Effective 25-May-2018
pursuant to Articles 13 and 14 of Regulation EU n. 2016/679
- Data Controller
The Data Controller is StyleItaliano S.r.l. based in Via Salvo d’Acquisto 1C, 16030, Casarza Ligure (GE), Italy, P.IVA 02058710993
e-mail: info@styleitaliano.org
PEC: styleitalianosas@pec.it.
StyleItaliano S.r.l. (hereinafter simply “Data Controller”), as Data Controller, pursuant to Articles 13 and 14 of Regulation EU n. 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, (General Data Protection Regulation) (hereinafter “Regulation” and/or “GDPR”), informs you that your personal data will be processed in the manner and for the purposes set out below.
The Data Processor will be appointed, whenever necessary, through specific Data Processing Agreement to appoint the Data Processor depending on the activities and / or the services provided.
- Types of Data collected
The Data Processor processes personal data such as:
- name and surname;
- email address;
- address of residence or domicile
- nationality;
- age declaration;
- billing information;
- texts, images and videos of clinical cases
(hereinafter jointly “personal data” or even “data”).
The personal data processed by the Data Controller concern: data provided by those who interact with the web services offered by the Styleitaliano group (styleitaliano.org, styleitaliano.com and subdomains, hereinafter jointly “Styleitaliano platform” or even “styleitaliano.org”) and the data provided by users when registering for the various services offered by the Data Controller.
- Purposes of processing
- Personal data will be processed for the following purposes:
- complete registration and login to the website styleitaliano.org;
- processing is necessary to comply with legal obligation to which the controller is subject according to the law, regulation, community legislation and/or any order of the Data Protection Authority;
- prevent and/or discover fraudulent activities or prejudicial misuse of the website;
- share clinical cases with the community (based on the instructions on the upload page);
- Only with other specific consent your personal data will be processed for the following additional purposes:
- sending newsletters by e-mail;
- marketing and advertising;
- sending advertising material on products or services offered by the Data Controller;
- sending, by e-mail, a proposal to register for further courses;
- purchase of services;
- online payment management
- Processing methods
The processing of personal data is achieved through the collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, communication, cancellation and destruction of data. The processing of personal data will be made in paper and electronic way and also by automated processing.
- Storage period
Data Controller undertakes to keep your personal data for two years from the last interaction with the website (www.styleitaliano.org), with respect to the purposes referred to in paragraph 3.I above.
Data Controller, in the case of the purposes referred to in the paragraph 3.II above, will process personal data for the time that is necessary reasonable to fulfill the purposes for which the personal data is collected and in any case not beyond the terms of the law.
- Access to data
The personal data’s access is limited to the Data Controller and to the Data Processor; the internal processors and system administrators will be able to access to personal data only for the purposes related to their specific duties.
Access to personal data may be allowed to third parties who carry out outsourced activities on behalf of the Data Controller, after being appointed to external Data Processors, limited to the purposes set out in this statement and in compliance with the regulations of the GDPR.
- Rights of Data Subject
As foreseen by the Regulation the data subject has the possibility to exercise the following rights:
- right of access;
- right to rectification;
- right to erasure (‘right to be forgotten’): Users have the right to obtain from the data controller the deletion of own personal data;
- right to restriction of processing;
- right to data portability;
- right to object of processing;
- right to withdraw the consent (it is necessary to underline that the withdrawal of consent does not affect the lawfulness of the treatment based on the consent given before the revocation);
- right to lodge a complaint with a supervisory authority (in Italiy is the Italian Data Protection Authority).
Styileitaliano protects your rights described above, which you can exercise by operating online, according to the same method of registration, or by sending a registered letter to the address Via Salvo d’Acquisto 1C, 16030, Casarza Ligure (GE), Italy or by sending an email to info@styleitaliano.org.
Styleitaliano.org and the offered services are not intended for child under the age of 18.
- Data transfer
The management and preservation of personal data will be carried out on servers located within the European Union of the Data Processor and / or appointed third-party companies. Currently the servers are located in France. In any case, it is understood that the Data Controller, where necessary, will have the right to move the server location to Italy and / or the European Union and / or non-EU countries. In this case, the Data Controller hereby ensures that the data transfer of non-EU countries will take place in accordance with the applicable legal provisions, stipulating, if necessary, agreements that guarantee an adequate level of protection and / or adopting the contractual standard clauses provided for European Commission.
- Data sharing
Styleitaliano will process personal data carefully and confidentiality and will not share it with third parties other than those indicated therein, unless specific, precise and transparent communication has been approved and confirmed by you.
Styleitaliano may share, partially, some personal data provided by the users at the time of registration to the website, with other entities of the same group, including the educational store, in order to allow a single global access and for authentication purposes in such a way that user can use the same login data.
The Data Controller will share anonymized and aggregated information and will have the right to use this personal data for statistical analysis.
- Data protection
Styleitaliano promises to protect personal data and to implement appropriate technical measures and the organizational security in order to protect them from any possible attacks such as unauthorized or illegal processing and accidental loss, destruction or damage pursuant to Article 32 and following of GDPR.