ARGeo | Privacy

Last updated: 12 June 2019

Privacy Policy of the Website https://theargeo.com.

Fimesp s.r.l. - innovative startup, with registered office in Vicolo Calusca 10/C, 20123 - Milan,
Italy, ("Fimesp" or "we" or "our"), as data controller, collects and processes Personal Data in
accordance with Regulation (EU) 2016/679, the General Data Protection Regulation ("GDPR"),
Legislative Decree 30 June 2003, No. 196 ("Privacy Code), Legislative Decree 10 August 2018,
No. 101 adapting the Privacy Code to the GDPR ("Adjustment Decree"), the GDPR, the Privacy
Code and the Adjustment Decree all together are referred to as "Italian Privacy Legislation", in
accordance with the privacy principles and rights of the data subjects.

In accordance with articles 13 and 14 of the GDPR, Fimesp informs the user on how it collects,
processes and uses personal data provided by the user when browsing the website
https://theargeo.com or registering to ask for information thereon or using the Services provided
through it as described in the applicable Terms of Use.

This Privacy Policy does not cover any other information that is published and provided to the user,
collected or used by third parties through their own applications integrated into the website
https://theargeo.com, if those third parties do not act on our behalf.

Please read this Privacy Policy carefully before browsing and using the website
https://theargeo.com.

INDEX

1. Definitions
1.1 User
1.2 Seller
1.3 Data Subject
1.4 Personal data
1.5 Usage Data
1.6 Data Controller
1.7 Data Processor
1.8 Third Parties
1.9 Website https://theargeo.com
1.10 Services or related Services
1.11 European Union (or EU)
1.12 Cookies
2. Types of Personal Data collected
3. Purpose and legal basis of the processing
4. Nature of the provision of Personal Data and consequences in case of failure to provide the
data
5. Methods of processing
6. Retention Period
7. Communication and international transfer of Personal Data
7.1 Service Providers
7.2 Third parties in accordance with a legal obligation or to establish, exercise or defend a claim in court
7.3 Third parties in case of corporate transactions
8. User Rights
9. Contacts of the Data Controller
10. Changes to this privacy policy

1. Definitions
1.1 User: the natural person accessing the website https://theargeo.com by browsing and using the
same and related services.
1.2 Seller: owners or representatives of affiliated business, even if they use the website
https://theargeo.com as Users.
1.3 Data Subject: a natural person identified or identifiable through personal data and coinciding
with the User with respect to the use of the website https://theargeo.com and related Services.
1.4 Personal Data: any information relating to an identified or identifiable natural person ("Data
Subject"); an identifiable natural person is one who can be identified, directly or indirectly, by
reference to an identifier such as a name, an identification number, location data, an online
identifier or one or more factors specific to his/her physical, physiological, genetic, psychic,
economic, cultural or social identity.
1.5 Usage Data: Personal Data collected automatically through the website https://theargeo.com,
including through third-party applications integrated within the same, namely: the IP addresses of
the User's device or the domain names of the devices used by the User accessing the he website
https://theargeo.com, the URI (Uniform Resource Identifier) addresses, the time of the request, the
method used to forward the request to the server, the size of the file obtained in response, the
numerical code indicating the status of the response from the server (successful, error, etc.) the
country of origin, the characteristics of the browser and operating system used by the visitor, the
various time connotations of the visit (for example, the time spent on each page) and details of the
route followed within the website https://theargeo.com, with particular reference to the sequence of
pages viewed, the parameters relating to the operating system and computer environment of the
User.
1.6 Data Controller: the natural or legal person, public authority, service or other body which,
alone or together with others, determines the purposes and means of the processing of Personal
Data.
1.7 Data Processor: the natural or legal person, public authority, service or other body that
processes Personal Data on behalf of the Data Controller.
1.8 Third Parties: natural and/or legal persons who do not have the status of User.
1.9 Website https://theargeo.com: set of connected web pages hosted on a web server, through
which users' Personal Data are collected and processed.

1.10 Services or related Services: Services provided by Fimesp in accordance with clause 3 of the
Terms of Use applicable to the Website https://theargeo.com [insert link to the Terms of Use].
1.11 European Union (or EU): unless otherwise specified, any reference in this document to the
European Union shall be deemed to extend to all current Member States of the European Union and
the European Economic Area.
1.12 Cookies: small portion of data stored within the User's device and released by Fimesp or by
Third Parties through the Website https://theargeo.com [insert link to the Cookie Policy].
2. Types of Personal Data collected
Fimesp collects and processes Personal Data provided by the User when the User requests
information on the Website https://theargeo.com and when using the Website and the Services:
Personal details: first and last name, gender (male/female), date of birth;
Contact details: email address and telephone number;
Usage Data: Personal Data as defined in clause 1.5.
System log and maintenance: files that record the User's interactions within the Website
https://theargeo.com and that can also contain Personal Data, such as the IP address of the User's
device.

If the User provides Third Parties' Personal Data, the User undertakes to ensure the corresponding
communication to Fimesp and the subsequent processing of such data in compliance with this
Privacy Policy and the Italian Privacy Legislation, in such a way that before communicating Third
Parties' Personal Data to Fimesp, the User (i) informs the Third Parties about the processing of their
Personal Data, (ii) provides this Privacy Policy to the Third Parties and (iii) obtains the relative
consent to communicate the Third Parties' Personal Data to Fimesp. In such circumstances, Fimesp
processes Third Parties' Personal Data only to allow the User to use the Website
https://theargeo.com and related Services on the basis of the User's requests.

3. Purpose and legal bases of the processing



Purposes of the processing Legal bases
A. Fimesp processes the User's Personal Data,
including those manifestly made public by the
same to allow the User to request information
registering in the "Contact Us / Contact Us" form,
available on the Website https://theargeo.com, to
browse on such website, to use the related
Services, to describe the functionalities of the
ARGeo application.
 The processing is necessary for the execution
of pre-contractual measures adopted at the
request of the Data Subject and for the
performance of a contract to which the Data
Subject is a party.
 The processing concerns Personal Data made
manifestly public by the Data Subject.
B. Fimesp processes the User's Personal Data to
ensure that the Website https://theargeo.com is
updated and meets the User's necessities, to
analyze, review and improve this website, to offer
the User an facilitated user-browsing experience,
to ensure compliance with the Terms of Use of the
Website https://theargeo.com, for the security of
such website and its users and for the protection
of Fimesp's rights and/or assets.
 The processing is necessary for Fimesp's
legitimate interest in protecting and
improving its business, assets and rights.
 The processing is necessary for Fimesp to
comply with legal obligations such as the
obligation to ensure the security of
information pursuant to the applicable data
protection laws.
C. Fimesp processes the User's Personal Data to
comply with legal obligations, laws and
regulations, as well as to act before judicial and
administrative authorities.
 The processing is necessary to comply with a
legal obligation to which Fimesp is subject.
 The processing is necessary to establish,
exercise or defend a claim in court or
whenever courts are acting in their judicial
capacity.

4. Nature of the provision of Personal Data and consequences in case of failure to provide the
data
With regard to Personal Data whose processing is essential for compliance with laws and
regulations or to execute the contract in place between Fimesp and the User as detailed in the Terms
of Use applicable to the Website https://theargeo.com, as detailed in the Terms of Use applicable to
the Website https://theargeo.com, the provision of User's Personal Data is mandatory, therefore
failure to do so would make it impossible for Fimesp to provide the Website https://theargeo.com
the and related Services to the User.
5. Methods of processing

Fimesp processes User's Personal Data by means of electronic and/or telematic as well as through
non-electronic means, in an organised manner and with logics strictly related to the purposes
indicated in this Privacy Policy and in compliance with the Italian Privacy Legislation.
In particular, given the main functionality of the Website https://theargeo.com, Fimesp processes
User's Personal Data through automated systems directed to receive requests for information and to
interact with the User as well as to allow browsing the Website https://theargeo.com and the
download of the ARGeo application through the App Store and Google Play channels.
During the processing of User's Personal Data, Fimesp adopts appropriate security measures to
prevent unauthorised or unlawful access, disclosure, modification or destruction of Personal Data.

6. Retention Period
Fimesp retains User's Personal Data only for the time strictly necessary to allow the use of the
Website https://theargeo.com and for the other purposes for which they were collected. In any
event, Fimesp will retain User Personal Data necessary to comply with a legal obligation or to
exercise our rights of defence in the context of legal proceedings. Please note that Personal Data
contained in contracts, communications and business letters may be subject to retention periods
established by law, which may provide for a retention period of up to 10 years, based on the
ordinary statute of limitations in force in Italy.

7. Communication and international transfer of Personal Data
User's Personal Data may be accessed by Fimesp personnel duly authorised to process Personal
Data. Furthermore, while making the Website https://theargeo.com available and providing related
Services, Fimesp may communicate User's Personal Data to external subjects such as:
7.1 Service Providers. In order for the User to access the Website https://theargeo.com and use the
Services through it, Fimesp may share User's Personal Data with its service providers who will act
as Data Processors on the basis of Fimesp's instructions. By way of example, such service providers
may include communication agencies, technical service providers, IT companies, companies that
manage or maintain the IT infrastructure on which the Website https://theargeo.com is based (e.g.
GoDaddy LLC).
7.2 Third parties in accordance with a legal obligation or to establish, exercise or defend a
claim in court. Fimesp may disclose Users' Personal Data to institutions, law enforcement
agencies, judicial authorities, administrative authorities or public security authorities, in the context
of a judicial or administrative procedure, or in order to fulfil a legal obligation or protect its rights.
7.3 Third parties in case of corporate transactions. The communication of User's Personal Data
may also occur in the presence of events such as mergers, acquisitions, sales of companies (or its
assets) or other extraordinary operations in which Fimesp may have to share information with
potential buyers or counterparties and their consultants.
Some of the above parties may be established outside the territory of the European Union and the
European Economic Area in countries that do not guarantee an adequate level of protection of
Personal Data (e.g. the United States of America). In such circumstances, Fimesp will adopt the
appropriate safeguards to ensure the protection of User's Personal Data in accordance with article
46 of the GDPR (e.g. adherence to the US-EU Privacy Shield scheme, Standard Contractual
Clauses adopted by decision of the European Commission, currently decision 2010/87/EU of 5
February 2010). Under no circumstances User's Personal Data will be disclosed.

8. User Rights
The User may at any time and at no cost request information on this Privacy Policy, the Website
https://theargeo.com and related Services by contacting Fimesp at the contact details indicated in
clause 9. Likewise, the User may request an updated list of our Data Processors and exercise his/her
privacy rights enshrined in Articles 15 et seq. GDPR as specified below:

(i) Right of Access: Under certain circumstances, the User has the right to obtain from us
confirmation as to whether or not Personal Data relating to him/her exists and, if so, request access
to such Personal Data. Access information includes, among others, the purposes of the processing,
the categories of Personal Data processed, the recipients or categories of recipients to whom
Personal Data have been or will be disclosed, the sources of Personal Data, the data retention
periods and the technical security measures adopted to safeguard Personal Data in the event of
transfer outside the European Economic Area. However, this is not an absolute right and the
interests of other people may limit the right of access.
The User has the right to request a copy of the Personal Data. If the Users requests additional
copies, we may charge him/her a reasonable fee taking into account the administrative costs
incurred.
(ii) Right of rectification: under certain circumstances, the User has the right to obtain from us the
rectification (i.e. correction) of inaccurate Personal Data concerning him/her. Depending on the
purpose of the processing, the User has the right to obtain the integration of incomplete Personal
Data, also by means of supplementary statement.
(iii) Right to Erasure (right to be forgotten): under certain circumstances, the User has the right
to obtain from us the erasure of Personal Data relating to him/her. In such cases, we will take steps
to delete, or make permanently unintelligible, such Personal Data.
(iv) Right to restriction of processing: under certain circumstances, the User has the right to
obtain from Fimesp the restriction of the processing of his/her Personal Data. In such cases, the data
will be marked and may be processed by us only for certain purposes.
(v) Right to data portability: under certain circumstances, the User has the right to receive in a
structured, commonly used and machine-readable format, Personal Data about him/her that the User
has provided and the right to transmit such data to another entity.
(vi) Right to object: under certain circumstances, as provided for by applicable law, the User has
the right to object, at any time, for reasons related to his/her particular situation, to the processing of
his/her Personal Data by us and we may be required to no longer process his/her Personal Data. If
the User has the right to object and if exercises this right, his/her Personal Data will no longer be
processed by us for such purposes unless Fimesp proves legitimate compelling grounds under the
GDPR. If the data is processed for marketing purposes, the User has the right to object at any time
to the processing for such purposes, including profiling to the extent that it is related to direct
marketing. The User can exercise his/her right to object by contacting us as indicated in clause 9.
This is not an absolute right and does not apply in certain situations, for example when the
processing is necessary for compliance with the applicable law of the European Union or the
Member States, or to defend a right in court.
(vii) Automated decision making: The User has the right not to be subject to a decision based
solely on automated processing that produces legal effects that affects him/her or affects his/her
person. The above prohibition does not apply if the User consents to a decision based on automated
processing of his/her Personal Data or such a decision is needed for the conclusion or execution of a
contract between the User and Fimesp, or if the decision is authorised by European Union or Italian
law.
(viii) Withdrawal of consent: The User also has the right to withdraw his/her consent provided
with regard to certain types of Personal Data processing activities, also using the appropriate
contact section within the Website https://theargeo.com in addition to sending the notice of
withdrawal to the email address specified in clause 9. Such withdrawal shall not affect the
lawfulness of the processing based on consent prior to the withdrawal.

Finally, the User has the right to lodge a complaint before the National Supervisory Authority (the
"Garante").

We inform the User that under certain circumstances pursuant to Article 2-undecies of the Privacy
Code, as introduced by the Implementing Decree, the exercise of privacy rights may be delayed,
limited or excluded. In this case, the Company will provide the User without delay with a reasoned
statement and the User may still request that the Garante ascertains that the delay, limitation and
exclusion referred to above are based on legitimate reasons.

9. Contacts of the Data Controller
Fimesp s.r.l. - innovative startup
Vicolo Calusca 10/C
20123 - Milano
Italy
Email address: info@fimesp.com

10. Changes to this privacy policy
Fimesp reserves the right to amend this Privacy Policy at any time by informing the User:
a) on the page dedicated to it on the website https://theargeo.com.
Please therefore regularly consult the Privacy Policy available on the website https://theargeo.com,
referring to the date of the last change indicated at the bottom.
If the changes involve processing activities whose legal basis is consent, Fimesp will collect the
User's consent again, if necessary.