Owner of the data processing
Types of data collected
Among the personal data collected by this website, either autonomously or through third parties, are: name, surname, telephone number, e-mail, various types of data, gender, date of birth, cookies, usage data and geographical position.
Personal data may be freely provided by the user or, in the case of usage data, automatically collected during the use of this website.
Unless otherwise specified, all data requested by this website are mandatory. If the user refuses to communicate them, it may be impossible for this website to provide the service. In cases where this website indicates certain data as optional, users are free to refrain from communicating such data, without this having any consequence on the availability of the service or its operation.
Users who may have doubts as to which data is mandatory are encouraged to contact the Data Controller.
The user assumes responsibility for the personal data of third parties obtained, published or shared through this website and guarantees that he/she has the right to communicate or disseminate them, releasing the Owner from any liability towards third parties.
Methods and location of data processing
The Owner adopts appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data. The treatment is carried out by computer and / or telematic tools, with organizational methods and logic closely related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organization of this website (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller, may have access to the data. The updated list of data processors can always be requested from the Data Controller.
Legal basis of the treatment
The Data Controller processes personal data relating to the user if one of the following conditions exists:
- the user has given consent for one or more specific purposes. Note: in some jurisdictions, the Controller may be authorized to process personal data without the user’s consent or another of the legal bases specified below, until the user objects (“opts out”) of such processing. However, this does not apply if the processing of personal data is governed by European data protection legislation;
- the processing is necessary for the performance of a contract with the user and/or the execution of pre-contractual measures;
- the processing is necessary to comply with a legal obligation to which the Data Controller is subject;
- the processing is necessary for the performance of a task of public interest or for the exercise of public powers vested in the Data Controller;
- the processing is necessary for the pursuit of the legitimate interest of the Data Controller or of third parties.
However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each processing and in particular to specify whether the processing is based on law, provided for by a contract or necessary to conclude a contract.
Data is processed at the Controller’s operational headquarters and at any other location where the parties involved in the processing are located. For more information, please contact the Data Controller.
The user’s personal data may be transferred to a country other than the one in which the user is located. To obtain further information on the location of the processing, the user may refer to the section on details on the processing of personal data.
You have the right to obtain information about the legal basis for the transfer of data outside the European Union or to an international organization under public international law or formed by two or more countries, such as the UN, as well as the security measures taken by the Controller to protect the data.
Should one of the transfers just described take place, the user may refer to the respective sections of this document or ask the Data Controller for information by contacting him at the contact details given at the beginning.
Period of conservation
The data are processed and stored for the time required by the purposes for which they were collected.
- Personal data collected for purposes related to the execution of a contract between the Data Controller and the user will be retained until the execution of that contract is completed.
- Personal data collected for purposes related to the legitimate interest of the Controller will be retained until such interest is satisfied. You may obtain further information about the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.
When processing is based on your consent, the Controller may keep your personal data longer until such consent is revoked. In addition, the Controller may be obliged to retain personal data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, the personal data will be deleted. Therefore, at the expiry of this period, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
Purposes of data processing
User data is collected to enable the Controller to provide its services, as well as for the following purposes: contacting the user, statistics, registration and authentication, hosting and backend infrastructure and location-based interactions.
To obtain further detailed information on the purposes of processing and the personal data concretely relevant for each purpose, the user may refer to the relevant sections of this document.
Personal data processing details
Personal data is collected for the following purposes and using the following services:
1. Get in touch with the user
Contact form (this website)
The user, by filling out the contact form with their data, consent to their use to respond to requests for information, quotes, or any other nature indicated by the header of the form. Personal data collected: surname, date of birth, e-mail, name, telephone number, gender and various types of data.
Mailing list or newsletter (this website)
By registering to the mailing list or newsletter, the user’s e-mail address is automatically included in a list of contacts to whom e-mail messages containing information, also of a commercial and promotional nature, relating to this website may be sent. The user’s e-mail address may also be added to this list as a result of registering with this website or after making a purchase. Personal data collected: surname, date of birth, e-mail, name, telephone number, gender and various types of data.
Hosting and backend infrastructure
These types of services are intended to host data and files that enable this website to function, allow for their distribution, and provide a ready-to-use infrastructure to deliver specific features of this website.
Some of these services operate through servers located geographically in different locations, making it difficult to determine the exact location where personal data is stored.
OVH Srl (Socio Unico) Capitale Sociale €. 10.000,00 i.v.
Codice Fiscale e Partita IVA 06157670966 Registro Imprese di Milano n° 06157670966
REA n° 1873458.
Sede Legale: Via Carlo Imbonati, 18 20159 Milano
2. Location-based interactions
Non-Continuous Geolocation (this website)
This website may collect, use and share data relating to your geographical location in order to provide location-based services.
Most browsers and devices provide by default tools to deny geographic tracking. If you have expressly authorized this option, this website may receive information about your actual geographic location.
The geographic location of the user is not continuous, upon specific request of the user or when the user does not indicate in the appropriate field the place where he is and allows the application to automatically detect the position.
Personal data collected: geographical position.
3. Registration and authentication
By registering or authenticating, the user allows the application to identify him and give him access to dedicated services.
Depending on what is stated below, the registration and authentication services may be provided with the help of third parties. If this is the case, this application will be able to access some data stored by the third-party service used for registration or identification.
Facebook Authentication (Facebook, Inc.)
Facebook Authentication is a registration and authentication service provided by Facebook, Inc. and connected to the social network Facebook.
Google OAuth (Google Inc.)
Google OAuth is a registration and authentication service provided by Google Inc. and connected to the Google network.
I servizi contenuti nella presente sezione permettono al Titolare del Trattamento di monitorare e analizzare i dati di traffico e servono a tener traccia del comportamento dell’utente.
Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the personal data collected for the purpose of tracking and examining the use of this website, compiling reports and sharing them with other services developed by Google.
Google may use personal information to contextualize and personalize ads in its ad network.
Personal data collected: Cookies and usage data.
Users may exercise certain rights with reference to the data processed by the Data Controller.
In particular, the user has the right to:
- revoke consent at any time. The user can revoke the consent to the processing of their personal data previously expressed.
- oppose the processing of his/her data. You may object to the processing of your data when it is done on a legal basis other than consent. Further details on the right to object are provided in the section below.
- access his/her own data. The user has the right to obtain information on the data processed by the Controller, on certain aspects of the processing and to receive a copy of the processed data.
- verify and request rectification. The user can verify the correctness of his/her own data and request updating or correction.
- obtain the limitation of the treatment. When certain conditions are met, the user may request the limitation of the processing of their data. In this case, the Data Controller will not process the data for any purpose other than their preservation.
obtain the cancellation or removal of their personal data. When certain conditions are met, the user may request the cancellation of their data by the Controller.
- receive his/her data or have them transferred to another Data Controller. You have the right to receive your data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred without hindrance to another Data Controller. This provision is applicable when the data is processed by automated means and the processing is based on the user’s consent, a contract to which the user is a party or contractual measures related thereto.
- propose complaint. The user may lodge a complaint with the competent data protection supervisory authority or take legal action.
Details of the right to object
When personal data are processed in the public interest, in the exercise of public authority vested in the Data Controller or in pursuit of a legitimate interest of the Data Controller, users have the right to object to the processing for reasons related to their particular situation.
Users are reminded that if their data were processed for direct marketing purposes, they may object to the processing without providing any reasons. To find out whether the Data Controller processes data for direct marketing purposes, users can refer to the respective sections of this document.
How to exercise rights
In order to exercise user rights, users can address a request to the contact details of the Controller indicated in this document. Requests are filed free of charge and processed by the Controller as soon as possible, in any case within one month.
Further information on the treatment
The user’s personal data may be used by the Data Controller in legal proceedings or in the preparatory phases of such proceedings in order to defend against abuse in the use of this website or related services by the user.
The user declares that he/she is aware that the Owner may be obliged to disclose the data by order of public authorities.
System logs and maintenance
For operational and maintenance purposes, this website and any third party services used by it may collect system logs, i.e. files that record interactions and which may also contain personal data, such as the user’s IP address.
Information not contained in this policy
Further information in relation to the processing of personal data may be requested at any time from the Data Controller using the contact details.
Response to “Do Not Track” requests
This website does not support “Do Not Track” requests.
To find out if any third party services you use support them, you are encouraged to consult their respective privacy policies.
Definitions and legal references
Personal data (or Data)
Personal data is any information that, directly or indirectly, even in conjunction with any other information, including a personal identification number, makes a natural person identified or identifiable.
This is information collected automatically through this website (including by third party applications integrated into this website), including: IP addresses or domain names of computers used by the user who connects with this website, URI (Uniform Resource Identifier), the time of the request, the method used to forward the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.. ) the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (e.g. the time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters relating to the operating system and the user’s IT environment.
The individual who uses this website which, unless otherwise specified, coincides with the Data Subject.
The natural person to whom the personal data refers.
Data Processor (or Manager)
Data Controller (or Owner)
The natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data and the instruments adopted, including the security measures relating to the operation and use of this website. The Data Controller, unless otherwise specified, is the owner of this website.
This website (or this application)
The hardware or software tool by which Users’ personal data are collected and processed.
The service provided by this website as defined in the relevant terms (if any) on this website/application.
European Union (or EU)
Unless otherwise specified, any reference to the European Union in this document shall be deemed to extend to all current member states of the European Union and the European Economic Area.
Small piece of data stored within the user’s device.