Imagicle Legal Terms.
Privacy Policy
On 25th May 2018, the new General Data Protection Regulation 2016/679 (GDPR) is fully applicable. In order to correctly comply with the provisions and be compliant with the new Regulations, Imagicle S.p.A is particularly dedicated to protecting its Customers, Suppliers, Partners and Employees (or potential)’ privacy and data processing.
General
In compliance with the provisions of articles 13 and 14 of EU Regulation 2016/679 (hereinafter “GDPR”), in the context of the protection of personal data, Imagicle S.p.a. (hereinafter “Imagicle”) provides Data Subjects with the following information:
Data controller
The Data Controller of your personal data is Imagicle S.p.A, responsible for the lawful and correct use of your personal data, and who you may contact for any information or requests at the following addresses:
Registered office: Via Fondacci,272 – 55054 – Massarosa
Other offices: Via Murri, 24 – int. 27/29 – 20013 – Magenta (MI) e Via Sile, 17/B – 31057 – Silea (TV)
Telephone: 0584/943232
Fax:0584/943325
E-mail: administration@imagicle.com
Certified Email: imagicle@legalmail.it
Types of data processed, purposes and legal basis
The personal data processed are collected as provided directly by the User / Data Subject or collected automatically through the site.
Data provided directly by the User / Data Subject
The data provided directly by the User / Data Subject are all personal data entered by the same within the site or which in any case are provided to the Data Controller in any manner. These data will be processed in compliance with the guarantees of privacy and security measures required by current legislation, including the help of electronic tools directly and / or through third parties, for the purposes set out below together with the legal basis of reference:
PURPOSES | PROCESSED DATA | LEGAL BASIS | |
---|---|---|---|
A | Purposes strictly related to the execution of contractual and pre-contractual measures and to respond to specific requests from the Data Subject | Personal and contact dataPayment data and other financial data Data relating to debt behavior, economic solvency and the presence of judicial measuresData relating to the activated services | Processing necessary for the performance of a contract to which the Data Subject is party or in order to take steps at the request of the Data Subject prior to entering into a contract. – Art. 6 paragr. 1 lett b) |
B | Purposes related to the fulfillment of fiscal, accounting and other legal obligations | Personal and contact dataPayment data and other financial data Data relating to debt behavior, economic solvency and the presence of judicial measuresData relating to the activated services | Processing necessary for the performance of a contract to which the Data Subject is party or in order to take steps at the request of the Data Subject prior to entering into a contract. – Art. 6 paragr. 1 lett b) |
C | Exercise of rights of the Data Controller, for example the right of defence in court. | Personal and contact dataPayment data and other financial data Data relating to debt behavior, economic solvency and the presence of judicial measuresData relating to the activated services | Processing necessary for the purposes of the legitimate interests pursued by the controller or by a third party. Art. 6 paragr. 1 lett f) |
D | Purposes related to the protection of credit and corporate assets | Personal and contact dataPayment data and other financial data Data relating to debt behavior, economic solvency and the presence of judicial measuresData relating to the activated services | Processing necessary for the purposes of the legitimate interests pursued by the controller or by a third party. Art. 6 paragr. 1 lett f) |
E | Creation of statistics and archives of solved cases for analysis aimed at improving the services | Personal and contact dataPayment data and other financial data Data relating to debt behavior, economic solvency and the presence of judicial measuresData relating to the activated services | Processing necessary for the purposes of the legitimate interests pursued by the controller or by a third party. Art. 6 paragr. 1 lett f) |
F | Direct marketing: communication and/or sending, also with automated methods, of promotional, advertising and information material, surveys or market research through telephone channels, sms, e-mail, social networks, and online advertising platforms | Personal and contact dataData relating to the activated services | The Data Subject has given consent to the processing of his or her personal data for one or more specific purposes; Art 6 c.1 lett. a) |
G | Marketing on existing customers: sending communications relating to contracted products/ services and/or to products/services similar to those already contracted (newsletters, webinars, events, training activities). | Personal and contact dataData relating to the activated services | Processing necessary for the purposes of the legitimate interests pursued by the controller or by a third party. Art. 6 paragr. 1 lett f) |
H | Indirect marketing: communication of data to related and / or associated companies, to commercial partners and third parties so that they can make you a recipient of marketing communications | Personal and contact dataData relating to the activated services | The Data Subject has given consent to the processing of his or her personal data for one or more specific purposes; Art 6 c.1 lett. a) |
The Data Subject assumes responsibility for the personal data of third parties obtained, published or shared with the Data Controller and guarantees to have the right to communicate or disseminate them, freeing the Data Controller from any liability to third parties.
Data collected automatically through the site
The automatically collected data are the information collected automatically through the site also from third-party applications integrated therein, including for example: the IP addresses or domain names of the computers used by the User / Data Subject who connects to this site, the addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error , etc.), the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details relating to the itinerary followed within the ‘Application, with particular reference to the sequence of pages consulted, to the parameters relating to the operating system and the IT environment of the User / Data Subject. Complete details on each type of data collected are provided in the dedicated sections of the cookie policy of this site.
The automatically collected data are processed exclusively for the purposes for which they are collected, as described below.
The Data Controller processes the data provided by the Data Subject to allow the site to function, to allow the display of content from external platforms, for statistical purposes, optimization and distribution of traffic and marketing in addition to the additional purposes described in this document and in the Cookie Policy.
Compulsory or optional nature of the provision of data and consequences of a refusal to provide
The nature of the provision of your personal data is mandatory so that the Data Controller can fulfill the obligations deriving and arising from the contractual and/or pre-contractual relationship in place with you, as well as those imposed by law or regulations. Failure to provide your personal data may determine the impossibility to establish or continue the contractual and pre-contractual relationship to the extent that such data are necessary for its execution. If the processing of data is based on your consent, the provision of your data is optional and the non-acceptance and provision does not entail any consequences. In case of lack of consent, your data cannot be processed for the purpose described. Unless otherwise specified, all the data required for browsing the site are mandatory, if the User / Data Subject refuses to communicate them, it may be impossible for this Application to provide the Service. In cases where some data are indicated as optional, Users / Interested parties are free to refrain from communicating such data, without this having any consequence on the availability of the Service or on its operation. When accessing any page of the Site, there is a Banner through which the User / Data Subject can give their consent to the use of cookies.
If you have any doubts about which data is mandatory, we encourage you to contact us.
Processing methods
The Data Controller adopts the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data.
The processing is carried out using IT and/or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.
Recipients of the personal data
Your data may be communicated, in addition to the personnel assigned to the processing, also to the following subjects also appointed, if necessary, as Data Processors by the Data Controller:
- Private and public entities for the performance of administrative and legal practices in compliance with the provisions of EU Reg. no. 679/2016;
- Consultants and companies that assist the Data Controller from an IT, infrastructural point of view and for the management of communication networks;
- Professionals, consortia and service companies and professional firms in the field of assistance and consultancy relationships (eg from a tax, commercial, legal, communication point of view, etc.);
- Banks and credit institutions;
- Other companies and professionals who collaborate with the Data Controller for the performance of the services covered by the contract/assignment;
- Insurance companies;
- Subsidiary or associated companies.
The updated list of Data Processor can always be requested from the Data Controller.
The data will not be subject to other methods of dissemination.
Place Processing
The data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located.
The data provided directly by the User / Data Subject and collected automaticallty could be transferred in a different country than the one in which the User / Data Subject is located outside the European Economic Area. In this case Imagicle Spa ensures that the processing of your personal data by these subjects to whom the data is transferred takes place in compliance with the European Regulation 679/2016, all always in compliance with the principles indicated in art. 45 of the GDPR 2016/679 relating to the existence of an adequacy decision by the European Commission, or in the absence of such decisions in compliance with art. 46 relating to the transfer in the presence of appropriate safeguards or in compliance with Article 49 paragraph 1 letter b) – transfer necessary for the execution of a contract concluded between you and the Data Controller or for the execution of pre-contractual measures.
For more information, please contact the Data Controller.
Retention Period
Data provided directly by the User / Data Subject
The personal data provided directly by the User / Data Subject collected for the purpose referred to in paragraph 2 letters A, B, C and D will be processed and stored for the period of time necessary to pursue the aforementioned purposes and in any case no longer than the legal retention times provided for by law, currently 10 years from the time of termination of the contractual relationship if there is one active or no later than 10 years from collection for all other Data Subjects. In the event of a pending trial, the data will be processed until they are terminated. Furthermore, the Data Controller may be obliged to keep personal data for a longer period in compliance with a legal obligation or by order of an authority.
Personal data collected for marketing purposes on existing customers referred to in paragraph 2 letter G will be processed and stored for the period of time necessary to pursue the aforementioned purposes and in any case no later than the termination of the contract. In the case of perpetual licenses, the data will be kept until the consent is revoked by the User / Data Subject.
The personal data collected for the purposes of creating statistics and archives of the resolved cases, referred to in paragraph 2 letter E, will be processed and stored for the period of time necessary to pursue the the aforementioned purposes and in any case no later than 3 years from their collection.
The personal data collected for direct and indirect marketing purposes, referred to in paragraph 2 letters F and H, will be processed and stored for the period of time necessary to pursue the aforementioned purposes and in any case no later than 2 years from their collection.
At the end of the retention period, the personal data will be deleted. Therefore, at the end of this term the rights of access, cancellation, rectification and the right to data portability can no longer be exercised.
Data collected automatically through the site
The automatically collected data will be retained for the period better specified in the Cookie Policy.
At the end of the retention period, the personal data will be deleted. Therefore, at the end of this term the rights of access, cancellation, rectification and the right to data portability can no longer be exercised.
Rights of the User / Data Subject
Pursuant to art. 13 GDPR each User / Interested party has the right to obtain confirmation of the existence or not of your Personal Data, even if not yet registered, and their communication in an intelligible form.
In particular, the User / Data Subject has the right to obtain from the Data Controller the indication of:
- the origin of Personal Data;
- the purposes and methods of processing;
- the logic applied in the case of processing carried out with the aid of electronic/IT tools;
- the identification details of the Data Controller, of the Data Processor and of the controller’s representative;
- the recipients or categories of recipients to whom the data may be communicated or who can be involved in the processing as Controller’s Representative, Data Processor or Authorised Personnel.
Furthermore the User / Data Subject has the right to obtain from the Data Controller:
- updating, rectification or integration of their data;
- cancellation, transformation into anonymous form or blocking of data processed in violation of the law;
- access to his/her data, i.e. confirmation that his/her personal data is being processed or not;
- the limitation of the processing,
- the portability of the data, i.e. the right to receive in a structured format his/her Personal Data;
Finally, the User / Data Subject has the right to object, in whole or in part, for legitimate reasons to the processing of personal data concerning him/her, even if pertinent to the purpose of the collection and to logge a complaint with the Supervisory Authority. In particular, the Data Subject has the right to object to the processing of personal data concerning him/her for the purpose of sending commercial advertising material or for commercial communication purposes. The rights referred to in the preceding points may be exercised by writing to the contacts indicated in point 1 of this policy.