The Data Controller adopts the appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data.
The processing is carried out using IT and/or electronic tools, with organisational methods and with logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organisation of this Application/Website (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third-party technical service providers, couriers postal services, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Managers can always be requested from the Data Controller.
Legal basis of data processing
The Data Controller processes the Personal Data relating to the User in the event that one of the following conditions exists:
- the User has given consent for one or more specific purposes; Note: in some jurisdictions, the Data Controller may be authorised to process Personal Data without the User's consent or another of the legal bases specified below, provided that the User does not object ("opt-out") to such treatment. However, this is not applicable if the processing of Personal Data is governed by European legislation on the protection of Personal Data;
- the processing is necessary for the execution of a contract with the User and/or for the execution of pre-contractual measures;
- the processing is necessary to fulfil a legal obligation to which the Data Controller is subject;
- the processing is necessary for the execution of a task of public interest or for the exercise of public powers with which the Data Controller is invested;
- the processing is necessary for the pursuit of the legitimate interest of the Data Controller or of third parties.
However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each processing and, in particular, to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.
The Data is processed at the Data Controller's operating offices and in any other place where the parties involved in the processing are located. For more information, you can contact the Data Controller.
The User's Personal Data may be transferred to a country other than that in which the User is located. To obtain further information on the processing location, the User can refer to the section relating to the details on the processing of Personal Data.
The User has the right to obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organisation governed by public international law or constituted by two or more countries, such as, for example, the UN, as well as regarding the security measures adopted by the Data Controller to protect the Data.
The User can verify whether one of the transfers described above takes place by examining the section of this document relating to the details on the processing of Personal Data or request information from the Data Controller by contacting the latter via the contact details indicated at the beginning.
The Data are processed and retained for the time required by the purposes for which they were collected.
- Personal Data collected for purposes relating to the execution of a contract between the Data Controller and the User shall be retained until the execution of this contract is completed.
- Personal Data collected for purposes attributable to the legitimate interest of the Data Controller shall be retained until such interest is satisfied. The User can obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.
When the processing is based on the User's consent, the Data Controller can keep the Personal Data for longer until said consent is revoked. Furthermore, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, the Personal Data will be erased. Therefore, upon expiry of this term, the right of access, erasure, rectification and the right to data portability can no longer be exercised.
Purposes of processing of the gathered Data
The User's Data is collected to allow the Data Controller to provide the Service, fulfil legal obligations, respond to requests or executive actions, protect its rights and interests (or those of Users or third parties), identify any malicious activity or fraudulent, as well as for the following purposes: displaying content from external platforms; managing contacts and sending messages; contacting the User; interacting with data collection platforms and other third parties; statistics and tag management.
To obtain detailed information on the purposes of the processing and on the Personal Data processed for each purpose, the User can refer to the "Details on the processing of Personal Data" section.