The Data Controller is Webidoo S.p.A. with registered office in Milan (MI), in Via Gioberti n. 8, C.F. and VAT number 10076860963, e-mail address [email protected], in the person of the legal representative.
The Data Controller has appointed a Personal Data Protection Officer (so-called Data Protection Officer – D.P.O.) who can be contacted at the e-mail address [email protected]
Personal Data may be entered voluntarily by the User, or collected automatically while browsing the site. Failure by the User to provide some personal data may not allow the Owner to provide the requested services. . The processing of data, for the purposes referred to in paragraph 6, may take place using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated, adopting all the technical and procedural security measures deemed adequate, aimed at prevent unauthorized access, disclosure, modification or destruction of personal data, identified and updated on the basis of IT risk, as indicated by art. 32 of the GDPR.
In addition to the Data Controller, categories of persons authorized to process the processing involved in the development and execution of the services provided by the Data Controller through this website, and related activities (administrative staff, commercial staff, system administrators) may have access to the data. or external parties (such as third party technical service providers, hosting providers, consultants). The personal data expressly provided by the Users will be communicated to third parties only if the communication is necessary to pursue the purposes referred to in paragraph 6. All the employees or suppliers used by the Data Controller for the processing of the User’s personal data have been appropriately and legally authorized and made responsible for the methods and purposes of the processing attributed to them; they will act in compliance with and in accordance with this information. The list of these subjects is constantly updated and available at the headquarters of the Data Controller.
The User’s personal data are processed to allow the Owner:
a. to provide the services provided by the site and respond to the User’s requests. The legal basis of this processing is the need to execute a User’s request, execute a contract and / or pre-contractual measures adopted at the request of the person to whom the data refers. For this purpose the provision of personal data is necessary; therefore, failure to provide them will make it impossible for the User to obtain the services requested from the Owner;
b. to send the User communications for marketing activities on their services / products through automated (e-mail, text message, autoresponders) and non-automated (ordinary mail, telephone with operator) tools. The legal basis of the processing is the free and optional consent of the User. The possibility remains for the User to oppose the sending of such communications at any time, revoking the consent previously expressed;
c. to fulfill, in general, any obligation deriving from applicable legislation or an order of the Authority, and administrative, accounting and tax activities. The legal basis of the processing for this purpose is the legal obligation;
d. to ensure that the Site is updated and meets the needs of Users, to analyze, review and improve the services of the Site and, if necessary, exercise the rights of action and defense in court. The legal basis of the processing for this purpose is the legitimate interest of the Data Controller in the protection of their assets, their business and their rights.
The processed data will be kept for the period strictly necessary for the pursuit of the aforementioned purposes and / or for the different time prescribed by law. The data processed for the purposes indicated in lett. b. of art. 6 will be kept for 5 (five) years from the moment the consent is given. At any time, the User can revoke the consent given previously. The User may at any time request to interrupt the provision of the service and exercise his rights referred to in paragraph 9 below.
The User’s personal data will not be transferred outside the EEA area; should the Data Controller transfer the User’s personal data outside the territory of the European Union, such transfers will be covered with an adequate level of protection.
As a data subject, the GDPR grants the User specific rights, including those to ask the Data Controller:
To exercise their rights, the User may contact the Data Controller in writing at the addresses referred to in paragraph 1. Without prejudice to any other administrative or judicial appeal, the User also has the right to lodge a complaint with a Supervisory Authority, if believes that the processing in question is carried out in violation of the GDPR; for Italy, the Guarantor for the protection of personal data is competent, which can be contacted via the contact details available on the website http://www.garanteprivacy.it
Last updated: 09/02/2021