Privacy Policy

PRIVACY STATEMENT PURSUANT TO ART. 13 OF EU REGULATION 679/2016 (GDPR)

Pursuant to Article 13 of the EU Regulation 679/2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”), we inform Users that the company that owns the site, indicated at the bottom of the Home Page of the site itself, acts as Data Controller (hereinafter “Controller”) within the limits of the personal data processing specified in the following Privacy Policy. For further information in relation to such processing not covered by the following Privacy Policy, the User may contact the Controller at any time using the contact information provided. In accordance with the legislation indicated, such processing will be based on the principles of correctness, lawfulness and transparency and the protection of your privacy and your rights.

1. Personal data collected and processing

a) Navigation data The computer systems and software procedures used to operate this site acquire, during normal operation and for the sole duration of the connection, certain data that are then implicitly transmitted during the use of Internet communication protocols. b) Data provided voluntarily by Users/Visitors Data provided directly by Users of the site may be collected and processed, such as telephone number, email, first and last name, profession, province, state, country, city and postcode, sex and date of birth, products/services purchased as well as information on payment channels and payment methods. c) Cookies This site uses cookies or markers, packets of information sent by a web server (in this case, this site) to the visitor’s/user’s browser and automatically stored by the latter on his/her device (personal computer, tablet, mobile phone, etc.) and automatically sent back to the server each time the site is accessed, as specified in the site’s Cookie Policy.

2. Methods of collection and processing

Personal Data may be entered voluntarily by the User, or collected automatically when browsing the site. If the User fails to provide certain personal data, this site may not be able to provide its services. The processing is carried out using computer and/or telematic tools, with organisational methods and logics strictly related to the purposes indicated, adopting all the technical and procedural security measures deemed appropriate, aimed at preventing unauthorised access, disclosure, modification or destruction of Personal Data, identified and updated on the basis of the computer risk, as indicated in Article 32 of the GDPR.

3. Persons involved in treatment

In addition to the Data Controller, in some cases, categories of persons authorised to process data involved in the development and management of the services provided by the company through this website (administrative, sales, marketing, legal, system administrators) or external parties (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies, web platform operators) may have access to the data. Specifically, Webidoo S.p.A., in the context of providing the services of this site, is configured as External Responsible for the processing of personal data concerning the Users of the site itself.

4. Purpose of Processing

a) The User’s personal data are collected and processed to enable the Controller to provide its services, specifically: access to third party service accounts made available voluntarily by the users themselves, registration and authentication, interaction with social networks and external platforms, social functions, interaction with live chat platforms, address management and sending email messages, viewing content from external platforms and interaction with support and feedback platforms. b) The information collected through both technical and profiling cookies, as better specified in the cookie policy, may be used for remarketing and behavioral targeting activities as well as for statistical and site performance analysis. c) In addition, Users who have provided their telephone number and email address may be contacted for commercial or promotional purposes related to this site, only after specific consent to commercial communications has been given. d) Finally, the User’s personal data may be used for the defence by the Data Controller in legal proceedings, or in the preparatory stages of such proceedings, against abuses in the use of the site or related services by the User.

5. Time and place of storage

The Data will be kept for the period of time strictly necessary for the pursuit of the purposes indicated above. The processing and storage are carried out at the Data Centres of webidoo S.p.A. located in Italy or at entities established in the territory of countries belonging to the European Union. The User may at any time request to interrupt the provision of the service and exercise his/her rights as set out in paragraph 6 of this document.

6. Rights of the User

As a Data Subject, the GDPR confers specific rights on the User, including the right to request from the Data Controller: ● confirmation as to whether or not your personal data is being processed and, if so, to obtain access to it (Art. 15 ‘Right of access’); ● the rectification of inaccurate personal data, or the integration of incomplete personal data (Art. 16 ‘Right of rectification’) ● the deletion of the data themselves, in the presence of one of the reasons provided for by the GDPR (Art. 17 ‘right of deletion’), where applicable; ● to restrict the processing of your data, if one of the grounds provided for by the GDPR applies (Art. 18 ‘Right to restriction’); ● to receive the personal data you provide in a structured, commonly used and machine-readable format, as well as to transmit them to another Data Controller (Art. 20 ‘Right to portability’), where applicable. In addition, the User has the right to revoke consent to the processing of his or her data for the purposes referred to in point c) of paragraph 4 at any time, without prejudice to the lawfulness of the processing based on the consent given prior to revocation, and to object at any time to the processing for marketing purposes possibly based on legitimate interest (Art. 21 “right to object”). In order to exercise his or her rights, the User may send a request, in writing, to the Data Controller at his or her office indicated on the site. Without prejudice to any other administrative or jurisdictional recourse, the User also has the right to lodge a complaint with a Supervisory Authority if he considers that the processing in question is carried out in breach of the GDPR. Further information is available on the website http://www.garanteprivacy.it.