Owner and Data Controller
21iLAB AG
Pflugstrasse 10/12
FL-9490 Vaduz
Liechtenstein
Owner contact email: hello@21ilab.com
Types of Data collected
Among the types of Personal Data that this Application collects, by itself or through third parties, there are:
Cookies; Usage Data; first name; last name; email address; phone number; company name; profession; website; Data communicated while using the service.
Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Application.
Unless specified otherwise, all Data requested by this Application is mandatory and failure to provide this Data may make it impossible for this Application to provide its services. In cases where this Application specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner.
Any use of Cookies – or of other tracking tools — by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy.
Users are responsible for any third-party Personal Data obtained, published or shared through this Application.
Mode and place of processing the Data
Methods of processing
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
Place
The Data is processed at the Owner's operating offices and in any other places where the parties involved in the processing are located.
Depending on the User's location, data transfers may involve transferring the User's Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.
Retention time
Unless specified otherwise in this document, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.
The purposes of processing
The Data concerning the User is collected to allow the Owner to provide its Service, comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of its Users or third parties), detect any malicious or fraudulent activity, as well as the following:
Analytics, Interaction with external social networks and platforms, Contacting the User, User database management, Managing contacts and sending messages, Managing data collection and online surveys, Displaying content from external platforms, Tag Management, Infrastructure monitoring, Platform services and hosting, Advertising, Remarketing and behavioral targeting and Heat mapping and session recording.
For specific information about the Personal Data used for each purpose, the User may refer to the section “Detailed information on the processing of Personal Data”.
Detailed information on the processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
-
Advertising
This type of service allows User Data to be utilized for advertising communication purposes. These communications are displayed in the form of banners and other advertisements on this Application, possibly based on User interests.
This does not mean that all Personal Data are used for this purpose. Information and conditions of use are shown below.
Some of the services listed below may use Trackers for identifying Users, behavioral retargeting i.e. displaying ads tailored to the User’s interests and behavior, or to measure ads performance. For more information, please check the privacy policies of the relevant services.
Services of this kind usually offer the possibility to opt out of such tracking. In addition to any opt-out feature offered by any of the services below, Users may learn more on how to generally opt out of interest-based advertising within the dedicated section "How to opt-out of interest-based advertising" in this document.
Google Ads conversion tracking (Google Ireland Limited)
Google Ads conversion tracking is an analytics service provided by Google Ireland Limited that connects data from the Google Ads advertising network with actions performed on this Application.
Personal Data processed: Trackers; Usage Data.
Place of processing: Ireland – Privacy Policy.
Google Ads Similar audiences (Google Ireland Limited)
Similar audiences is an advertising and behavioral targeting service provided by Google Ireland Limited that uses Data from Google Ads Remarketing in order to display ads to Users with similar behavior to Users who are already on the remarketing list due to their past use of this Application.
On the basis of this Data, personalized ads will be shown to Users suggested by Google Ads Similar audiences.
Users who don't want to be included in Similar audiences can opt out and disable the use of advertising cookies by going to: Google Ad Settings.
Personal Data processed: Cookies; Usage Data.
Place of processing: Ireland – Privacy Policy – Opt Out.
-
Analytics
The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.
Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, (“Google”). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal Data processed: Cookies; Usage Data.
Place of processing: US – Privacy Policy – Opt Out.
HubSpot Analytics (HubSpot, Inc.)
HubSpot Analytics is an analytics service provided by HubSpot, Inc.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out .
Matomo (this Application)
Matomo is an analytics software used by this Application to analyze data directly without the help of third parties.
Personal Data processed: Cookies; Usage Data.
Wordpress Stats (Automattic Inc.)
Wordpress Stats is an analytics service provided by Automattic Inc.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy.
FullStory (FullStory, Inc.)
FullStory is an analytics and heat mapping service provided by FullStory, Inc.
FullStory maps how frequently Users interact with the different areas of this Application, allowing the Owner to draw conclusions about their interests and preferences. FullStory further allows for the recording of mapping sessions making them available for later visual playback.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt out.
-
Contacting the User
Contact form (This Application)
By filling in the contact form with their Data, the User authorizes this Application to use these details to reply to requests for information, quotes or any other kind of request as indicated by the form’s header.
Personal Data processed: email address; first name; last name.
-
Displaying content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of this Application and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.
Google Fonts (Google Ireland Limited)
Google Fonts is a typeface visualization service provided by Google Ireland Limited that allows this Application to incorporate content of this kind on its pages.
Personal Data processed: Usage Data; various types of Data as specified in the privacy policy of the service.
Place of processing: Ireland – Privacy Policy.
-
Heat mapping and session recording
Heat mapping services are used to display the areas of this Application that Users interact with most frequently. This shows where the points of interest are. These services make it possible to monitor and analyze web traffic and keep track of User behavior.
Some of these services may record sessions and make them available for later visual playback.
Hotjar Heat Maps & Recordings (Hotjar Ltd.)
Hotjar is a session recording and heat mapping service provided by Hotjar Ltd.
Hotjar honors generic „Do Not Track” headers. This means the browser can tell its script not to collect any of the User's data. This is a setting that is available in all major browsers. Find Hotjar’s opt-out information here.
Personal Data processed: Cookies; Usage Data; various types of Data as specified in the privacy policy of the service.
Place of processing: Malta – Privacy Policy – Opt Out.
-
Infrastructure monitoring
This type of service allows this Application to monitor the use and behavior of its components so its performance, operation, maintenance and troubleshooting can be improved.
Which Personal Data are processed depends on the characteristics and mode of implementation of these services, whose function is to filter the activities of this Application.
New Relic (New Relic)
New Relic is a monitoring service provided by New Relic Inc.
The way New Relic is integrated means that it filters all traffic of this Application, i.e., communication between the Application and the User's browser or device, while also allowing analytical data on this Application to be collected.
Personal Data processed: Cookies; Usage Data; various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.
-
Interaction with external social networks and platforms
This type of service allows interaction with social networks or other external platforms directly from the pages of this Application.
The interaction and information obtained through this Application are always subject to the User’s privacy settings for each social network.
This type of service might still collect traffic data for the pages where the service is installed, even when Users do not use it.
It is recommended to log out from the respective services in order to make sure that the processed data on this Application isn’t being connected back to the User’s profile.
Facebook Like button and social widgets (Facebook, Inc.)
The Facebook Like button and social widgets are services allowing interaction with the Facebook social network provided by Facebook, Inc.
Personal Data processed: Cookies; Usage Data.
Place of processing: US – Privacy Policy.
Twitter Tweet button and social widgets (X Corp.)
The Twitter Tweet button and social widgets are services allowing interaction with the Twitter social network provided by Twitter, Inc.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy.
ShareThis (Sharethis Inc.)
ShareThis is a service provided by ShareThis Inc., which displays a widget that allows interaction with social networks and external platforms as well as sharing the contents of this Application.
Depending on the configuration, this service can display widgets belonging to third parties such as the managers of social networks where interactions are shared. In this case, also the third parties that provide the widget will be informed of interactions and Usage Data on the pages where this service is installed.
Personal Data processed: Cookies; Usage Data.
Place of processing: US – Privacy Policy.
-
Managing contacts and sending messages
This type of service makes it possible to manage a database of email contacts, phone contacts or any other contact information to communicate with the User.
These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message.
Mailchimp (The Rocket Science Group LLC)
Mailchimp is an email address management and message sending service provided by The Rocket Science Group LLC.
Personal Data processed: email address; first name; last name.
Place of processing: United States – Privacy Policy.
-
Managing data collection and online surveys
This type of service allows this Application to manage the creation, deployment, administration, distribution and analysis of online forms and surveys in order to collect, save and reuse Data from any responding Users.
The Personal Data collected depend on the information asked and provided by the Users in the corresponding online form.
These services may be integrated with a wide range of third-party services to enable the Owner to take subsequent steps with the Data processed - e.g. managing contacts, sending messages, analytics, advertising and payment processing.
Typeform (TYPEFORM S.L)
Typeform is a form builder and data collection platform provided by TYPEFORM S.L.
Personal Data processed: company name; Data communicated while using the service; email address; first name; last name; profession; various types of Data as specified in the privacy policy of the service; website.
Place of processing: Spain – Privacy Policy.
-
Platform services and hosting
These services have the purpose of hosting and running key components of this Application, therefore allowing the provision of this Application from within a unified platform. Such platforms provide a wide range of tools to the Owner – e.g. analytics, user registration, commenting, database management, e-commerce, payment processing – that imply the collection and handling of Personal Data.
Some of these services work through geographically distributed servers, making it difficult to determine the actual location where the Personal Data are stored.
WordPress.com (Automattic Inc.)
WordPress.com is a platform provided by Automattic Inc. that allows the Owner to build, run and host this Application.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.
-
Remarketing and behavioral targeting
This type of service allows this Application and its partners to inform, optimize and serve advertising based on past use of this Application by the User.
This activity is facilitated by tracking Usage Data and by using Trackers to collect information which is then transferred to the partners that manage the remarketing and behavioral targeting activity.
Some services offer a remarketing option based on email address lists.
In addition to any opt-out feature provided by any of the services below, Users may opt out by visiting the Network Advertising Initiative opt-out page.
Users may also opt-out of certain advertising features through applicable device settings, such as the device advertising settings for mobile phones or ads settings in general.
Google Ads Remarketing (Google Ireland Limited)
Google Ads Remarketing is a remarketing and behavioral targeting service provided by Google Ireland Limited that connects the activity of this Application with the Google Ads advertising network and the DoubleClick Cookie.
Users can opt out of Google's use of cookies for ads personalization by visiting Google's Ads Settings.
Personal Data processed: Cookies; Usage Data.
Place of processing: Ireland – Privacy Policy – Opt Out.
-
Tag Management
This type of service helps the Owner to manage the tags or scripts needed on this Application in a centralized fashion.
This results in the Users' Data flowing through these services, potentially resulting in the retention of this Data.
Google Tag Manager (Google Ireland Limited)
Google Tag Manager is a tag management service provided by Google Ireland Limited.
Personal Data processed: Usage Data.
Place of processing: Ireland – Privacy Policy.
-
User database management
This type of service allows the Owner to build user profiles by starting from an email address, a personal name, or other information that the User provides to this Application, as well as to track User activities through analytics features. This Personal Data may also be matched with publicly available information about the User (such as social networks' profiles) and used to build private profiles that the Owner can display and use for improving this Application.
Some of these services may also enable the sending of timed messages to the User, such as emails based on specific actions performed on this Application.
HubSpot CRM (HubSpot, Inc.)
HubSpot CRM is a User database management service provided by HubSpot, Inc.
Personal Data processed: email address; phone number; various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.
Information on opting out of interest-based advertising
In addition to any opt-out feature provided by
any of the services listed in this document, Users may learn more on
how to generally opt out of interest-based advertising within the
dedicated section of the Cookie Policy.
Further information about the processing of Personal Data
-
Workable
As the operators of the Workable website, Workable Software Limited registered in England and Wales with Company Registration Number 08125469 and having its registered office address at 21a Kingly Street, Second Floor, London, W1B 5QA ("We", "Us", “Workable”) is committed to protecting and respecting your privacy. This Privacy and Cookies Policy ("Policy") relates to services provided through our website and application (“Services”) and sets out the basis on which the personal data collected from you, or that you provide to Us will be processed by Us. Please read the following carefully to understand our views and practices regarding your personal data and how We will treat it.
For the purpose of, the General Data Protection Regulation (“GDPR”), from the GDPR implementation date or, until GDPR implementation date, the Data Protection Act 1998 (collectively the “Data Protection Laws”):
in respect of the personal data of users of the Website and the Services and business contacts and prospects of Workable, the Data Controller is Workable Software Limited;
In respect of the personal data of candidates who apply for, or who a Customer of Workable contacts in respect of, an Opening (as the term is described in Workable’s Terms) (“Candidates”) Workable shall process personal information as a data processor on behalf of its Customers, who use Our Services to assist with their recruitment processes . Where you apply for a role with one of Workable’s Customers, our Customer’s privacy policy, rather than this Privacy Policy, will apply to our processing of your personal information.
Information we collect from you
We collect and process some or all of the following types of information from you:
Information that you provide by filling in forms on the workable.com website (“Website”). This includes information provided at the time of registering to use the Website, subscribing to our Services, posting material or requesting further information or services. We may also ask you for information when you report a problem with the Website.
If you contact Us, We may keep a record of that correspondence.
We may also ask you to complete surveys that We use for research purposes, although you do not have to respond to them.
Details of all actions that you carry out through the Website and of the provision of services to you.
Details of your visits to the Website including, but not limited to, traffic data, location data, weblogs and other communication data, the site that referred you to our site and the resources that you access.
The provision of your full name and e-mail address, your employer and/or your place of work and the url of the business that you work for is required from you when you register to use our Services We will inform you at the point of collecting information from you, whether you are required to provide the information to Us.
Information we collect from other sources
From time to time we also obtain personal data from other sources as follows:
names and contact details of Customer personnel who will be added as account members for the Customer’s account, may be added by existing account members;
names and contact details of individual contacts at prospective Customers from third party data providers and/or public sources, such as social networks, company websites and other online sources.
Uses made of your information
Where you are using our Services on behalf of our Customer, we rely on legitimate interests in performing our contract with our Customer as the lawful basis on which We collect and use your personal data.
We use information held about you in the following ways:
To ensure that content from the Website is presented in the most effective manner for you and for your computer.
To provide you with information, products or services that you request from us or which we feel may interest you or our Customer.
To carry out our obligations arising from any contracts entered into between our Customer (on whose behalf you are using the Services) and Us.
To notify you about changes to our Services and provide you with information that is relevant to your use of the Services.
Where you or your employer are a prospective Customer, to provide you with information about our Services for marketing purposes.
Disclosure of your information
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 (where applicable). Where any such member of our group is outside the EU this transfer will be on the basis of a contract including the Model Contractual Clauses in accordance with the Data Protection Laws.
We may disclose your personal information to third parties:
in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
if we or substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets;
if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or in order to enforce or apply our Website Terms and Conditions and other agreements, but we will endeavour to minimise such disclosure to only that reasonably necessary and, where possible, to provide you with notice of such disclosure; and/or
to protect the rights, property, or safety of Workable Technology Limited, the Website, our users and any third party we interact with to provide the Website.
How we store your personal data
Security
We take appropriate measures to ensure that all personal data is kept secure including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way, for the duration of your use of our Services. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where We are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Website, therefore any transmission remains at your own risk. Once we have received your information, we will use strict procedures and security features in order to prevent unauthorised access.
Keeping your personal data up to date
If your personal details change you may update them by accessing the relevant page of the Website, or by contacting Us using the contact details below.
We will endeavour to update your personal data within thirty (30) days of any new or updated personal data being provided to Us, in order to ensure that the personal data We hold about you is as accurate and up to date as possible.
Where we store your personal data
The data that We collect from you and process as a result of your use of the Services may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for Us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your orders, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing.
In particular, your data may be accessible to i) Workable’s staff in the USA or ii) may be stored by Workable’s hosting service provider on servers in the USA as well as in the EU. The USA does not have the same data protection laws as the United Kingdom and EEA. A Data Processor Agreement has been signed between Workable Software Limited and Workable Technology Limited and their overseas group companies, and between Workable Software Limited and Workable Technology Limited and each of its data processors. These Data Processor Agreements that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal data.
If you would like further information please contact Us (see ‘Contact’ below). We will not otherwise transfer your personal data outside of the United Kingdom OR EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
How long we keep your personal data
We will hold all the data for so long as we have an obligation to the Customer to provide the Services, and thereafter until such time as we delete the Customer’s account in accordance with our Customer Terms and Conditions.
Your personal information will be deleted on one of the following occurrences:
deletion of your personal information by you (or by another person engaged by the Customer); or
receipt of a written request by you (or another person engaged by the Customer) to us.
Your rights
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
access to your personal data and to certain other supplementary information that this Policy is already designed to address
require Us to correct any mistakes in your information which We hold
require the erasure of personal data concerning you in certain situations
receive the personal data concerning you which you have provided to Us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
object at any time to processing of personal data concerning you for direct marketing
object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
object in certain other situations to our continued processing of your personal data
otherwise restrict our processing of your personal data in certain circumstances
claim compensation for damages caused by our breach of any data protection laws.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
contact us using our Contact details below
let Us have enough information to identify you,
let Us have proof of your identity and address. Where you are a user of our Services you should email us from the email address that you used to register with Workable. Receipt of an email from this address will usually be sufficient to confirm your identity. In all other cases we may request one or more identification documents, such as a copy of your driving licence or passport and a recent utility or credit card bill; and
let Us know the information to which your request relates.
Third Party Websites
The Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and terms of use and that we do not accept any responsibility or liability for these policies and terms of use. Please check these policies before you submit any personal data to these websites.
How to complain
We hope that We can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
Changes to our privacy policy
We reserve the right to modify this Privacy Policy at any time. Any changes we may make to our Policy in the future will be notified and made available to you using the Website. Your continued use of the Services and the Website shall be deemed your acceptance of the varied Privacy Policy.
IP Addresses and cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration, customer support and to collect aggregate information for internal reporting purposes.
In addition, our Website uses cookies. A cookie is a small file of letters and numbers that we put on your computer if you agree. These cookies allow us to distinguish you from other users of the Website, which helps us to provide you with a good experience when you browse our Website and also allows us to improve the Website.
The cookies we use are "analytical" cookies. Some of the common uses for our cookies are as follows:
to recognise and count the number of visitors and to see how visitors move around the site when they are using it. This helps us to improve the way our Website works, for example by ensuring that users are finding what they are looking for easily.
to identify and authenticate a user across different pages of our Website, within our own Website, in a session or across different sessions. This is so that the user does not need to provide a password on every page the user visits; and
to be able to retrieve a user’s previously stored data, for example, information that the user previously submitted to the Website, so as to facilitate reuse of this information by the user.
Contact
All questions, comments and requests regarding this Privacy Policy should be addressed to support@workable.com.
Cookie Policy
This Application uses Trackers. To learn more, Users may consult the Cookie Policy.
Legal basis of processing
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes.
- provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- processing is necessary for compliance with a legal obligation to which the Owner is subject;
- processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
- processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Further information about retention time
Unless specified otherwise in this document, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.
Therefore:
- Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
- Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.
The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to fulfil a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
The rights of Users based on the General Data Protection Regulation (GDPR)
Users may exercise certain rights regarding their Data processed by the Owner.
In particular, Users have the right to do the following, to the extent permitted by law:
- Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
- Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent.
- Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
- Restrict the processing of their Data. Users have the right to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
- Have their Personal Data deleted or otherwise removed. Users have the right to obtain the erasure of their Data from the Owner.
- Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.
Users are also entitled to learn about the legal basis for Data transfers abroad including to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Owner to safeguard their Data.
Details about the right to object to processing
Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.
Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time, free of charge and without providing any justification. Where the User objects to processing for direct marketing purposes, the Personal Data will no longer be processed for such purposes. To learn whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.
How to exercise these rights
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. Such requests are free of charge and will be answered by the Owner as early as possible and always within one month, providing Users with the information required by law. Any rectification or erasure of Personal Data or restriction of processing will be communicated by the Owner to each recipient, if any, to whom the Personal Data has been disclosed unless this proves impossible or involves disproportionate effort. At the Users’ request, the Owner will inform them about those recipients.
Additional information about Data collection and processing
Legal action
The User's Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of this Application or the related Services.
The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.
Additional information about User's Personal Data
In addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.
System logs and maintenance
For operation and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (System logs) or use other Personal Data (such as the IP Address) for this purpose.
More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.
Changes to this privacy policy
The Owner reserves the right to make changes to this privacy policy at any time by notifying its Users on this page and possibly within this Application and/or - as far as technically and legally feasible - sending a notice to Users via any contact information available to the Owner. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.
Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.
Definitions and legal references
Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Usage Data
Information collected automatically through this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.
User
The individual using this Application who, unless otherwise specified, coincides with the Data Subject.
Data Subject
The natural person to whom the Personal Data refers.
Data Processor (or Processor)
The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.
Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.
This Application
The means by which the Personal Data of the User is collected and processed.
Service
The service provided by this Application as described in the relative terms (if available) and on this site/application.
European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Cookie
Cookies are Trackers consisting of small sets of data stored in the User's browser.
Tracker
Tracker indicates any technology - e.g Cookies, unique identifiers, web beacons, embedded scripts, e-tags and fingerprinting - that enables the tracking of Users, for example by accessing or storing information on the User’s device.
Legal information
This privacy policy relates solely to this Application, if not stated otherwise within this document.