Privacy Policy

We will collect various types of personal data about you for the purposes described in this Policy, and in particular:

• Contact information (such as your name, birthday, nationality, email address, postal address, telephone number and any other personal data) that you provide by completing forms on the Website, including if you subscribe to our newsletter or register and create an account on the Website;
• Details of any transactions made by you;
• Information from surveys that we may, from time to time, conduct on the Website for research purposes, if you choose to respond to, or participate in, them;
• Information about your use and navigation of our Website, such as your IP address and other device identifiers, your operating system and browser type, and information about the website pages you visit, collected by cookies or other tracking technologies;
• Personal information collected from third parties, such as data that you agree to share with us on publicly accessible social networks (e.g., Facebook, Instagram, etc.) and/or that we may collect from other publicly accessible databases.

You are under no obligation to provide any such information. Providing your personal data to us (in particular, your personal details, your email, your address, and your telephone number) is necessary for processing your order to purchase products on the Website, for supplying other services provided on the Website upon your request, or for fulfilling our obligations required by law or regulations, as applicable. Refusal to provide us with any personal data necessary for performing the above purposes may consequently prevent us from processing your order to purchase products sold on the Website or fulfilling obligations required by law and other regulations. Therefore, failure to provide personal data may constitute, in some cases, a legitimate and justified reason for not processing your order for the purchase of products sold on the Website or for not providing the services proposed on the Website.

Disclosure of further personal data to us other than that required for fulfilling legal or contractual obligations and for properly browsing our services with necessary traffic data is, on the contrary, optional and does not have any effect on the use of the Website and of its services or on the purchase of products on the Website. We will inform you at every step whether disclosing your personal data to us is required or optional by marking with an appropriate symbol (*) the information that is required or data needed for the purchase of products and/or for the provision of requested services on the Website.

Our store is hosted on WooCommerce. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through WooCommerce’s data storage, databases and the general WooCommerce application. They store your data on a secure server behind a firewall. For more information, you can read WooCommerce’s Privacy Policy. 

For your convenience and to improve the use of our Website, we embed links to third-party sites, which are not subject to this Policy. Such links direct users away from our services and Website, where they are beyond our control. Such links include, in particular, partners that use the ĀTMA logo in the context of a co-branding agreement, or that sell ĀTMA products.

The sites to which you may be redirected have their own privacy policies, and ĀTMA cannot be held liable for the content or activities of such sites. You are therefore solely liable for your visits to such sites. Please note that such sites may use their own cookies to collect, use, or solicit personal data.

Our Website uses cookies.

What is a cookie?

Cookies are text files containing small amounts of information that a user’s device (mobile, computer, or tablet) downloads when it visits a website. They allow the site to “remember” your computer, but not specifically who is using it, and improve your user experience. By associating the identification numbers in the cookies with other customer information when, for example, you log-in to the site, then we know that the cookie information relates to you.

What is the scope of cookies?

Cookies are used generally for different purposes, such as letting the user navigate between pages efficiently, implementing the user’s preferences and generally improving their browsing experience, by customizing the Website according to their navigation and user profile. They can also help ensure that the adverts that the user sees online are more relevant and to his or her interests.

What cookies do we use?

Our Website uses several type of cookies for different purposes as better explained below in next section “Categories of cookies on ĀTMA website”. In particular we use:

A) Session cookies, which only last for the duration of a browsing session. They are usually used to facilitate the access to the services on our Website, to authenticate you when you are a registered member, and to remember what a user has put in his or her shopping basket, and

B) Persistent cookies, which last for more than one visit. They are used to remember a user’s preferences and actions within the Website. In this case, when a user returns to our Website, or visits sites that use the same cookies, the site reads the cookies and identifies the user’s browser.

Among these cookies it is possible to refer to:

C) First party cookies, which are supplied by the Website you are visiting, i.e. atmaclimbing.com and can be read only by such site, for example, the cookies that maintain product in the shopping bag of a user while the user is still surfing the site. First party cookies can be either session or permanent cookies.

D) Third party cookies, which are meant to collect data in an anonymous way, for example analytics information, including browsing statistics. Other third party cookies are meant to track our visitors’ response to our online promotional activities. This technology uses information about your visits to our Website and third parties’ sites on which we advertise, to deliver relevant advertisements. We also use this to learn which banner adverts bring users to our website. Third party cookies can be either session or permanent cookies.

• Whenever we process your personal data, we do so on the basis of a lawful “justification” (or legal basis) for processing. In the majority of cases, the processing of your personal data will be justified on one of the following bases:
• processing is necessary to perform a contract with you or take steps that you have requested in order to enter into a contract (e.g., sale contract);
• processing is necessary for us to comply with a legal obligation;
• processing is in our legitimate interests as a business, and our interests are not overridden by your interests, fundamental rights or freedoms. Our legitimate interests may include our interest in using customer and Website user personal data to conduct and develop our business activities (including by carrying out standard marketing activities) with current and potential customers and Website users; and in establishing, exercising or defending legal claims;
• processing is based on your prior explicit consent, such as segmented and customized marketing activities.

We do not exchange, sell, or transfer your personal data in any way to third parties without first asking for your consent, in accordance with applicable data protection law.

We may however disclose your personal data to any of our affiliated companies, or to our service providers who assist us in providing the services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in performing other tasks, from time to time.

Your personal data will be accessible by authorized personnel of ĀTMA and affiliated companies, and service providers acting on our behalf on a need-to-know basis. Your personal data will be transferred from your country of residence to third countries where we operate, including the Netherlands, Belgium, Luxembourg, Germany, France, Austria, Switzerland, Italy, Spain, Portugal, the United Kingdom, Ireland, Denmark, Finland, Sweden, Canada, Japan, South Korea, Australia and the United States of America.

Some of these countries are subject to a data protection adequacy decision of the European Commission, whereas others such as the US are not. To ensure the protection of your personal data is consistent with applicable law, such transfers outside your country of residence or the EEA will be made pursuant to the EU Model Clauses, the EU-US or CH-US Privacy Shield certification, Binding Corporate Rules or other acceptable legal mechanisms.

We may also share your personal data with third parties in connection with potential or actual sale or restructuring of our company or any of our assets, or those of any affiliated company, in which case personal data held by us about our users may be one of the transferred assets.

We will also respond to requests for personal data where required to do so by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator or any other legal process served on us.

We place great importance on the security of all personal data associated with our users, and have instituted various security measures to protect the data you provide to us. Such data is stored on secure networks and can be accessed only by a limited number of people who have specific rights and are subject to a duty of confidentiality.

We have adopted security measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access. For the best possible protection of your personal data outside the limits of our control, your device should be protected (such as by updated antivirus systems) and your internet service provider should take appropriate measures for the security of network data transmission (such as, for example, firewalls and anti-spam filtering).

While we take reasonable steps to protect your personal data, we cannot guarantee that the personal data you disclose to us will be 100% secure, nor that any data breach will not occur.

You accept the inherent security implications of dealing on-line over the Internet and will not hold ĀTMA or its processors responsible for any data breach unless it is due to our negligence.

Our general approach is to retain your personal data only for as long as required to fulfil the purposes for which it was collected. We generally retain your personal data for three years from the end of our relationship or from the last contact from you, unless local law requires otherwise. However, in some circumstances we may retain personal data for longer periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements.

In specific circumstances we may also retain your personal data for longer periods of time corresponding to the applicable statute of limitations so that we have an accurate record of your dealings with us in the event of any complaints or challenges.

You have the following rights with respect to your personal data:

• Right to withdraw consent – where applicable, you have the right to withdraw your consent at any time. For example, if you wish to opt-out of receiving electronic marketing communications, you can change your settings in your account on the Website or use the ‘unsubscribe’ link provided in our emails, or otherwise contact us directly and we will stop sending you communications.

• Right of access, rectification and erasure – you have the right to request access to and obtain a copy of any of your personal data that we may hold, to request correction of any inaccurate data relating to you and to request the deletion of your personal data under certain circumstances. You can see and update most of this data yourself online, or by contacting directly info@atmaclimbing.com

• Right of data portability– Under certain conditions, you have the right to receive all such personal data which you have provided to us in a structured, commonly used and machine-readable format, and also to require us to transmit it to another controller where this is technically feasible.

• Right to restriction of processing – you have the right to restrict our processing of your personal data where:
– you contest the accuracy of the personal data until we have taken sufficient steps to correct or verify its accuracy;
– the processing is unlawful but you do not want us to erase the data;
– we no longer need your personal data for the purposes of the processing, but you require such data for the establishment, exercise or defence of legal claims;
– you have objected to processing justified on legitimate interest grounds (see below) pending verification as to whether we have overriding compelling legitimate grounds to continue processing.

Where personal data is subject to restriction in this way, we will only process it with your consent or for the establishment, exercise or defence of legal claims.

• Right to object to processing justified on legitimate interest grounds – where we are relying upon legitimate interest to process personal data, then you have the right to object to that processing. If you object, we must stop that processing unless we can either demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or where we need to process the data for the establishment, exercise or defence of legal claims. Where we rely upon legitimate interest as a justification for processing we believe that we can demonstrate such compelling legitimate grounds, but we will consider each case on an individual basis.

• Right to object to processing for marketing purposes – where we process personal data for direct marketing purposes, then you have the right to object to that processing at any time.
You also have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes applicable law.

For further information regarding your rights, to exercise any of your rights, or if you have any complaints or questions regarding the processing of your personal data please contact info@atmaclimbing.com

Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. We will endeavour to respond to your request as soon as possible and in any case within the applicable timeframes.

We may occasionally change this Policy, for example, to comply with new requirements imposed by the applicable laws or technical requirements. We will post the updated Policy on the Website. We may also notify you in case of material changes and seek your consent to those changes, where required by applicable law. You are thus encouraged to periodically review this page.