WHO WE ARE
Findynamic S.r.l. (hereinafter “Findynamic”) gives the utmost importance to the protection of its own clients and users’ personal data.
Findynamic commits to ensure that the treatment of personal data, be it manual or automated, is fully in compliance with the rights and protections acknowledged in the Directive 2016/679/EU of the European Parliament and of the Council of 27 April 2016, on safety of individuals with regard to the treatment of personal data as well as to the free movement of such data (hereinafter “Directive”), and in any other norm concerning the field of personal data protection.
For the purpose of this document, the controller of data is Findynamic S.r.l., acting through its pro-tempore legal representative.
Legal address: Piazza Cavour 3, 20121, Milan (MI)
Legal e-mail address: firstname.lastname@example.org
This privacy statement applies to the website: www.findynamic.com (hereinafter “Website”).
- WHY THIS DOCUMENT
For the purposes set out in this document, for “personal data” we refer to the description contained in Article 4, point 1) of the Directive which states that personal data is “any information concerning an identified or identifiable person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity” (hereinafter “Personal Data”). According to the Directive, before proceeding with the treatment of Personal Data, to be intended as defined in Article 4, point 2 of the Directive – “any operation or set of operations, performed with or without the support of automated process and applied to personal data or set of personal data, involving collection, registration, storage, maintenance, use, alteration, organisation or structuring, disclosure or dissemination, disposition, extraction, communication via any form of disposal, comparison and interconnection, limitation, cancellation or destruction” (hereinafter “Treatment”) – the owner of the Data (hereinafter “Data Subject”) has to be informed of the reasons why personal data are requested and how they can be used.
This document is intended to provide you, in an easy and clear way, with all the information that is needed in order for you to be conscious and informed while communicating your Personal Data and to allow you to obtain clarifications and/or corrections and to exercise your rights, anytime.
A dedicated form, whose structure depends on how we intend to use your Personal Data, will be attached to this document in accordance to the Article 7 of the Directive, whenever needed.
2.WHO YOU CAN CONTACT
In order to facilitate the relationship between you, as the Data Subject, and Findynamic, as the Controller of the Treatment, you are free to send an e-mail to email@example.com for any reason inherent to the Treatment of your Personal Data and/or in case you want to exercise your rights.
3.WHAT WE WILL USE YOUR PERSONAL DATA FOR
Your Personal Data will be processed for the following purposes:
- Our website operational management: your Data (especially those collected automatically while you are surfing our website) are used to make our website run and to enhance its performances.
- The security management of your Data and of our Website: It’s our contractual and legal duty to ensure the safety of your Data and of our website. We work every day to make our website a safer place for our users.
- The development of statistics: thanks also to the use of services provided by third parties, Findynamic performs statistical analysis on the usage data of its own website. These analysis, performed at an aggregate level, allows Findynamic to understand fundamental aspects related to its website usage, without whom it wouldn’t be possible to improve and update the service offered.
- Protection or defence of the rights in the court of law: we can use your Data to protect or defend our rights before courts and other competent authorities.
- Implementation of legal obligations and existing regulations: when legal obligations which imply the Treatment of your Personal Data are in place, we shell proceed to such Treatment for the purposes intended by law.
- Supply of requested services and supply of information related to the new services: Anytime you want to access one of the services we offer, we will track and keep your Personal Data in order to satisfy your request and to fulfil our contractual obligations.
4.WHO WILL BE GIVEN ACCESS TO YOUR PERSONAL DATA
Access to your Personal Data can be given to some specific recipients, amongst whom we find FinDynamic personnel and collaborators, in order to enable us to perform properly the Data Treatment illustrated in this document. Such a recipient should encompass a “natural or legal person, public authority, agency or any other body to which personal data are lawfully disclosed by the competent authority” (hereinafter “Recipients”). Such Recipients can handle your Personal Data as people responsible for the Treatment or people empowered for the Treatment.
If required by law or to prevent or repress illegal activities and frauds, your Personal Data can be communicated to the public authorities or to the legal authorities even if they are not considered as Recipients (in accordance with Article 4, number 9, GDPR) and so, even without necessarily informing them about the Treatment.
For more information on the Recipients of your Personal Data, contact us at firstname.lastname@example.org.
5.HOW LONG WILL YOUR PERSONAL DATA BE TREATED
According to the Directive your Personal Data have to “be kept in a form which permits the identification of Data Subjects for no longer than is necessary for the purposes for which the data were collected and/or further processed; Personal Data can be kept for longer periods as long as they are used for the purposes of storage in the public interest, for the purpose of scientific or historical researches, statistical analysis, in accordance with Article 89, paragraph 1, without prejudice to the enforcement of adequate, technical and organizational measures required by this Directive, in the defence of the rights and freedom of the Data Subject (see Article 5, paragraph 1, (e), of the Directive)”. In compliance with this principle, we will treat your Data for the minimum period of time that is required to pursue the purposes of data treatment described in Section D.
As stated in the recital 39 of the Directive, Personal Data will in fact be treated for a period of time corresponding to the minimum time till the ending of the contractual relation between you and the controller of data treatment, with the exception of additional storage period that might be imposed by law as required by recital 65 of the Directive.
6.WHAT ARE MY RIGHTS?
The Directive ensures you several rights, which can be summarized as follow:
– Access rights: you have the right to know what data we treat, for what purpose and with whom your data are shared. You also have the right to get a copy of your data.
– Right to revoke the consent: you can decide to revoke the consent you have given us, anytime, by contacting us at email@example.com. The lifting of your consent does not undermine the legitimacy of the Data Treatment carried on so far.
– Right to rectification: in case you notice that one of your Personal Data is incorrect or incomplete, we will provide for its correction and finalization.
– Right to erasure: You can ask for the erasure of your Personal Data, unless law forces us to keep them, or in case we need them to prove that we have been victim of an offence and to defend ourselves in front of a judge, or in case we need to use them for relevant issues in the public interest.
– Right of limitation of treatment: if you ask us to limit the treatment on your data, we cannot use your data for the purposes for which they were collected. As a consequence, we will simply store your data and contact you for your consensus anytime we will have to treat your data differently, to achieve additional purposes. Even in the case you decide to exercise this right, your data can still be used to exercise or defend a right in court, to protect the rights of another person or for other relevant issues of public interest.
– Right to data portability: you can receive your Personal Data anytime, in a commonly used, structured format that can be easily read by your device and transferred to another data holder.
– Right to bring a complaint before the competent authorities: besides your right to defend your interests before the legal authorities, you have the right to bring complaints to the competent authorities, namely Autorità Garante per la Protezione dei Dati Personali (il Garante, in Italy).
7. WHERE MY PERSONAL DATA ARE TREATED
Your Personal Data are mainly treated inside the Spazio Economico Europeo and they are not transferred outside the European territory unless some specific operational requirements occur. In case it was necessary to use the services provided by third parties located outside the European territory, we inform you that:
– we have already accounted them as “responsible for the Treatment” of their competence as described in Article 28 of the Directive.
– the transfer of your Personal Data to those will be carried out under the thorough observation of Article 44 and following of the Directive. This guarantees you that all security measures to ensure the highest level of protection of your Personal Data will be put in place. The transfer will be in accordance with contractual agreements and other legal basis established to protect your rights and interests.