Product chevron_right

Creative Services chevron_right

Use Cases chevron_right

Showcase chevron_right

Resources chevron_right

Discover Aryel Immersive Rich Media 👉

Discover more Discover more

Privacy Policy

This privacy policy is to provide all the information on the processing of personal data carried out by Aryel S.r.l. when the User accesses and register the platform (as indicated below)

Version no. 1 – June 2023

1. Introduction – Who we are?

Aryel S.r.l.with registered offices in Milan (Italy), Via Arcivescovo Calabiana 6, 20139, VAT n. 11294810962 (hereinafter, “Controller”), manager of the platform Aryel accessible from the website https://aryel.io (hereinafter, the “Platform”), in its capacity as data controller in relation to personal data pertaining to the users using the Platform (hereinafter, the “Users”) hereby provides the privacy policy pursuant to art. 13 of the Regulation EU 2016/679 of the Council of 27 April 2016 (hereinafter, “Regulation” or “Applicable Law”).

2. How to contact us?

The Controller takes into the utmost consideration the right to privacy and protection of personal data of its Users. For any information in relation to this privacy policy, Users may contact the Controller at any time, using the following methods:

3. What do we do? – Processing purposes

By browsing and registering to the Platform, Users will have the opportunity to access and use the service provided by the Controller (hereinafter, “Services”). In connection with the activities that may be carried out through the Platform, the Controller collects personal data relating to Users. This Platform and the services eventually offered through the Platform are reserved to subjects over the age of 18 years old. Hereby, the Controller does not collect personal data pertaining to subjects under the age of 18 years old. At request of the Users, the Controller will promptly delete all the personal data, involuntary collected, pertaining to subjects under the age of 18 years old. Particularly, the personal data of the Users will be lawfully processed for the following purposes:

  1. contractual obligations and provision of the Services, i.e., to allow the navigation of the Platform and to execute the specific requests of the User. The User’s data collected by the Controller for these purposes include:
    • providing access to the Platform: all personal data whose transmission is implicit in the use of Internet communication protocols, that the computer systems and software procedures used to operate the Platform acquire during their normal functioning: the IP addresses or domain names of the computers used by the Users, the addresses in URI notation (Uniform Resource Identifier) of the requested resources, the time of the request, the method used in submitting the request to the server, the file size obtained in response, the numerical code indicating the status of the response given by the server (good order, error, etc.) and other parameters relating to the operating system and the User’s IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Platform and to allow its correct operation.
    • The Controller does not use cookies and/or other non-technical tracking tools on the Platform. On the contrary, technical cookies are used for the sole purpose of making navigation possible and allowing to use the functionality of the Platform itself. Some technical cookies are essential to provide an optimal browsing experience (so-called surfing cookies). Surfing cookies are normally session cookies and, therefore, once the surfing browser is closed, they are automatically deactivated. Other technical cookies are useful to allow you to store certain preferences (e.g., language) without having to reset them on subsequent visits (so-called functionalities cookies). For such reason, the functionalities cookies are often lasting cookies, since they remain memorised on computer also after the closure of the surfing browser, until the scheduled expiry date or until when you decide to eliminate the same.

      These are always first-party cookies owned by the Controller, as they are conveyed directly by us on the Platform. As provided by the Applicable Law, the prior consent of the User is not required for the installation of such cookies. Of course, the User is free to block the installation of technical cookies by changing the settings of your browser:

      The User is reminded to take into consideration the fact that by blocking the installation of technical cookies, or subsequently deleting them, the ability to access the Platform, to use all or part of it, to enable or disable certain functions or to receive certain services may be wholly or partially impaired.

    • Registration to the Platform: to enable navigation of the Platform or to execute the Terms and Conditions of the Platform, which are accepted by the User during registration; to fulfill specific requests of the User sent to the Controller through the Platform or other methods provided therein. The User’s data collected by the Controller for the purposes of registration and use the Services offered by the Platform include name, surname, username, e-mail address, password and all other User data that may be voluntarily communicated by the User.
    • The User’s personal data will be used by the Controller for the exclusive purpose of ascertaining the User’s identity (also by validating the e-mail address), thus avoiding possible fraud or abuse, and contacting the User for service reasons only (e.g., sending notifications regarding the services offered on the Platform). Without prejudice to what is provided elsewhere in this privacy policy, in no case will the Controller make the personal data of the Users accessible to other Users and/or third parties.

  2. administrative and accounting purposes, i.e., to carry out activities of an organizational, administrative, financial and accounting nature, such as internal organizational activities and activities functional to the fulfillment of contractual and pre-contractual obligations;
  3. legal obligations, i.e., to comply with obligations imposed by law, an authority, a regulation or European legislation.

The provision of personal data for the above-mentioned processing purposes is optional but necessary, since failure to provide such data will make it impossible for the User to register on the Platform and use the Services.

Personal data which are necessary for the pursuit of the processing purposes described in this paragraph 3 are indicated with an asterisk in the request form (or are otherwise marked as “mandatory”).

4. Legal basis for processing

Contractual obligations and provision of the Services (as described in paragraph 3(a) above): the legal basis consists of art. 6, paragraph 1, lett. b) of the Regulation, i.e., the processing is necessary for the performance of a contract to which the User is a party or for the performance of pre-contractual measures taken at the User’s request.

Administrative and accounting purposes (as described in section 3(b) above): the legal basis consists of art. 6, paragraph 1, lett. b) of the Regulation, as the processing is necessary for the performance of a contract and/or the implementation of pre-contractual measures taken at the request of the User.

Legal obligations (as described in paragraph 3(c) above): the legal basis is art. 6, paragraph 1, lett. c) of the Regulation, as the processing is necessary to comply with a legal obligation to which the Controller is subject.

5. Processing methods and data retention period

The Controller shall process the Users’ personal data by means of manual and computerized tools, with logic strictly related to the purposes thereof and, in any case, in such a way as to guarantee the security and confidentiality of the data.

The personal data of Users will be retained for the time strictly necessary to carry out the main purposes explained in paragraph 3 above or, in any case, as necessary for the protection in civil law of the interests of both the Users and the Data Controller.

In any case, this is without prejudice to possible retention periods provided for by laws or regulations.

6. Transmission and dissemination of data

The User’s personal data may be transferred outside the European Union, and, in this case, the Controller will ensure that the transfer takes place in accordance with the Applicable Law and, in particular, in accordance with Articles 45 (Transfer on the basis of an adequacy decision) and 46 (Transfer subject to adequate guarantees) of the Regulation.

The personal data of the Users may be disclosed to the employees and/or collaborators of the Controller in charge of managing the Platform and the Users’ requests. These subjects, who have been instructed in this sense by the Controller pursuant to art. 29 of the Regulation, will process the data of the Users exclusively for the purposes indicated in this privacy policy and in compliance with the provisions of the Applicable Law.

Users’ personal data may also be disclosed to third parties who may process personal data on behalf of the Controller in their capacity as Data Processors, such as, by way of example, suppliers of IT and logistics services functional to the operation of the Platform, suppliers of outsourcing or cloud computing services, professionals and consultants.

Users have the right to obtain a list of any data processors appointed by the Controller by making a request to the Controller in the manner indicated in paragraph 7 below.

7. Rights of the data subjects

Users may exercise their rights granted by the Applicable Law by contacting the Controller as follows:

Pursuant to the Applicable Law, the Users have:

  1. the right to withdraw consent at any time, if the processing is based on their consent;
  2. the right of access to personal data;
  3. (where applicable) the right to data portability (the right to receive all personal data concerning them in a structured, commonly used and machine-readable format), the right to restriction of processing of personal data, the right to rectification and the right to erasure (“right to be forgotten”);
  4. the right to object:
    • in whole or in part, for legitimate reasons to the processing of personal data concerning them, even if relevant to the purpose of collection;
    • in whole or in part, to the processing of personal data concerning them for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication;
  5. if they consider that the processing of their personal data is in breach of the Regulation, the right to lodge a complaint with a supervisory authority (in the Member State in which they have their habitual residence, in the Member State in which they work or in the Member State in which the alleged breach has occurred). The Italian Supervisory Authority is the Garante per la protezione dei dati personali, located in Piazza Venezia n. 11, 00187 – Rome (http://www.garanteprivacy.it/).

The Controller is not responsible for updating all links that can be viewed in this cookie policy, therefore whenever a link is not functional and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to such link.