ABCreator.it: Gestione evoluta utensili speciali - ABCreator è un sofwtare di ABTools - Pescara - Italia

Politica della privacy

INFORMATION ON THE PROCESSING OF PERSONAL DATA
Pursuant to Article 13 of Regulation (EU) 2016/679 (GDPR) and Legislative Decree No. 196/2003 as amended by Legislative Decree No. 101/2018
Last updated: March 2026

ABTools S.r.l., hereinafter referred to as the "Company" or "Data Controller", acting as Data Controller pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 ("GDPR") and Legislative Decree No. 196/2003 ("Privacy Code"), as amended by Legislative Decree No. 101/2018, provides this notice with reference to personal data processed through the website www.abtools.it and within contractual relationships.

1. Data Controller
      ABTools S.r.l.
      Via Raiale 116
      65128 Pescara (PE)
      Tel: 085 52.77.5
      VAT No.: 09049300016
      E-mail: info@abtools.it

2. Data Protection Officer (DPO)
The Company has assessed the obligations concerning the designation of a Data Protection Officer (Art. 37 GDPR). Where appointed, the DPO’s contact details will be published on this page. For any matter related to the processing of personal data, please contact the Data Controller at the e-mail address indicated in section 1.

3. CATEGORIES OF PERSONAL DATA PROCESSED

3.1 Data processed during the contractual relationship
The object of processing is the personal data provided by the interested party (hereinafter "DATA SUBJECT") during interactions with the Company through the website www.abtools.it, such as:

• personal data
• place of birth
• place of residence
• tax code
• VAT number
• unique SDI code / PEC address (for electronic invoicing)
• telephone number
• e-mail address
• bank details (IBAN)

and their subsequent variations, as well as the additional data that will be provided by the INTERESTED PARTY or acquired by the Company during the contractual relationship ("PERSONAL DATA" or "DATA").

All such information is to be considered Personal Data pursuant to the applicable legislation to the extent that it directly or indirectly refers to identified or identifiable natural persons (e.g. directors, employees, managers, collaborators, consultants of the contractual counterpart).
For example, the VAT number of a legal entity does not fall within the definition of Personal Data.


3.2 Navigation data and cookies
The Company’s computer systems acquire, in the normal course of operations, certain data whose transmission is implicit in the use of Internet protocols, such as: IP addresses, browser type, operating system, pages visited, access time and date. Such data are used to obtain anonymous statistical information on the use of the website and to identify liability in the event of hypothetical computer crimes. For the use of cookies please refer to the Cookie Policy.

3.3 Data processed in carrying out marketing activities
The object of processing is the personal data provided by the DATA SUBJECT through the forms on the website (e.g. contact forms, newsletter subscription): first name, last name, e-mail address, telephone number.


4. PURPOSES OF PROCESSING, LEGAL BASIS AND CONSEQUENCES OF FAILURE TO PROVIDE DATA

4.1 Contractual relationship and legal obligations
Personal Data are processed for the following purposes, with the corresponding legal bases:

Performance of a contract (Art. 6(1)(b) GDPR): to fulfil legal and administrative obligations and to establish and manage the contractual relationship. Providing data is mandatory; refusal makes it impossible to enter into or continue the contractual relationship.

Legal obligation (Art. 6(1)(c) GDPR): to fulfil tax obligations (Presidential Decrees 600/1973 and 633/1972).

Legitimate interest (Art. 6(1)(f) GDPR): management of disputes and protection of the Company’s rights.

4.2 Marketing and profiling activities

Personal Data are processed for the following purposes, based on the DATA SUBJECT’s consent (Art. 6(1)(a) GDPR):
• to keep the DATA SUBJECT informed about the Company’s products through direct marketing, newsletters, information material, events and satisfaction surveys;
• to send personalised communications based on the DATA SUBJECT’s profile and interests (profiling).

Processing for these purposes is optional and subject to consent. Withdrawal of consent does not affect the lawfulness of prior processing. Refusal does not affect the contractual relationship.

Marketing communications may be sent by e-mail, SMS, Whatsapp, Telegram, postal mail and other channels, subject to the DATA SUBJECT’s right to object to processing.


5. METHODS OF PROCESSING AND RETENTION PERIOD

5.1 Methods of processing
Personal Data are processed by electronic and/or manual means, in compliance with the technical and organisational security measures provided for in Arts. 24, 25 and 32 GDPR, suitable to guarantee the security, confidentiality and integrity of the data and to prevent unauthorised access.

5.2 Retention periods

Contractual and tax data: 10 years from the end of the contractual relationship (Art. 2220 Italian Civil Code; Presidential Decrees 600/1973 and 633/1972).
Marketing and profiling data: up to 5 years from collection of consent or last active contact, unless consent is withdrawn earlier.
Navigation data: up to 12 months, unless required for the investigation of computer crimes.
Dispute-related data: for the strictly necessary period and in any case no longer than the applicable limitation periods.

In any event, the Company adopts periodic organisational measures to verify the currency of data and delete data that is no longer necessary.

6. DISCLOSURE AND TRANSFER OF DATA

Personal Data may be disclosed, only to the extent necessary for the purposes indicated, to the following categories of recipients (in addition to competent judicial authorities where required):

6.1 Contractual relationship

• insurance companies;
• legal advisors;
• tax consultants, auditors and accountants;
• credit recovery companies;
• companies conducting financial risk assessment and fraud prevention;
• public authorities and supervisory/control bodies;
• IT and cloud service providers (Data Processors pursuant to Art. 28 GDPR);
• security and surveillance service providers;
• parent companies and/or affiliated companies.

Third-party entities operate as Data Processors (Art. 28 GDPR) or as independent data controllers. In the latter case, data are communicated only with the express consent of the DATA SUBJECT, unless required by law.

6.2 Extra-EU transfers
Where necessary, Data may be transferred to countries outside the European Union exclusively:
• to countries with an adequacy decision from the European Commission (Art. 45 GDPR), including the United States under the EU-US Data Privacy Framework (European Commission Decision of 10 July 2023, C(2023) 4745);
• on the basis of Standard Contractual Clauses (SCC) adopted by the European Commission by Decisions of 4 June 2021 (Art. 46(2)(c) GDPR);
• or on the basis of other appropriate safeguards as provided for in Art. 46 GDPR.

The DATA SUBJECT may request a copy of the safeguards adopted by contacting the Data Controller at section 1.

6.3 Marketing support entities
• IT and email marketing platform providers (Data Processors);
• Company consultants;
• Marketing service providers;
• Parent companies and/or affiliated companies.

7. AUTOMATED DECISION-MAKING AND PROFILING
The Data Controller does not adopt decision-making processes based solely on automated processing that produce significant legal effects concerning the DATA SUBJECT (Art. 22 GDPR). Any profiling for marketing purposes is carried out exclusively on the basis of the DATA SUBJECT’s explicit consent.

8. RIGHTS OF THE DATA SUBJECT (Arts. 15-22 GDPR)
The DATA SUBJECT has the right to exercise the following rights at any time:
Right of access (Art. 15): to obtain confirmation of processing and a copy of the Data;
Right to rectification (Art. 16): to obtain correction or completion of inaccurate Data;
Right to erasure / “right to be forgotten” (Art. 17): to obtain erasure of Data, where applicable;
Withdrawal of consent (Art. 7(3)): to withdraw consent at any time without prejudice to the lawfulness of prior processing;
Right to restriction (Art. 18): to obtain restriction of processing in specific circumstances;
Right to object (Art. 21): to object to processing, including for direct marketing and profiling;
Right to data portability (Art. 20): to receive personal data in a structured, commonly used, machine-readable format and to transmit those data to another controller.

To exercise the above rights, the DATA SUBJECT may send a request to: info@abtools.it
The Data Controller will respond within 30 days of receipt (Art. 12(3) GDPR), extendable by a further 60 days in complex cases. Where requests are manifestly unfounded or excessive, the Data Controller may charge a reasonable fee or refuse to act on the request, with reasons given.


9. RIGHT TO LODGE A COMPLAINT WITH THE SUPERVISORY AUTHORITY (Art. 77 GDPR)
Without prejudice to any other administrative or judicial remedy, the DATA SUBJECT has the right to lodge a complaint with the competent supervisory authority if they consider that the processing of their Data infringes the GDPR.
For Italy, the competent authority is:
Garante per la protezione dei dati personali (Italian Data Protection Authority)
Piazza Venezia, 11 – 00187 Rome, Italy
Tel.: +39 06 696771
E-mail: garante@gpdp.it – Certified e-mail: protocollo@pec.gpdp.it
Website: www.garanteprivacy.it

The Company undertakes to comply with all obligations set out in the applicable personal data protection legislation and to process Data in a lawful, fair and transparent manner.