Accessing and consulting the website www.atam.it (hereinafter the “Website”), in particular as regards the “Work with us” and “Contact us” sections on the Contacts page, can result in the processing of your personal data by ATAM S.p.A., with registered office in Italy, 20864 Agrate Brianza (MB), via Archimede 7, tax code and VAT number IT09868530156 (hereinafter the “Company”), which will be conducted in compliance with the current laws and regulations. The regulations in force regarding the protection of personal data of natural persons foresees the obligation to provide the individuals involved with an adequate informative statement in the case of the collection of personal data regarding them. The present document contains a brief explanation of the methods, conditions, and terms of processing by the Company of any personal data collected through the Website. This explanation is supported by the information contained in other adequately published Company documents. 

II. SUBJECTS INVOLVED IN THE PROCESSING OF PERSONAL DATA 

The processing of personal data covered by this document involves both the subject referenced by the processed data (the “Data Subject”), and the Company identified above (the “Data Controller”) in the person of the pro-tempore legal representative, who can be contacted at the following e-mail address: info@atam.it. 

The Company has also nominated certain external agents for the processing of their data (hereinafter the “Data Processors”), these being companies engaged to supply services for the management and maintenance of company data processing systems or components thereof: the full list of the Data Processors nominated by the Company will be provided on specific request submitted by e-mail to the Data Controller. 

In some cases during their routine operation, computer systems and software procedures operating the Website acquire certain personal data, the transmission of which is implicit to the use of the Internet communication protocols. This information is not collected in order to be associated with identified subjects, but by its nature could allow identification of users. This data category includes IP addresses or domain names of users' computers connecting to the Website, addresses in URI (Uniform Resource Identifier) notation of requested resources, times of request, methods used to submit requests to the server, size of files received in response, numerical codes indicating the responses returned by the server (OK, error, etc.), and other parameters regarding users' operating systems and computer environments. These data are used for the sole purpose of establishing anonymous statistical information on the use of the Website and to check its correct operation, and they are cancelled immediately after processing. These data could also be used to establish responsibility in cases of hypothetical cybercrimes against the Website. 

The legal basis for data processing in these cases is founded on the need to obtain instruments for improving services to Website users and to fulfill legal requirements (for example as regards the possible identification of any offenders). 

Optional, explicit, and voluntary submission of personal data by the Data Subject to the e-mail addresses present on this Website, or by way of registration, result in the acquisition and processing by the Company of the data submitted by the Data Subject, as required for the provision of services or for dispatch of requested information. The processing of data submitted or acquired through the Website will be conducted with the purpose of: delineating identification profiles for users to access the Website at their discretion; delineating user profiles in order to optimize and customize the services available after registration; and as required to satisfy the obligations and exercise the specific rights of the Data Controller or Data Subject as regards their access to the “Work with us” and “Contact us” sections on the Contacts page of the Website. Communication of data to the Data Controller by the Data Subject is a necessary condition to permit respectively: (i) comparison between the information provided with available work opportunities; (ii) replies to requests for information from the Data Subject to the Company for any purpose or reason, including the dispatch of the Company's product and service catalogues; and (iii) dispatch of the newsletter and informative messages, wherein failure to submit said data would result in the impossibility of fulfilling the requested actions. When submitting requests, the Data Subject is requested to give specific consent for the processing of their data by ticking the relevant box. Specific consent is also requested for subscription to the newsletter, which comprises a periodic dispatch of informative messages to the addresses of the Data Subject. 

The legal basis for the processing of the data in these cases is founded on the necessity for processing in order to elaborate requests for collaboration or for other reasons, submitted to the Company through the Website, and for the submission of related communications to the Company. 

Please note that for the correct operation of the Website only technical cookies are used, and during the use of the Website no profiling or third-party cookies are used for profiling the Data Subject. The Website utilizes the functions provided by the Google Analytics service. Google Analytics uses “cookies”, these being text strings sent to users' computers from visited websites where they are memorized in order to be retransmitted to the same websites during subsequent access to the Internet by the user, in order to collect and analyze in anonymous form information on behavior during use of websites. This information (including the user's IP address) is collected by Google Analytics, which analyses it with the purpose of drafting reports for the Company regarding the use of its Website. Google does not associate IP addresses to any other data in their possession, nor attempts to connect IP addresses to individual user identities. Google may also communicate these data to third parties when this is required by law or when said third parties are processing said information on behalf of Google. For more information on how Google collects and processes your data, please consult the website: www.google.it/policies/privacy/partners/ 

The Company notes that total or partial disabling of the so-called technical cookies (these being navigation cookies that allow the Website to operate correctly and enable the delivery of services requested by users) may compromise the functionality of the Website. In all cases users may decide whether or not to accept cookies by modifying the security settings of their browsers. Note that it is possible to selectively disable the activity of Google Analytics by installing in the browser the opt-out component provided by Google. In order to disable the action of Google Analytics, follow the hyperlink: https://tools.google.com/dlpage/gaoptout 

Apart from the above specifications for navigation data, the Data Subject is free to choose to submit their own personal data. However, failure to submit the same may make it impossible to obtain what is requested and limit the use of the Website. 

Personal data are processed, also using automated instruments, for the time strictly necessary to fulfill the purposes for which they were collected, and in all cases for a maximum period of ten years from the date of acquisition by the Company. Specific security measures are taken to prevent the loss of the data, illicit or incorrect use, and unauthorized access. The Company has implemented adequate technical and organizational measures to ensure a level of security for the data appropriate for the level of risk. 

The collected data may be transferred or communicated, in addition to the Data Processors, also to Company personnel who, operating under the direct authority of the Data Controller, will be responsible for processing the data and who will receive in this respect adequate operating instructions from the Data Controller. The data may also be communicated to companies for activities strictly connected and instrumental to the implementation of the service, like the management of the IT system. The personal data may be communicated to third parties, but only in cases in which this is strictly necessary in order to fulfill requests from the Financial, Administrative, Legal, or Public Security Authorities, and the Data Controller excludes transfer of the data to third party countries outside the European Union or to international organizations, save, if the same becomes necessary, the provision of specific notification of the same. 

For the entire duration of storage of the data of the Data Subject, the same is entitled to:

• Request the Data Controller for access to their data and be informed regarding the methods and purposes for which said data is processed, to obtain the correction or cancellation if incomplete, erroneous, or collected in violation of law; 

• Restrict processing or oppose the same on the grounds provided for in the regulations in force; 

• Receive in a structured, commonly used, machine readable format the personal data relevant to them at the end of the period of storage;

• Submit a complaint to a control authority (the Italian Data Protection Authority).