The Data Controller takes the utmost account of the right to privacy and protection of its User’s personal data.
1.Purpose of data processing
Users’ personal data are lawfully processed by the Data Controller pursuant to art. 6 of the Regulation for the following purposes:
- Offer of business start-up services.
- Concession to use facility space.
- Organization of events and promotional activities.
- Assistance in matters related to financing and business subsidies.
- Organization of training and informational seminars.
- Realization of EEN network activities, events and financing.
- Realization of co-financed planning activities.
The provision of personal data for the above processing purposes is optional but necessary, since failure to provide the same will make it impossible for the User to browse the website and take advantage of the services offered by the Data Controller through the website.
With reference to the purposes under points 1/a, 1/b, 1/c, 1/d, 1/e,1/f, 1/g, the lawful basis for data processing is the execution of the services provided by PromoFirenze and requested by you (pursuant to Article 6, paragraph 1, letter b of the Regulation).
With reference to the purposes under point 1 / d / f / g, PromoFirenze may process personal data defined as “particular” by the Regulation, since the such data reveal the data subject’s racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as data relating to the data subject’s health, sexual life or sexual orientation. Personal data are processed exclusively for the purpose of providing the requested services, in compliance with art.9 paragraph 2 letter b of the Regulation.
2. Further processing purposes: newsletters, customer satisfaction analysis and market surveys
When Users give their consent (freely and optionally), some of their personal data (i.e. name, surname, email address, complete shipping address, etc.) may be processed by the Data Controller for newsletter purposes (dispatch of communications containing regulatory updates of general interest, or events organized and promoted by the Data Controller).
Users can easily oppose the dispatch of further email newsletters, for example, by clicking on the appropriate link – provided with each email – for withdrawing consent. Once consent is revoked, the Data Controller will send the User an email to confirm withdrawal of consent. The Data Controller hereby makes known that, following the exercise of the right to oppose the dispatch of email newsletters, the User may continue to receive several newsletters for technical and operational reasons (e.g. compilation of contact lists completed shortly before the Data Controller receives the opposition request). If the User continues to receive promotional messages and newsletters 24 hours after exercising the right of opposition, we recommend reporting the problem to the Data Controller through the contacts indicated in paragraph 6 below.
PromoFirenze, by virtue of the User’s specific and optional consent, is also entitled to carry out customer satisfaction analysis through a follow-up contact once the service has been provided, as well as market surveys based on product placement or company promotion.
The lawful basis for data processing is the User’s free, specific and optional consent, pursuant to art. 6, paragraph 1, letter a) of Privacy Regulation 2016/679. After giving consent, the User may revoke it at any time through a request sent to the Data Controller according to the modes indicated in paragraph 6 below.
3. Further processing purposes: disclosure of personal data to Data Controller’s partners.
When Users give their consent (freely and optionally), their personal data (i.e. name, surname, address, email address, telephone, etc.) will be disclosed by the Data Controller to third parties (“Data Controller’s partners”):
- belonging to the following trade categories: from letter A to letter U of the “ATECO 2007 Classification of economic activities”, for their own purposes.
- Chambers of Commerce, Special Agencies and entities pertaining to the Chamber of Commerce, for their own purposes.
- Authorities, Institutions, Public Administrations, Trade Associations, for their own purposes.
The Data Controller’s Partners, as independent data controllers, process the User’s personal data for their own purposes, including marketing (direct sales, dispatch of advertising material and commercial communication) and may contact the User by post, email, telephone (landline and / or mobile, by automated phone calling/communication calling systems with and / or without operator) and / or SMS and / or MMS, to recommend the purchase of products and / or services provided by the same categories of third-party companies and / or other companies and make known to the User offers, promotions and commercial opportunities. Once data transfer has taken place, it will be the responsibility of the Data Controller’s Partner – pursuant to art. 14 par. 3 of the Regulation – to provide Users with all the information foreseen by art. 14 of said Regulation.
In case of denial of consent, the possibility of receiving the services provided by PromoFirenze will not be affected in any way.
Users who give their consent may revoke it at any time through a request sent to the Data Controller according to the modes indicated in paragraph 6 below.
PromoFirenze hereby informs Users that their personal data will be processed by the Data Controller’s Partners as independent data controllers based on the specific information provided by the latter. Any requests to unsubscribe from further commercial communications sent by Data Controller’s Partners – to whom personal data have already been disclosed by the Data Controller-must be addressed directly to said Partners.
4. Processing methods and data retention times
The Data Controller processes Users’ personal data through both manual and IT methods, based on criteria strictly associated with the relevant purposes and, in any case, in such a way as to guarantee data security and confidentiality.
Personal data provided by Website Users will be stored for the time strictly necessary to carry out the main purposes described in paragraph 1 above, or in any case, for the time required to lawfully protect the interests of both Users and Data Controller. With regard to the processing purpose under point 2, personal data will be stored until the User decides to oppose such processing according to the modes indicated in paragraph 6 of this policy.
5. Scope of data communication and dissemination
Users’ personal data may become known to employees and / or collaborators of the Data Controller in charge of managing the Website. Such subjects, formally appointed by the Data Controller, are authorized to process the User’s data exclusively for the purposes indicated in this policy and in compliance with the provisions of the Applicable Regulations.
Also, third parties who may process personal data on behalf of the Data Controller as “External Data Processors”, are likely to become aware of the Users’ personal data. External data processors may include, by way of example, suppliers of IT and logistics services functional to the operation of the website, besides outsourced or cloud computing service providers, professionals and consultants.
Users have the right to obtain a list of any data processors appointed by the Data Controller by sending a request to the latter according to the modes indicated below.
6. Data Subjects’ rights
Users may exercise the rights under the Applicable Legislation as expressly set forth in art. 15 and subsequent provisions of Regulation (EU) 2016/679 by contacting the Data Controller according to the modes indicated below:
- by registered letter with return receipt sent to the Data Controller’s headquarters
- through a detailed email sent to: email@example.com
If you believe that the processing of your personal data violates the Regulation, you have the right to lodge a complaint with a Supervisory Authority (in the Member State where the same is normally based, where it carries out its activity or where the alleged violation has occurred). The Italian Supervisory Authority is the Guarantor for the protection of personal data, with registered office in Piazza Venezia 11, 00186 – Rome (http://www.garanteprivacy.it/) Email: firstname.lastname@example.org Fax: (+39) 06.69677.3785 Switchboard No. (+39) 06.69677.1.