Information pursuant to and for the purposes of art. 6, EU Regulation no. 679/16, to arts. 13-14, EU Reg. 2016/679 (hereinafter, GDPR).
The EU Regulation for the protection of personal data n. 679/16 has the purpose of ensuring that the processing of your personal data is carried out in compliance with the rights of fundamental freedoms and the dignity of persons, with particular reference to confidentiality and personal identity. Therefore it is our duty to inform you about our privacy and data confidentiality management policy.
With the utmost clarity and transparency we want to clarify:
- what personal data we process and why we need to do it;
- which personal data are processed by third parties and for what reason;
- the rights of those who surf the site and how to exercise them;
- our commitments.
WHO IS THE OWNER OF THE PROCESSING OF YOUR PERSONAL DATA
Joint data controllers are:
Blockchain Italia S.r.l. – Via Brembo, 27 – 20139 Milan (MI) VAT number 1044149096 firstname.lastname@example.org
TMP Group IT Srl – Sambuca di Sicilia (AG) in Via Matteotti 8, 92017 – Operational headquarters: Via Brembo, 27, 20139 Milan MI – Telephone: 02 8719 6846 – E-mail: email@example.com
as Data Controller, in the persons of their legal representatives, they inform you, pursuant to and for the purposes of Articles 13-14 GDPR your data will be processed in the manner and for the following purposes:
Blockchain Italia TMP Group undertakes to respect and protect the personal data automatically provided by you in compliance with the provisions of the law aimed at guaranteeing the security, updating and relevance of the data with respect to the contractual purposes defined. The personal data provided by customers are used for the sole purpose of executing the signed service contract, and are disclosed to third parties only if this is strictly necessary and functional for this purpose. The data is processed by personnel appointed as responsible (and contractually designated sub-managers) for data processing, only if the processing is necessary for the performance of the requested service.
- Object of the treatment
The Data Controller processes personal data, identification (name, surname, company name, address, telephone, e-mail – customer data stored and encrypted) – hereinafter “personal data” – communicated by you when visiting the site, following of the application for forms within the site to make requests relating to the services offered. To use the Services, you may be asked to register by providing your registration information. If you register for any reason, some or all of the following information may be collected: Name and surname; Account username; Company; E-mail; Telephone; Wallet address or other registration information.
- Purpose of the treatment
Your personal data are processed:
- A) without your express consent (pursuant to Article 6, paragraph 1 of the GDPR) for the following service purposes:
– data collection for the provision of the Data Controller’s service offer;
– fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships with you;
– fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority;
– exercise the rights of the owner, for example the right to defense in court;
Registration data are processed for the following purposes:
– To verify your identity and to help us connect you to your historical data and your account.
- B) only with your specific and distinct consent (pursuant to Article 7 of the GDPR), for marketing purposes:
– send you via e-mail, post and / or sms and / or telephone contacts, newsletters, commercial communications and / or advertising material on products or services offered by the owner and the degree of satisfaction with the quality of services;
– send you commercial and / or promotional communications from third parties authorized and controlled by us in terms of privacy via e-mail, post and / or sms and / or telephone contacts.
We inform you if you are already our customers, send you related commercial communications and analogue products that you have already used, unless you agree to dissent.
- Processing methods
Pursuant to art. 5 GDPR the processing of your data will be based on principles of correctness, lawfulness and transparency and can also be carried out through automated methods to store, manage and transmit them (by means of the operations indicated in art. instruments suitable for guaranteeing security and confidentiality through the use of suitable procedures that avoid the risk of loss, unauthorized access, illicit use and dissemination.
Your personal data could undergp both paper and digital processing.
The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and in any case for no more than 10 years from the termination of the relationship for the purposes of service and obligations imposed by law.
- Communication of data
The data may be disclosed to the other employees and collaborators of the Data Controller in their capacity as data processors of the same, as well as may also be viewed by the external party who oversees our IT system and that our structure has appointed an external manager; Your data may also be disclosed to companies and / or professional firms that provide – in outsourcing – assistance, consultancy or collaboration to the Data Controller, in accounting, administrative, fiscal, legal, tax matters, to public administrations for the performance institutional functions within the limits established by law or regulations and to third party service providers to whom communication is necessary for the fulfillment of the services covered by our services, if we are entrusted with a task that requires their intervention (contractual sub-managers). We inform you that all our suppliers are appointed external sub-managers and subject to a validation and control process in terms of privacy and quality of the services requested.
Without the need for express consent pursuant to art. 6, paragraph 1 of the GDPR, the Data Controller may communicate your data for the purposes referred to in art. 2.A) to Supervisory Bodies, Judicial Authorities, as well as to those subjects to whom the communication is mandatory by law for the accomplishment of the aforementioned purposes.
Your data will not be disclosed in any other way.
- Retention times
Your personal data will be kept for the time necessary to carry out the existing relationships between the parties and in any case not for more than 10 years from the termination of the existing contractual relationship for the provision of the service as required by law.
After this retention period, the Data will be destroyed and / or deleted, without prejudice to future communications by the Data Controller or authority decisions under the law.
- Data transfer
The data may also be disclosed to suppliers (cloud and / or data store), as joint data controllers, who have signed an agreement with our company. These offices – with particular attention to the offices established in non-EU countries – have been given precise operating instructions through contractual clauses that guarantee that the data will be processed in accordance with the principles established in the EU Reg. destination.
The interested party can exercise their rights towards each Joint Controller.
- Nature of the provision of data and consequences of refusal to respond
The provision of data for the purposes referred to in point 2.A) is mandatory. In their absence, we will not be able to guarantee the requested Services.
The provision of data for the purposes referred to in point 2.B) is optional. You can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, you will not be able to receive newsletters, commercial communications and advertising material relating to the Services offered by the Data Controller.
However, you will continue to be entitled to the Services referred to in point 2.A).
- Rights of the interested party
You have the right to ask the Data Controller for access to data concerning you, their correction or cancellation, the integration of incomplete data, the limitation of processing; to receive the data in a structured format, commonly used and readable by an automatic device; to revoke any consent given in relation to the processing of your data at any time and object in whole or in part to the use of the data; to lodge a complaint with the Authority, as well as to exercise the other rights recognized to you pursuant to Articles 15-22 EU Regulation n.679 / 16.
- a) Technical cookies:
they are cookies necessary for browsing a website and using its features, such as to allow correct viewing of pages or access to restricted areas. Therefore disabling these cookies does not allow these activities.
They are not used for other purposes and can be divided into:
navigation or session cookies: they guarantee the normal navigation and use of the website
functionality cookies, which allow the user to browse according to a series of selected criteria (for example, the language) in order to improve the service provided to the user.
- b) Performance cookies:
collect information on efficiency in the responses of a website to user requests anonymously, for the sole purpose of improving the functionality of the website; for example, which pages are most frequently visited by the user, and if there have been errors or delays in the delivery of web pages.
- c) Profiling cookies:
are aimed at creating user profiles and are used in order to send advertising messages in line with the preferences expressed by the user in the context of surfing the net.
Third party cookies
By visiting the Website, the user may also receive cookies on his device from sites managed by other organizations (“so-called” third-party “cookies): this happens because the Site may contain elements such as, for example, specific links to web pages of third-party websites or web services. These cookies can be sent to the user’s browser by third-party companies directly from their websites which can be accessed by browsing the site.
Google Analytics cookies (_utma, _utmz, _gat, _ga, _gid) –
It is used. They are available at: http://www.google.com/intl/it/analytics/privacyoverview.html
Use of the visitor’s IP address through Google cookies
Each computer and device connected to the Internet is assigned a unique number as an Internet Protocol (IP) address. Since these numbers are typically assigned in blocks based on country, an IP address can often be used to identify the country, province, and city from which a computer connects to the internet.
Google Analytics collects the IP address of website visitors to provide an indication of their geographical location. This method is known as IP geolocation. Google Analytics does not report information relating to the actual IP addresses of visitors. Due to the use of a method known as IP masking, Google Analytics communicates information so that only a part of the IP address is used for geolocation, rather than the entire address.
Browser add-on for deactivating Google Analytics cookies
- “Data Protection Officer”, data protection officer (DPO)
The Data Protection Officer or DPO supports us in the management of problems relating to the protection of personal data. The law provides that you can choose an internal person or an external consultant. We preferred to rely on an external expert: Antonio Sannino, Tel 02.2891586 http://www.studiosannino.it/. In case of doubts, needs, requests for explanations on privacy, you can provide a detailed explanation of the problem you wish to report to the email firstname.lastname@example.org.
The DPO will analyze your requests and, based on the responsibilities assumed, may intervene in the ways permitted by the regulation.
Questions, complaints and suggestions
Anyone interested in more information, to contribute their suggestions or make complaints or disputes regarding the privacy policies of the company or the way in which the data is processed can write an e-mail.