Last modified: 6 Settembre 2018
Introduction and definitions
By opening an Emmeuno account (hereinafter “The Licensor”) and the consequent acceptance of our terms and conditions, the User explicitly gives his/her consent to the processing of his/her personal data provided by the same for the purposes indicated below and which will be managed by the Licensor identified below as Data Controller of personal data in accordance with European Regulation no 2016/679. Further consent must be explicitly given by the User for direct and indirect marketing purposes.
For the purposes of reading and the correct interpretation of this Information Note:
- “personal data” means any information concerning an identified or identifiable natural person (“data subject”); the natural person who can be identified, directly or indirectly, with particular reference to an identifier such as the name, an identification number, identity document, place and residence data, contact data such as email address or telephone number, an online ID or one or more characteristic elements of his/her identity and economic and social status;
- “processing” means any operation or set of operations which are performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- “profiling” means any form of automated processing of personal data consisting in the use of said personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning the work performance, the financial situation, health, personal preferences, interests, reliability, behaviour, location or movements;
- “filing system” means any structured set of personal data which is accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis;
- “data controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
- “processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the data controller;
- “third party” means a natural or legal person, public authority, agency or body other than the data subject, the data controller, the processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
- “consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wish by which he or she, by means of a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
For the purposes of this Information Note, the Data Controller of personal data is the company S.W. Globoo Limited, email firstname.lastname@example.org as a legal entity (hereinafter also “Data Controller”) which manages this service.
The processing of data collected by the Data Controller may also be carried out by Group Companies on behalf of the Data Controller, or by Third Parties as independent data controllers or on behalf of the Data Controller, whether they are ancillary service providers to perform the service as well as the supplier of the Internet connectivity services, in compliance with the consent given by the user where necessary, for the processing purposes described below.
The Data Protection Officer within the Data Controller’s organisation can be reached by e-mail addressed to email@example.com
Purposes of the processing
The data provided by the user when registering his/her account, as well as the data subsequently provided for purposes other than the registration of his/her account, are processed by the undersigned Data Controller for the following purposes.
a. PURPOSE OF REGISTRATION OF THE ACCOUNT, FRUITION OF SERVICES OFFERED, AND FULFILMENT OF THE DATA CONTROLLER’S LEGAL OBLIGATIONS.
- Registration of the user to the service and setting his/her account according to the various options allowed by the portal in harmony and according to the provisions of the applicable legislation.
- Technical-administrative interventions by the competent departments within the company or the companies belonging to the group for an optimal configuration of the account and the consequent use of the services and products offered by the Licensor, including verification of the existence of the functional personal requirements both for validation of the account, and, subsequently, for the existence of the same requirements to enjoy the products offered by SW Globoo Limited, in accordance with the regulations of the Licensor contained in the various sections of this website and accepted by the user
- any activity aimed at a correct execution of these Terms and Conditions of Use either by the User or the Licensor, including the settlement of any disputes, as well as the prevention and repression of any fraudulent and/or illegal activity.
b. PROMOTIONAL, ADVERTISING AND DIRECT AND INDIRECT MARKETING PURPOSES.
By registering to the website and accepting the terms and conditions of use, the User expressly accepts that his/her personal data are used by the Data Controller for promotional activities dedicated to customers, ensuring the correct and transparent information about the products offered on the portal, the proposed services, the fixed-term promotional campaigns which by their nature and in order to ensure an equal information among all Users, require to be forwarded to the contact details provided by the User to the Licensor for this purpose.
In particular, the activities referred to above as direct marketing activities consist of and are used for:
- Sending advertising material, information, website updates, commercial proposals and promotional offers which may be of interest to the customer;
- Conducting market surveys and opinion polls on customer satisfaction, the quality of products and services offered, as well as collecting complaints and useful suggestions;
In order to improve the website services as well as a more an efficient management of direct marketing activities, the Licensor may use profiling data, as defined in the introduction of this Information note.
Depending on the needs of the Licensor, the profiling activity may be carried out on individual or aggregated data, the latter referring to a collective data processing of all or a group of users.
The willingness of the user to accept the processing of his/her data for the purposes listed and defined above, must always be optional, without prejudice to the possibility of the user to request either the correction of any personal data provided, or their limitation to be used only for purposes strictly necessary for the execution of the agreement, and their cancellation in the ways specified below in the specific paragraph dedicated to exercising user rights.
c. TRANSMISSION OF PERSONAL DATA TO THIRD PARTIES FOR SPECIFIC PURPOSES.
The processing of personal data could also be carried out by third parties, including the companies of the S.W. Globoo Limited Group located within the borders of the European community to which the Licensor entrusts certain activities (or parts of these) for conferring the purposes mentioned in point a) and, should he/she have given their consent, for the further purposes mentioned in point b), in this case the same subjects will operate as autonomous data controllers or will be designated as data processors.
The Licensor will issue appropriate operating instructions to the data controllers, with particular reference to the adoption of the minimum security measures, in order to guarantee the confidentiality and safety of the data.
The third parties mentioned above are basically included in the following categories:
- All public entities entitled to request data;
- Judicial Authorities, Public Safety Authorities, for verifying compliance with regulatory requirements, for supplying communications required by law, or for asserting, ascertaining and/or ensuring compliance with a right in court;
- subjects to whom we entrust the installation/maintenance of the systems and/or IT/computer systems) or subjects to whom the Licensor may entrust assistance, advertising, promotions and customer sales activities;
- companies or authorities operating in the field of fraud prevention,
- companies responsible for printing and shipping documents to customers;
DATA RETENTION AND EXERCISE OF USER RIGHTS PURSUANT TO ART. 13 OF THE COMMUNITY REGULATION.
The data will always be kept in an archive filed in a secure and encrypted environment, inaccessible to third parties other than those specified in this information note and exclusively for the reasons identified above.
The data collected for the purposes indicated in this information note, do not prejudice the exercise by the User of the right pursuant to Art. 13 et seq. of the community regulation, which provides for the right of rectification, limitation of processing or cancellation of the same in harmony, in the manner and for the reasons provided for in articles 16, 17 and 18 of said Community Regulation.
The exercise of this right is guaranteed by our site both through actions indicated on the advertising materials submitted, or by contacting S.W. Globoo Limited at the email address firstname.lastname@example.org
In any case, the Data Controller will retain these for the time necessary to ensure that all the contractual obligations and the fulfilments required are carried out. After closure of the account, such data will be retained for a period of time of not less than 5 years. However, they could be kept for a longer period of time than established in compliance with further rules and regulations, for the establishment, exercise or defence of a legal claim or to protect the rights of another natural or legal person or for reasons of significant public interest of the Union or of a Member State.
RIGHT OF ACCESS
Pursuant to art. 15 of the Regulation, the User has the right to obtain from the data controller confirmation as to whether his/her personal data is or is not being processed, and if so, to access his/her personal data and the following information:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right of the data subject to request from the controller rectification or erasure of personal data or the restriction of processing of personal data concerning him/her or to object to such processing;
- the right to lodge a complaint with a supervisory authority;
- where the personal data are not collected from the data subject, all available information as to their source;
- the existence or not of an automated decision-making processing, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
Should the personal data be transferred to a third country or to an international organisation, the data subject has the right to be informed of the appropriate safeguards pursuant to Article 46 of the GDPR Regulation relating to the transfer.
The data controller shall provide a copy of the personal data being processed. For any further copies requested by the data subject, the controller may charge a reasonable fee based on administrative costs. Where the data subject makes the request by electronic means, and unless otherwise requested by the data subject, the information shall be provided in a commonly used electronic form.
- The right to obtain a copy referred to in paragraph 3 shall not adversely affect the rights and freedoms of others.
RIGH TO ERASURE
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
- a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- b) the data subject withdraws the consent on which the processing is based according to Article 6, section 1, letter a) or Article 9, section 2, letter a) of the Regulation and where there is no other legal ground for the processing;
- c) the data subject objects to the processing pursuant to Article 21, section 1 of the Regulation and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21, section 2;
- d) the personal data have been unlawfully processed;
- e) the personal data must be erased in order to comply with a legal obligation envisaged by Union or Member State law to which the controller is subject;
- f) the personal data have been collected in relation to the information company service offer referred to in Article 8, section 1.
The right to erasure does not apply in the cases described in letter C) of this information note.
WITHDRAWAL OF CONSENT AND RIGHT TO OBJECT
Where the User has given his/her consent to the processing of his/her personal data, this can subsequently be revoked, corrected or restricted, in compliance with the procedures and with the obligations and limits imposed by the Regulation. These rights can be exercised simply by informing the Data Controller by e-mail at email@example.com.
Following this request, the Data Controller must proceed as instructed by the User, notifying the same will to any third parties to whom the data have been legitimately communicated for the same purposes referred to in this Information note.
Pursuant to art. 21 of the Regulation, the User shall have the right to object at any time to the processing of personal data concerning him or her for the purposes set out above.
Following this objection, the data controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of a legal claim.
It is also specified that, should the personal data be processed for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning him or her for such marketing, including profiling, to the extent that it should be related to such direct marketing.
Should the data subject object to the processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
The exercise of the rights of the data subject provided for by art. 15 to art. 22 of the Regulation is, in principle, free for the data subject. Articles 15 to 23 of the Regulation are in any case available at this link: http://eur-lex.europa.eu/legal-content/IT/TXT/HTML/?uri=CELEX:32016R0679&from=IT
Finally, the Customer has the right to lodge a complaint/report/appeal to the Italian Data Protection Authority pursuant to Articles 141 et seq. of the Privacy Code and 77 of EU Regulation 679/2016. In order to exercise his/her rights, the Customer may use physical persons, bodies, associations or organisations, conferring, for this purpose, a written proxy.
The Customer can also be assisted by a trusted person. To find out about your rights, lodge a complaint/report/appeal and always be up-to-date on legislation on the protection of persons as concerns the processing of personal data, the Customer can contact the Italian Data Protection Authority, consulting the website at the address http://www.garanteprivacy.it/
All websites and services available at www.globoo.eu and www.goboo.it and the related subdomains are owned by S.W. Globoo Limited.
Use of website consent
The services and their contents are protected in accordance with the current legislation on copyright. The user is not authorised to modify, publish, transmit, share, transfer, reproduce, reprocess, distribute, execute, give access or commercially exploit in any way the contents or services (including software) owned by S.W. Globoo Limited.
The user is authorised to download the material made available on condition that he/she faithfully reproduces all the copyright indications and does not alter the form. The download is allowed only for personal or informative use; therefore, any use for commercial purposes is excluded.
Software user licence
The user does not acquire any rights in relation to the use of the software present in the websites of S.W. Globoo Limited, excluding the personal use required to use the services themselves. Therefore, the user may not grant usage rights, assign or transfer licences in relation to such software.
For any communication concerning the terms and conditions of use and to report any violation of the websites of S.W. Globoo Limited the user can write to firstname.lastname@example.org