CCPA opt out

Acceptance is confirmed by checking the "Accept" box. The user is requested to print out a copy of these contractual clauses.

Disclosure paper pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 - WEB
With this document ("Disclosure paper") the Data Controller, as defined below, would like to inform you of the purposes and methods for processing your personal data and your rights, as recognised under Regulation (EU) 2016/679 concerning the protection of individuals, with regard to the processing of personal information and the free circulation of data ("GDPR"). This Paper may be supplemented by the Data Controller if any additional requested services involve further processing.

1. Data Controller and Data Processor, DPO
The Data Controller is Maximilian Srl VAT number: 02331890216, Italy
The Data Controller and the DPO, also through their designated structures, will handle your requests and will provide you without undue delay and in any case, within one month of receipt at the latest, information regarding any actions taken based on your request. We hereby inform you that should the Data Controller have doubts about the identity of the natural person submitting the request, they may request further information necessary to confirm the identity of the data subject.
Categories of Interested Parts: Natural persons, legal entities, public and private organisations.

2. Processing

2.1. UNDEFINED
PROCESSING: WEB - NEWSLETTER USE OF THE SERVICE
If you would like to be updated on the latest news on the Data Controller's products and services, you may participate in our marketing initiatives by allowing the Controller to send you their newsletter and further commercial communications.
Nature of provision: Optional
The consequences of refusing to provide data: Failure to provide data shall not affect your requests and the use of web services but will make it impossible for the Data Controller to send you commercial communications. Minimal data protection measures: to be indicated
Personal data retention period: Your personal data shall be processed until you decide to revoke your consent or oppose its processing. Processing Reference Standards: The legal basis for registering on the Site and providing related services is the need to execute your request, in compliance with Article 6, Paragraph 1, letter b), of the GDPR. Therefore, it is not necessary to obtain your prior consent to the processing.
2.2. Execution of the Contract - Use of the service

PROCESSING: WEB - BROWSING DATA
The computer systems and software procedures used on this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature and through processing and association with data held by third parties, it could enable users to be identified. This category of data includes the IP addresses or domain names of computers used by users connecting to the website, the URI (Uniform Resource Identifier) of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, failed, etc.) and other parameters associated with the operating system and the computer environment. This data is only used to obtain anonymous statistical information about the website and to check its correct functioning and it is deleted after processing. In the event of computer crimes against the website, such data could be used to ascertain responsibility.
Purpose of the processing
Condition Lawfulness Processing Purpose Description
A legitimate interest in acquiring browsing data
Nature of the provision: Mandatory
The consequences of refusal to provide data: Failure to provide data will make it impossible for the company to provide the web service. Minimal data protection measures: data in digital format are contained in assets with appropriate anti-intrusion security measures, with unique accesses and a protected virtual network, with a physical firewall and a self-updating antivirus. Period of storage of personal data: Your personal data shall be actively processed for the duration of the analytical systems of first and third parties. Processing Reference Standards: The legal basis for registering on the Site and providing related services is the need to execute your request, in compliance with Article 6, Paragraph 1, letter b), of the GDPR. Therefore, it is not necessary to obtain your prior consent to the processing. Recipients of the Processing: Maximilian Srl VAT number: 02331890216, Italy, info@maximilian.it
Types of data processed: common personal data

2.3. Execution of the Contract - Use of the service

PROCESSING: WEB - REGISTRATION AND ACCESS RESERVED AREA SHOP ONLINE
Your personal data may be used by the Controller to satisfy your request to register on the Site and to be able to provide services connected to the Site's reserved area.Purpose of data processing
Lawfulness Treatment Purpose Description
Consent Registration of reserved area for online sales activities. Registration in the reserved area for online sales activities.

Nature of the provision: Mandatory
Consequences of refusal to provide data: Failure to provide the requested data will make it impossible for the Controller to proceed with your registration on the Site. Minimal data protection measures: data in digital format are contained in assets with appropriate anti-intrusion security measures, with unique accesses and a protected virtual network, with a physical firewall and a self-updating antivirus. Storage period of personal data: The Data Controller shall process your personal data exclusively for the time necessary to manage the existing contract between you and the Controller. In any case, your personal data shall be stored for a maximum period of 10 years starting from the termination of the contract.Processing Reference Standards: The legal basis for registering on the Site and providing related services is the need to execute your request, in compliance with Article 6, Paragraph 1, letter b), of the GDPR. Therefore, it is not necessary to obtain your prior consent to the processing.Recipients of the Processing: Maximilian Srl VAT ID: 02331890216, Italy, info@maximilian.it
Types of data processed:
Category Type
bank economic data & common personal data


2.4. Execution of the Contract - Use of the service
PROCESSING: WEB - REQUESTS CARRIED OUT THROUGH THE SITE
Your personal data may be processed by the Controller to meet your requests by writing to one of the email addresses available on the Website or by filling in the registration form and/or contact on the Site.
Purpose of data processing
Lawfulness Treatment Purpose Description
Consent for commercial or assistance requests for commercial or assistance requests

Nature of provision: Mandatory
The consequences of refusal to provide data: Failure to provide the requested data shall make it impossible for the Controller to fulfil your request. Minimal data protection measures: data in digital format are contained in assets with appropriate anti-intrusion security measures, with unique accesses and a protected virtual network, with a physical firewall and a self-updating antivirus. Storage period of personal data: The data collected for this purpose will be processed for the time strictly necessary to satisfy your request and subsequently stored for 10 years following the processing of such request. Processing Reference Standards: The legal basis for processing is the need to execute your request, in compliance with Article 6, Paragraph 1, letter b), of the GDPR. Therefore, it is not necessary to obtain your prior consent to the processing. Recipients of the Processing: Maximilian Srl VAT number: 02331890216, Italy, info@maximilian.it
Types of data processed:
Category Type
common personal data

2.5. Marketing
PROCESSING: DIRECT MARKETING
The Data Controller intends to process personal data in order to send you commercial communications of their products and services, including direct marketing conducted using the results of the analysis or profiling activities, as well as proceeding with direct sales and to carry out surveys or market research.
Purpose of the processing
Condition Lawfulness Processing Purpose Description
Consent to marketing activities marketing activity via email, social media and other sites

Nature of provision: Optional
The consequences of refusing to provide data: Failure to provide data shall not affect your requests and the execution of contracts but it will make it impossible for the Data Controller to send you marketing communications. Minimal data protection measures: data in digital format are contained in assets with appropriate anti-intrusion security measures, with unique accesses and a protected virtual network, with a physical firewall and a self-updating antivirus. Period of storage of personal data: Your personal data, processed as described, shall be deleted within 30 days from the termination of the last contractual obligation with the Data Controller. In any case, if you decide to withdraw your consent or object to the processing, your personal data shall be deleted within 30 days of such request.
Processing Reference Standards: a) Explicit consent of the interested party, b) Article 130, Paragraph 4, of the Privacy Code, c) Explicit consent of the interested party. Recipients of the Treatment: Maximilian Srl VAT ID: 02331890216, Italy, info@maximilian.it
Types of data processed:
Category Type
common personal data


2.6. Marketing
PROCESSING: WEB - COMMERCIAL NEWSLETTER
If you wish to be updated on the latest news on the products and services offered by the Data Controller or by third party companies, you can participate in our marketing initiatives by allowing the Data Controller to send you their newsletter and further commercial communications.
Purpose of the processing
Condition Lawfulness Processing Purpose Description
Legitimate interest in sending communications relating to the service subscribed and sending communications relating to the service subscribed
Nature of provision: Optional
Consequences of refusal to provide data: Failure to provide data will not affect your requests or use of web services but it will make it impossible for the Data Controller to send you commercial communications. Minimal data protection measures: Data in paper format are kept in key archives for the exclusive use of Marco Vedovelli and the legal representative. Any data in digital format are contained in assets with appropriate anti-intrusion security measures, with unique accesses and a protected virtual network, with a physical firewall and a self-updating antivirus. Storage period of personal data: Your personal data will be actively processed for the time necessary to manage the existing relationship and/or the execution of the contract. The information collected for the evaluation of contractual conclusion and in the case of non-completion such data shall be cancelled within 24 months.
Recipients of the Processing: Maximilian Srl VAT ID: 02331890216, Italy, info@maximilian.it
Types of data processed:
Category Type
common personal data


3. Cookies Information:
3.1. Disclosure paper URL: https://www.maximilian.it/it/cookies
3.2. Extended Cookie Notice: On this site we use technologies to collect information aimed at improving your online experience. This policy refers to the use of cookies and how to manage them. We reserve the right to modify this policy at any time. Any modification to this policy shall take effect from its date of publication on the Site. Cookies are small text strings which websites send to the terminals of visiting users (usually to the browser), where they are stored and later returned to the same websites during subsequent visits. While browsing a site, a user may also receive cookies on their terminal that are sent from different websites or servers (so-called "third parties"), which contain certain elements (such as, for example, images, maps, sounds, specific links to pages on other domains) found on the website that the user is visiting. Cookies, which are usually found in users' browsers in very large numbers and sometimes with features of a long temporal persistence, are used for different purposes: computer authentication, session monitoring, storing information on specific configurations regarding users accessing the server, etc.

In order to arrive at a correct management of such devices, it is necessary to distinguish them since there are no technical characteristics that differentiate them from each other based on the users' pursuits.
• FIRST-PARTY persistent technical (session) cookies

Technical cookies are those used for the sole purpose of "transmitting a communication over an electronic communication network, or as strictly necessary for the provider of a WEB service explicitly requested by the user to provide this service". They are not used for other purposes and are normally installed directly by the website's administrator or operator. Technical cookies can be separated into navigation cookies or session cookies, that guarantee normal browsing and a normal use of the website (e.g. to carry out a purchase or to authenticate a user to a reserved area). This site uses first-party persistent technical session cookies.
• FIRST-PARTY analytical cookies
Analytical cookies, also called "analytics", allow detailed statistics to be drawn on visitors to a website such as, for example, the display of specific pages, the number of visitors, the time spent on the site by the users and their means of arrival. Analytical cookies are similar to technical cookies to the extent they are used directly by the webmaster to gather aggregated information about the number of users and how they visited the site. This site uses first-party analytical cookies.
• FIRST-PARTY profiling cookies
Profiling cookies are designed to create profiles relative to the user and are used in order to send advertising messages in line with the preferences expressed by the user while surfing the net. Because of the particular invasiveness that such devices can have in the private sphere of users. This site may share this information with other parties, such as for example, advertisers. European and Italian legislation provides that you can refuse consent to the use of these cookies. This site uses FIRST-PARTY profiling cookies.
• THIRD-PARTY analytical cookies
Analytical cookies, also called "analytics", allow detailed statistics to be obtained on visitors to a website such as, for example, the display of certain pages, the number of visitors, the time spent on the site by users and means of arrival. This site uses a Web analytics service provided by Google.
• THIRD-PARTY profiling cookies
In order to provide you with additional functions and services on this site, we work with third parties who, independently and not directly controlled by us, may use their cookies to collect information on the activities you perform, carried out while browsing the site's pages. This information could be used to propose advertising in line with your interests, based on the content you visited, or to measure the effectiveness of advertising campaigns. These cookies may be contained in various elements on the web page, such as banner ads, images, videos, etc. A notable example is the presence of so-called "social plugins" or "social sharing buttons" used by the main social networks (Facebook, Twitter, Google+ and LinkedIn), aimed at sharing the contents of the web page on the social networks themselves. The use of data collected by third-party cookies, over which we do not exercise any kind of control, is governed by their relative disclosure papers. We kindly ask you to refer to such policies for their content. This site uses THIRD-PARTY profiling cookies.

4. What rights do you have as an interested party:
In relation to the processing described in this Disclosure Paper, as an interested party, you may, as envisaged by European Regulation 679/2016, exercise the rights sanctioned by Articles 15 to 21 and, in particular:
• right of access - Article 15 of the GDPR: the right to obtain confirmation whether the processing of your personal data is underway and, in such case, obtain access thereto, including a copy of the same.
• right of rectification - Article 16 of the GDPR: the right to obtain, without unjustified delay, the rectification of your inaccurate personal data and/or the integration of incomplete personal data;
• right to cancellation (right to be forgotten) - Article 17 of the GDPR: the right to obtain, without unjustified delay, the deletion of your personal data.
• right to limit processing - Article 18 of the GDPR: the right to obtain the limitation of the processing, when:
1. the interested party disputes the accuracy of the personal data, for the period necessary for the owner to verify the accuracy of such data;
2. the processing is unlawful and the person concerned is opposed to the deletion of personal data and instead requests that its use be limited;
3. personal data is necessary for the interested party to ascertain, exercise or defend a right in court;
4. the interested party has opposed the processing pursuant to Article 21 of the GDPR, in the period of waiting for the verification regarding the possible prevalence of legitimate reasons of the data controller with respect to those of the interested party.
• right to data portability - Article 20 of the GDPR: the right to receive, in a structured format, commonly used and readable by an automatic device, your personal data provided to the Controller and the right to transmit such information to another controller without impediment, if the processing is based on consent and is carried out by automated means. Furthermore, the right to obtain that your personal data is transmitted directly by the Bank to another controller if this is technically feasible;
• right to object - Article 21 of the GDPR: the right to object, at any time for reasons connected to his particular situation, to the processing of your personal data based on the condition of lawfulness of the legitimate interest or of the execution of a task of public interest or the exercise of public authority, including profiling, unless there are legitimate reasons for the Data Controller to continue processing that prevails over the interests, rights and freedoms of the data subject or for the verification, exercise or defence of a right in court; you may oppose the processing at any time if personal data is processed for direct marketing purposes, including profiling, to the extent that it is connected to such direct marketing;
The rights previously referred to may be exercised, with respect to the Controller, by contacting the references indicated hereinabove.

The exercise of your rights as Data Subject is free of charge within the meaning of Article 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Controller may charge a reasonable fee, in light of the administrative costs incurred to manage such requests or deny the request itself.
• RIGHT OF WITHDRAWAL:
The interested party has the right to withdraw their consent at any given time. Such withdrawal of consent shall not affect the lawfulness of processing based on consent prior to such withdrawal.
• RIGHT OF CLAIM:
The interested party has the right to lodge a complaint with the Italian Data Protection Authority, Piazza di Montecitorio no. 121, 00186, Rome (RM).

I hereby declare that I have received from the Data Controller information on the use of my personal data and I hereby consent, pursuant to the privacy law, to the processing by the same of the particular categories of personal data supplied by myself personally, for the performance of the activities necessary for the activation and management of the relationships, operations and services I requested.