Pagina

Privacy Policy

Privacy Policy and Personal Data Processing

Introduction

This privacy policy concerning the processing of personal data ("Policy") describes how personal data of users accessing the website www.gregoriocodagnone.it (the "Website") is collected, used, processed, stored, and protected.

This Policy is provided to users ("Users" or "User") pursuant to Regulation (EU) 2016/679 (General Data Protection Regulation, "GDPR"), Legislative Decree 196/2003 ("Privacy Code") and subsequent amendments, and other applicable legislation on personal data protection, including the General Provision of the Garante per la protezione dei dati personali of May 8, 2014, regarding cookies.

Data Controller

The data controller for personal data is

Gregorio Codagnone

Ph: +39 345 3375231

Mail: gregoriocodagnonearte@gmail.com  

Personal Data

The Website processes personal data directly provided by the User ("User"), data automatically collected via the User's devices (including mobile devices), and User data potentially collected by third parties.

Data transmitted by the User

When the User communicates with the Website, the User may provide information through communications, chats, or otherwise. Furthermore, when a new User registers on the Website, we will ask for certain data such as, but not limited to: name, surname, address, email, billing details, bank details, tax code, and VAT number.

 

 

Automatically collected data

Data is collected when the User interacts with our Services, the Website, and the App. These may include: unique ID or code of the device used for interaction, device type, referrer URL, and IP address.

Log data and device information are automatically collected if the Website is accessed and used, even if the User has not created an account and/or has not logged in. This information may include: details on how the User used the service, IP address, date and time of access, hardware and software information, device information, unique identifiers, crash data, cookies, the pages viewed by the User both before and after using the Services. For the collection and processing of this data, cookies and other similar technologies are used, including web beacons, pixels, and mobile device identifiers to acquire data on visited pages and links and other actions that the User performs when using our Services, in accordance with this Policy. Further information about our .

Data collected by third parties

Our entity may use the social media listed below to link the User's account to the relevant social media site and to share content. The link to these social media with their respective personal data processing policies is provided below:

Facebook  https://it-it.facebook.com/policy.php,

Instagram https://www.instagram.com/about/legal/terms/api/

Twitter https://twitter.com/it/privacy/

Linkedin https://www.linkedin.com/legal/privacy-policy?_l=it_IT

Tik Tok https://www.tiktok.com/legal/privacy-policy?lang=it

 

Purposes of processing 

We use the User's personal data for the following purposes related to the provision and promotion of the Website:

  • Service provision: – Service provision as per the general terms and conditions; – profiling to personalize the User's experience and enable the algorithm to function; – sending service or support messages; – customer assistance.

This is necessary for the performance of the contract between Ocean Company S.r.l. and the User, for improving services, for the controller to exercise its rights, for preventing fraud, spam, abuse, and other harmful activities for the Website and User, for verifying restrictions on providing services outside assigned areas and breaches of general conditions and/or applicable regulations, and for statistical processing.

Failure to provide data makes it impossible to execute the contract.

  • Marketing and profiling

To contact the User in any form and by any means or tool for sending advertising messages, for making commercial communications and/or for learning the User's opinions.

To perform User profiling based on their characteristics and preferences, also in consideration of the information provided by them through interactions with any platforms detected by the Website and/or Ocean, to send promotional messages, marketing messages, and other information of interest to the User, to manage prizes, surveys, contests, and, furthermore, to verify the outcomes of marketing campaigns and potentially improve them.

Duration of processing 

It is understood that the retention periods indicated below may be extended by Ocean to comply with legal obligations or any requests from authorities, and that in case of account deletion, information shared by the User on the Website may continue to be visible:

  • data necessarily processed for the provision of Services excluding profiling: 15 years from collection;

     

  • data processed for direct marketing purposes, marketing based on profiling, and for sending commercial offers related to products or services previously purchased by the User: 5 years from collection;

  • data processed for the functioning of the Website (data collected automatically through the User's devices, such as log files, IP address, etc.); data processed for profiling necessary for the automated decision-making process carried out by algorithm; data collected via social media: 2 years from collection.

Methods of processing and storage of personal data

Gregoriocodagnone.it processes User's personal data through electronic, automated, paper, and manual means and through specifically authorized parties. These parties carry out processing by employing adequate security measures to ensure the protection of the User's personal data and their confidentiality. The server managing personal data is located in [•] and managed by the company [•].

The User's personal data will be stored by applying appropriate security measures, for pre-established or determinable periods, after which they will be automatically and securely deleted.

Recipients of personal data and dissemination

The User's personal data are processed on behalf of gregoriocodagnone.it by data processors who provide adequate guarantees. Furthermore, the User's personal data are communicated by gregoriocodagnone.it to independent data controllers, within the scope of their data processing activities, and to joint data controllers, within the scope of processing activities for which the purposes and means of processing are jointly determined by them with gregoriocodagnone.it.

Data Processors

Analysis and statistics on aggregated data:

__

Independent Data Controllers

Professionals, consultants, authorities, any other companies and/or entities

Joint Data Controllers

Social media: Facebook, Twitter, Instagram, Linkedin, TikTok.

Recipients of Processing

Professionals who provide the service through the Website.

Transfer of data outside the EU and EEA

Within the scope of providing services, the User's personal data are also transferred outside the European Union and the European Economic Area, particularly to the USA, based on an adequacy decision pursuant to Art. 49 GDPR, as well as in the specific case based on the so-called "Privacy Shield".

User Rights

The User can exercise their rights recognized by personal data protection legislation through their account's control panel, or by contacting the data protection officer of gregoriocodagnone.it at gregoriocodagnonearte@gmail.com

 

The User can, in particular, exercise the following rights:

  • Withdraw consent to processing for direct marketing purposes and for profiling for marketing purposes, where given;
  • Withdraw consent for access to their device, where given;
  • Request explanations and significant information regarding the functioning of the algorithm to request human intervention in the related automated decision-making process, as well as express their opinion and challenge decisions resulting from the automated process (Art. 22 GDPR);
  • Access personal data processed and stored by tokotk and obtain information on processing pursuant to Art. 15 GDPR;
  • Rectification of personal data, where inaccurate, or integration of personal data, where incomplete, pursuant to Art. 16 GDPR;
  • Erasure of personal data pursuant to Art. 17 GDPR;
  • Restriction of processing pursuant to Art. 18 GDPR;
  • Receive their personal data in a structured, commonly used, and machine-readable format (right to data portability) pursuant to Art. 20 GDPR;
  • Object to processing pursuant to Art. 21 GDPR;
  • Lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR, if they believe that the processing has been carried out in violation of applicable personal data protection legislation.

If the User has chosen to link their account to a third-party application, such as Facebook or Google, they can modify the settings and remove permissions through the Website's settings.

Personal data protection procedures adopted by third parties

This Policy only covers the processing of personal data that we collect from the User in relation to the Website. If the User discloses their data to third parties or visits a third-party website via a link on our Services, the privacy policies and related procedures of those third parties will apply to all personal data that the User provides or that they collect from the User.

Changes to the policies 

The policies may be modified at any time by publishing the updated version on the Website. Any substantial changes to this Privacy Policy will be announced to the User via email.