Privacy policy
This privacy policy intends to illustrate in a transparent and detailed way the management methods of the website ago-goal.it with reference to the purposes and methods by which personal data of the users are collected, recorded and used.
This information does not extend to websites with different owners, accessible through links on this website and over which GOAL hasn’t any kind of control.
Pursuant to art. 13 Reg. (EU) n. 679/2016 (so-called "GDPR") relating to the protection of individuals about the processing of personal data, as well as the free circulation of such data, GOAL S.r.l., VAT number 10341970969, with registered office in 20129 Milan (MI), viale Luigi Majno, 38, e-mail privacy@ago-goal.it, as Data Controller and in relation to the data to be processed, informs users of the following.
1) Type of data processed and purpose of processing.
● Common data. These data are voluntarily provided by the user: name, surname, email address, phone number or any other personal data provided optionally, explicitly and voluntarily in the area dedicated to contacts, in the private area, or for the registration to GOAL’s mailing list/newsletter.
The processing of all common personal data provided by the user will be carried out to respond to any contact requests made and transmitted to the Data Controller. Therefore, each treatment will take place exclusively in execution of the request made by the user and in full compliance with the applicable legislation.
In case the user lends his express consent to join the mailing list / newsletter, the email address of the user will be added to the contact list of those who will receive e-mail messages containing information of a commercial nature or promotion regarding GOAL. In this case, the processing may therefore also be aimed at sending update emails.
For this purpose, the Data Controller could use the third-party platform Mailchimp for the management of the newsletter, in its GDPR compliant version, owned by The Rocket Science Group LLC, based in Georgia, USA, a country adhering to the Privacy Shield agreement that regulates and protects the transfer of EU-US personal data (Privacy Policy – Cookie Policy).
● Browsing data. The computer systems and software procedures used to operate this website automatically acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. These are the IP addresses or the domain names of the computers, the addresses in URI (Uniform Resource Identifier), the time of request, the method used in forwarding the request to the server, the size of the file obtained in reply, the numerical code indicating the status of response from the server (successful, error, etc..), the country of origin, the features of the browser used by the visitor, the operating system, the various time of the visit (for example, the time spent on each page) and the details about the path followed within the site, with particular reference to the sequence of pages, the parameters relating to the operating environment and system.
The processing of the browsing data collected will be carried out to allow the user to use the website correctly, as well as for the purpose of interacting with external social networks and platforms, for statistical purposes and for viewing content from external platforms. More precisely:
Interaction with social networks and external platforms
This type of service allows interaction with social networks or other external platforms
directly from the pages of this or site. The interaction and information obtained are always subject to the privacy settings of each social network.
This type of service can collect traffic data concerning the pages where the service is installed.
It is advisable to log out of the respective services to make sure that the data processed on these applications are not connected to the User's profile.
LinkedIn button and social widget (LinkedIn Corporation)
The button and the social LinkedIn widgets are interactive services with the social network LinkedIn provided by LinkedIn Corporation. Personal data processed: Cookies, Usage data. Place of processing: United States (Privacy Policy).
2) Optional nature of providing Data.
Except what discussed with reference to Browsing data, users are free to provide their personal data by forwarding e-mails through the appropriate contact area. In some cases, however, failure to provide personal data could make it impossible for GOAL to follow up on the users’ requests.
Regarding the use and processing of common personal data of the users for marketing purposes and sending information and promotional communications, including commercial ones, it is specified that users’ consent is mandatory and, therefore, in its absence, the Data Controller will not be able to carry out any activity/processing for this purpose.
3) Data Retention.
The acquired data will be kept exclusively for the period necessary to achieve the purposes for which they are collected. At the end of the retention period, all personal data will be deleted.
4) Data transfer abroad.
The data may be transferred abroad even outside the territory of the European Union, as highlighted under par. 1). Some of these countries are considered by the European Commission as countries that ensure an adequate level of protection, in other cases, the data processor will perform the transfer of data according to the terms contract type approved by the European Commission to protect the user. Consistently with the purposes indicated above, the personal data may be disclosed - with different access levels depending on the tasks assigned - to the staff in charge of the Data Controller responsible for the IT management of IT services and, in any case, in charge the functional activity to the proper provision of the services that the user requests. In the transfer activity, IT and technical security systems are used to guarantee the confidentiality of the data.
5) Rights of the User.
The user, as an interested party, has the right at any time to:
Withdraw consent at any time
The User can revoke the consent to the processing of his Personal Data previously
expressed. However, the exercise of this right does not affect the lawfulness of the processing based on the consent given before the revocation.
Oppose the processing of data
The User can always object to the processing of Data when it occurs on a legal basis other than consent.
Further details on the right to object are indicated in the section below.
Access data
The User has the right to obtain information on the
Data processed by the Data Controller, on certain aspects of the processing and to receive a copy of the Data processed.
Verify and ask for rectification
The User can verify the correctness of Data and request their updating or correction.
Obtain the limitation of the processing
When certain conditions are met, the User can request the limitation of the processed Data.
In this case, the Data Controller will not process the Data for any other purpose than their conservation.
Obtain the cancellation or removal of personal Data
When certain conditions are met, the User can request the cancellation of the Data.
Receive their data or have them transferred to another Data Controller
The User has the right to receive data in a structured format,
commonly used and readable by an automatic device and, where technically feasible, to obtain the transfer without obstacles to another owner. This provision is applicable when
Data are processed with automated tools and the processing is based on the User's consent, on a contract to which the User is a party or on contractual measures connected to it.
Propose a complaint
The User can lodge a complaint with the competent personal data protection supervisory authority or act in court.
Details on the right to object
When the Personal Data are treated in the public interest, in the exercise of official authority or to pursue a legitimate interest of the Data Controller,
the user is entitled to object to the treatment for a reason related to a particular situation.
Users are reminded that, if their data are processed for direct marketing purposes, they can oppose the processing without providing any reasons.
To find out if the Data Controller processes data for direct marketing purposes, Users can refer to the respective sections of this document.
Please note that the Data Controller is GOAL S.r.l., VAT number 10341970969, with registered office in 20129 Milan (MI), viale Luigi Majno, 38, to which it is possible to make any request and/or complaint at the following e-mail address: privacy@ago-goal.it.