PRIVACY STATEMENT PURSUANT TO ART. 13 OF EU REGULATION 679/2016 (GDPR)

Pursuant to Article 13 of EU Regulation 679/2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”), we hereby inform Users that the company that owns the website, indicated at the bottom of the Home Page of the website itself, acts as Data Controller (hereinafter “Controller”) within the limits of the personal data processing operations specified in the following Privacy Policy. For further information in relation to such processing not included in the following Privacy Policy, the User may contact the Controller at any time using the contact information provided.
In accordance with the legislation indicated, such processing will be based on the principles of correctness, lawfulness and transparency and protection of your confidentiality and your rights.

1. Personal data collected and processed

a) Navigation data

The computer systems and software procedures used to operate this site acquire, during normal operation and for the sole duration of the connection, certain data that are then implicitly transmitted during the use of Internet communication protocols.

b) Data provided voluntarily by Users/Visitors

Data provided directly by Users of the site, such as telephone number, email, first and last name, profession, province, state, country, city and postcode, sex and date of birth, products/services purchased as well as information relating to payment channels and methods, may be collected and processed.

c) Cookies

This site uses cookies or markers, packets of information sent by a web server (in this case, this site) to the visitor’s/user’s browser and automatically stored by the latter on his/her device (personal computer, tablet, mobile phone, etc.) and automatically sent back to the server each time the site is accessed, as specified in the site’s Cookie Policy.

2. Methods of collection and processing

.
Personal Data may be entered voluntarily by the User, or collected automatically while browsing the site.                                                                                   .

Failure by the User to provide certain personal data may prevent this site from providing its services.                                                                          .

The processing is carried out by means of computer and/or telematic tools, with organisational methods and logics strictly related to the indicated purposes, adopting all the technical and procedural security measures considered adequate, aimed at preventing unauthorised access, disclosure, modification or destruction of Personal Data, identified and updated on the basis of the computer risk, as indicated by art. 32 of the GDPR.

3. Persons involved in the processing

.
In addition to the Data Controller, in some cases, categories of authorised persons involved in the development and management of the services provided by the company through this website (administrative, sales, marketing, legal, system administrators) or external parties (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies, web platform managers) may have access to the data.

Specifically, Webidoo S.p.A., in providing the services of this website, acts as the External Responsible for the processing of personal data concerning the Users of the website itself.

4. Purposes of the Treatment

a) The User’s personal data are collected and processed to allow the Owner to provide its services, specifically: access to third party service accounts made available voluntarily by the users themselves, registration and authentication, interaction with social networks and external platforms, social functions, interaction with live chat platforms, address management and sending email messages, viewing content from external platforms and interaction with support and feedback platforms.

b) The information collected through both technical and profiling cookies, as better specified in the cookie policy, may be used for remarketing and behavioral targeting activities as well as for statistical and performance analysis of the site.

c) Furthermore, Users who have provided their telephone number and email address may be contacted for commercial or promotional purposes related to this site, only after they have given their specific consent to commercial communications.

d) Finally, the User’s personal data may be used by the Data Controller to defend itself in court or in the preparatory stages of its possible establishment, against abuse in the use of the site or related services by the User.

5. Time and place of storage

.
The Data will be kept for the period of time strictly necessary for the pursuit of the above-mentioned purposes. Processing and storage are carried out at the Data Centres of webidoo S.p.A. located in Italy or at subjects established in the territory of countries belonging to the European Union.

The User may at any time request to interrupt the provision of the service and exercise his or her rights under paragraph 6 of this document.

6. Rights of the User

As a Data Subject, the GDPR confers specific rights on the User, including the right to ask the Data Controller:

● confirmation as to whether or not your personal data are being processed and, if so, to obtain access to them (Art. 15 ‘Right of access’)

the rectification of inaccurate personal data, or the integration of incomplete personal data (Art. 16 ‘Right of rectification’);

● the deletion of the data itself, in the presence of one of the reasons provided for by the GDPR (art. 17 “right of deletion”), where applicable;

● to limit the processing of their data, in the presence of one of the reasons provided by the GDPR (art. 18 “right of limitation”);

● to receive the personal data provided by you in a structured, commonly used and machine-readable format, as well as to transmit them to another Data Controller (Art. 20 “right to portability”), where applicable.

In addition, the User has the right to revoke consent to the processing of his/her data for the purposes referred to in point c) of paragraph 4 at any time, without prejudice to the lawfulness of the processing based on the consent given before revocation, and to object at any time to the processing for marketing purposes possibly based on legitimate interest (Art. 21 “right to object”).

In order to exercise their rights, the User may send a request in writing to the Data Controller at its registered office indicated on the same site.

Without prejudice to any other administrative or judicial remedy, the User also has the right to lodge a complaint with a Supervisory Authority if he/she considers that the processing in question is carried out in breach of the GDPR. Further information is available on the http://www.garanteprivacy.it website.