INFORMATION AND CONSENT TO THE PROCESSING OF PERSONAL DATA
We thank you for your interest in our company and our products.
The Spindox business group, headed by SPINDOX S.p.A., with registered office in Via Bisceglie 76, 20152 Milan, Italy, VAT No. IT09668930010, as a parent company, is committed to the protection of the personal data entrusted to it, ensuring that the processing is compliant with the requirements of the privacy legislation (EU Regulation 2016/679 or GDPR and Legislative Decree 101/2018) .
This policy illustrates who we are, for what purposes we may use your data, how we manage it, to whom it may be disclosed, where it may be transferred and what your rights are.
1 | WHO WILL PROCESS MY DATA
Your data will be processed by the Spindox group, in the role of the Data Controller, who can be contacted by written communication in Via Bisceglie 76, 20152 Milan, Italy or by e-mail to the following address: email@example.com.
The Spindox group has nominated for its parent company, as well as for all its branches (all those to which the European legislation can be applied to) a Personal Data Protection Officer who can be contacted at the address of the Data Controller.
The list of external data processors is available at the Spindox group headquarters in Milan, Italy.
2 | WHAT KIND OF DATA IS GOING TO BE PROCESSED?
The data that the Spindox group is going to process in its role as Data Controller, are:
- name and last name;
- e-mail address;
- job title;
- company name;
- telephone number;
- IP address;
- date/time of the newsletter subscription or event registration;
- information available on the internet from sources such as LinkedIn, Facebook, Twitter or Google;
- activity tracking through automated marketing tools (for example tracking of opened emails, downloaded documents, sites visited, participation in events).
3| WHERE DO YOU COLLECT MY DATA?
The Spindox group could collect your data from different sources. Possible data sources could be for example:
- chat/virtual assistant;
- newsletter subscription;
- information request;
- interactions on social media;
- participations in events;
- public records;
- customer databases.
It’s your right to ask in detail how the Spindox group came into possession of your data.
The data processing may be carried out only for the purposes and with the legal basis indicated in the following.
4 | WHY AND ON WHICH BASIS ARE YOU PROCESSING MY DATA?
The Spindox group will use your data exclusively for the following purposes:
- to allow the Data Controller to expand the range of companies interested in its products or services, to customize communication and increase user engagement;
- to allow the Data Controller to manage all marketing phases, up to the possible signing of a contract;
- to allow the Data Controller to create and manage a database consisting of data obtained on the occasion of events or through interactions on the website and on social networks;
- to allow the Data Controller to create personalized proposals and to send communications in the context of direct marketing activities.
The Spindox group will process the data on the basis of your consent. It follows that the provision of personal data is mandatory for the purposes listed under point 4.
Any partial or total failure to provide the data will result in the partial or total impossibility of achieving the aforementioned purposes.
The extent and adequacy of the data provided will be evaluated from time to time, in order to determine the resulting decisions and avoid the processing of data in excess of the purposes pursued.
We will not use your data for purposes other than and additional to those described in this statement, except by informing you in advance and, where necessary, obtaining your consent.
The Spindox group can avoid the solicitation of your consent only if it uses the e-mail coordinates previously provided in the context of the sale of a product or service, for the direct sale of further products or services similar to those already being sold. In any case, it is always possible to oppose this treatment at any time.
5 | ARE YOU PROCESSING PARTICULAR DATA?
The Spindox group will in no way process particular data or data other than those indicated under point 2.
6 | HOW WILL YOU USE MY DATA?
The Spindox group aims to protect the personal data entrusted to it, basing their treatment on principles of correctness, lawfulness and transparency. We therefore inform you that your data will be processed, through the use of tools and procedures suitable for ensuring maximum security and confidentiality, through archives and paper supports, with the aid of digital media, IT and telematic means.
7 | WILL YOU DO PROFILING ACTIVITIES?
According to the provisions of art. 4, n.4 of the GDPR, by profiling we mean a form of automated processing of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning professional performance, economic situation, health, the personal preferences, interests, reliability, behavior, location or travel of that natural person.
Respecting art. 5 of the GDPR, the data collected by the Spindox group will be limited to what is necessary with respect to the purposes for which they are processed, as defined in point 4 of this document.
8 | FOR HOW LONG WILL YOU STORE MY DATA
Your personal data will be stored, starting from their receipt/update, for the maximum period allowed by the current legislation.
9 | WILL YOU SHARE MY DATA WITH OTHERS?
For the purposes of point 4 we guarantee that your personal data will not be passed on under any circumstances.
Your data will be processed by internal and adequately trained resources of the Spindox group’s marketing department.
We communicate your data exclusively to subjects needed to carry out the activities necessary to achieve the purposes indicated and described above. The aforementioned subjects are specially appointed by us as data processors.
Under no circumstances will your data be passed on abroad, except within the companies belonging to the Spindox group. The Spindox group stores the data on systems using servers in foreign countries (not outside the EU), but without any disclosure to third parties.
10 | WHAT ARE MY RIGHTS?
At any time, as required by art. 17 of EU 2016/679 regulation, you will have the right to request:
- the access to your personal data;
- their correction in case of inaccuracy;
- the cancellation;
- the limitation of their processing.
Furthermore and as required by the articles 20 and 21 of the EU regulation 2016/679 you have:
- the right to object to their processing if processed for the pursuit of a legitimate interest of the Spindox group;
- the right to data portability, i.e. to obtain the personal data you have provided in a structured, commonly used and machine-readable format.
We will take care of your request with the utmost commitment to ensure the effective exercise of your rights.
Finally, you have the right to file a complaint with the corporate supervisory authority (privacy guarantor).
11 | CAN I REVOKE MY CONSENT?
Yes, you can withdraw your consent at any time, but this does not:
- affect the lawfulness of the processing based on the consent given before the withdrawal;
- affect further processing on other legal bases (for example: contractual obligations or legal obligations to which the Spindox group is subject to).
For more information on this policy, any other issue related to the privacy or in case you would like to exercise your right to withdraw your consent, you can contact the references indicated in the section “1 | WHO WILL PROCESS MY DATA”.