processing

Legal defence

The User’s Personal Data can be used for Controller defence in court or in the preparatory stages of its

possible establishment, against abuse in its use or of connected services by the User. The User declares

it is aware that the Controller could be asked to reveal Data by the public authorities.

Specific information notices

At the User’s request, in addition to the information in this privacy policy, this Application could provide

the User with additional and contextual information on specific services, or the collection and processing

of Personal Data.

System and maintenance logs

For needs linked to operations and maintenance, the Application and any third party services used by it

could collect system Logs; that is files recording interaction and which could contain Personal Data such

as the User’s IP Address.

Information not contained in this policy

The Data Controller can be asked for more information on the processing of Personal Data at any time

by using the contact details.

Exercising of rights by Users

The subjects that the Personal Data refer to have the right, at any time, to receive confirmation of whether

the Data Controller is holding their information or not, to know content and origin, to check whether they

are correct and request they be integrated, deleted, updated, rectified, turned into an anonymous format

or blocked if the Personal Data processing breaches the law and. in any case, object to processing on

legitimate grounds. Requests must be sent to the Data Controller.

This Application does not support “Do Not Track” requests. To know whether any third party services

used support them, the User is kindly asked to consult the relative privacy policies.

Changes to this privacy policy

The Data Controller reserves the right to make any changes to this privacy policy at any time notifying

Users on this page. Please consult this page often, taking the date of the last change indicated at the

bottom as reference. If they should not accept the changes made to this privacy policy, the User is kindly

asked to stop using this Application and may ask the Data Controller to remove their Personal Data.

Unless specified otherwise, the previous privacy policy will continue applying to the Personal Data

collected until that moment.

Information on this privacy policy

The Data Controller is responsible for this privacy policy, drafted starting from modules prepared by

Iubenda and stored on its servers.

Definitions and legal references

Personal Data (or Data)

Any information related to an identified or identifiable natural person is personal data, even indirectly,

through reference to any other information, including a personal identification number.

Use Data

Are the information collected automatically by this Application (or by the third party applications that this

Application uses), including: IP addresses or the domain names of computers used by the User

connecting to this Application, the URI (Uniform Resource Identifier) notation addresses, the time the

request was made, the method used to submit the request to the server, the size of the file obtained in

response, the numerical code indicating the server response status (successful, error, etc.) the country

of origin, the browser characteristics of the operating system used by the visitor, the various time notes

of the visit (for example time spent on each page) and details of the route followed in the Application, with

special reference to the page sequence consulted, parameters related to the User’s operating system

and computer environment.

User

The individual using this Application, which must coincide with the Data Subject or be authorised by the

latter and whose Personal Data are being processed.

Data Subject

The physical or legal person that the Personal Data refer to.

Processor

The physical, legal person, public administration or any other entity, association or body appointed by the

Controller to process the Personal Data, as envisaged by this privacy policy.

Data Controller (or Controller)

The physical, legal person, public administration and any other entity, association or body responsible,

even with another controller, for decisions related to the purposes, methods of processing of the personal

data and tools used, including the security profile, related to the operation and use of this Application.

Unless specified otherwise, the Data Controller is the owner of this Application.

This Application

The hardware or software tool used to collect the Personal Data of Users.

Small portion of data stored in the User’s device.

Legal references

Notice to European Users: this privacy policy is drafted in compliance with obligations established by Art.

10 of Directive no. 95/46/EC and what is established on cookies in Directive 2002/58/EC, as updated by

Directive 2009/136/EC.

This privacy policy only concerns the AerSuite Application.