Findynamic S.r.l., (hereinafter “Findynamic”), considers the protection of its customers’ and users’ personal data to be of fundamental importance, guaranteeing that personal data processing, carried out by any means, whether automated or manual, is carried out in full compliance with the protections and rights recognised by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter the “Regulation”) and by further applicable rules on personal data protection. For the purposes of this document, the data controller is the company Findynamic S.r.l., in the person of its pro-tempore legal representative.
Registered office: Milan, Piazza Cavour 3, 20121
TAX CODE /P.I. 09505650961
PEC address: firstname.lastname@example.org This information refers to the website: www.findynamic.com (hereinafter, the “Site”).
1. WHY THIS DOCUMENT
For the purposes of this document, the term personal data refers to the definition contained in Article 4(1) of the Regulation, i.e. “any information relating to an identified or identifiable natural person”; an identifiable person is a natural person who can be identified, directly or indirectly, by reference in particular to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic (hereinafter “Personal Data”) The Regulation provides that, before processing Personal Data – which is defined in Article 4(2) of the Regulation as “any operation or set of operations, carried out with or without the help of automated processes and applied to personal data or sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction” (hereinafter referred to as the “Processing”) – it is necessary that the person to whom such Personal Data belong (hereinafter referred to as the “Data Subject”) is informed of the reasons why such data are required and how they will be used. The purpose of this document is therefore to provide you, in a simple and clear manner, with all the information that will be useful to allow you to communicate your Personal Data to us in a conscious and informed manner and, at any time, request and obtain clarifications and/or corrections and exercise your rights. If necessary, this notice may be accompanied by a consent form as provided for in Article 7 of the Regulation, depending on the use we intend to make of your Personal Data.
2. WHO YOU CAN ADDRESS YOUR REQUESTS TO
In order to facilitate the relationship between you, as Data Subject, and Findynamic, as Data Controller, you may send an email to the following address email@example.com. You may freely contact this address for all matters relating to the Processing of your Personal Data and/or if you wish to exercise your rights.
3. FOR WHAT PURPOSES WILL MY PERSONAL DATA BE PROCESSED?
Your Personal Data will be processed for the following purposes:
- For the operational management of our Site. This means that we process your Personal Data (especially the Data we collect automatically when you navigate) to enable the Site you are using to function and to improve its performance
- To manage the security of your Data and our Site. Ensuring the security of your Data and the Site is our contractual and legal duty. We strive to make our web spaces an increasingly safe place for our users.
- For the processing of statistics. Findynamic performs, including through the use of services provided by third parties, statistical analyses regarding the use of its Site. These analyses are carried out on an aggregate and, therefore, anonymous level, and allow us to understand fundamental aspects related to the use of the Website, without which we would not be able to improve or update the services we offer.
- Protection or defence of legal claims. We may process your Personal Data to protect or defend our rights before a court of law or other competent authority.
- Fulfilling our obligations under applicable laws or regulations. This means that when the law imposes certain obligations on us that require us to process your Personal Data, we must do so for the purposes provided for by the law.
- Provision of services requested and information about new services. Whenever you want to use the services that we offer you, we will process your Personal Data to provide you with what you ask us for and, therefore, we will process your Data to fulfil our contractual obligations.
4. TO WHOM WILL MY PERSONAL DATA BE COMMUNICATED?
Your Personal Data may be communicated to specific recipients, including Findynamic’s employees and collaborators, to whom the Data are communicated in order to allow us to properly perform all Processing activities described herein. By recipients, the Regulation means: “the natural or legal person, public authority, service or other body that receives communication of personal data, whether or not it is a third party” (hereinafter the “Recipients”). Such Recipients, may process your Personal Data in their capacity as Data Processors or Authorised / Designated Persons.
If required by law or in order to prevent or suppress the commission of unlawful acts or offences, your Personal Data may be disclosed to public bodies or judicial authorities without them being considered as Recipients (in accordance with article 4, number 9, GDPR) and, therefore, without them receiving instructions regarding the Processing they will have to perform. To obtain more information on the subjects to whom your Data may be communicated, please contact us at firstname.lastname@example.org.
5. HOW LONG WILL MY PERSONAL DATA BE PROCESSED?
The Regulation provides that your Personal Data must be “kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data are processed; Personal Data may be kept for longer periods provided that they are processed solely for archiving in the public interest, scientific or historical research or statistical purposes in accordance with Article 89(1), without prejudice to the implementation of appropriate technical and organisational measures required by this Regulation to protect the rights and freedoms of the data subject” (see Article 5(1)(e) of the Regulation). 5 paragraph 1 letter e) of the Regulation). In this regard, please note that, in compliance with this principle, we will process your Data only for the time necessary to pursue the processing purposes listed in section D of this document. In particular, your Personal Data will be processed for a period of time equal to the minimum necessary, as indicated by Recital 39 of the Regulation, that is until the termination of the existing contractual relationship between you and the Data Controller without prejudice to an additional storage period that may be imposed by law as also provided by Recital 65 of the Regulation.
6. WHAT ARE MY RIGHTS?
The Regulations guarantee you the exercise of a number of rights, which we summarise as follows:
- Right of access: you have the right to know, among other things, what personal data we process, for what purposes we process it, to whom we disclose it and you have the right to obtain a copy of it.
- Right to withdraw consent: if you have given us your consent, you can withdraw it at any time by contacting us at email@example.com. Revoking your consent does not affect the legitimacy of the processing carried out up to that moment.
- Right of rectification: if you realise that any Personal Data you have communicated to us is incorrect or incomplete, we will correct the error or complete the information in our possession.
- Right to erasure: you may request the erasure of your Personal Data unless: we are required by law to keep it, or we need the Data in order to prove an unlawful act and defend ourselves before a court of law, or we need to use it for important reasons of public interest.
- Right to restrict processing: if you ask for the processing of your Data to be restricted, you prevent us from processing the Data for the purposes for which the Data were collected. This implies that we will limit ourselves to retaining your Data and will ask for your consent whenever we need to process it for any further purposes. Even if you have exercised this right, please note that your data may still be processed for the exercise or defence of legal claims or to protect the rights of another person or for important public interest reasons.
- Right to data portability: you may, at any time, request and receive your Personal Data in a structured, commonly used and readable format on your device in order to transfer it directly to another data controller.
- Right to lodge a complaint with the supervisory authority: without prejudice to your right to protect your interests in the competent courts, you have the right to lodge a complaint with the competent Data Protection Authority (in Italy, the Garante).
7. WHERE IS MY PERSONAL DATA PROCESSED?
Your Personal Data will be processed mainly within the European Economic Area and are not, unless there are specific operational needs, transferred outside the European territory. Should it be necessary to use the services of third parties located outside the European territory, we hereby inform you that:
- we have appointed such third parties as the Data Processors of their competence pursuant to article 28 of the Regulation
- the transfer of your Personal Data to such entities will be carried out in strict compliance with the provisions of Articles 44 et seq. of the Regulation. This assures you that all necessary measures will be taken to ensure the fullest protection of your Personal Data as such transfer will be based on contractual agreements or other appropriate legal bases designed to protect your rights and interests.