The purpose of this document is to inform the individual (hereinafter "Data Subject") regarding the processing of their personal data (hereinafter "Personal Data") collected by the data controller, MP Informatica Srl, with registered office at Via Santa Bona Nuova 33b, 31100 Treviso TV, Tax Code/VAT Number 05355370262, email address info@mpinformaticasrl.it (hereinafter "Controller"), through the website mpinformaticasrl.it (hereinafter "Application").
Changes and updates will be binding as soon as published on the Application. In case of non-acceptance of the changes made to the Privacy Policy, the Data Subject is required to cease using this Application and may request the Controller to delete their Personal Data.
1       Categories of Personal Data processed
The Controller processes the following types of Personal Data provided voluntarily by the Data Subject:
·      Contact Data: name, surname, address, email, phone, images, authentication credentials, any further information sent by the Data Subject, etc.
·      Tax and payment Data: tax code, VAT number, credit card data, details of the bank account, etc.
The Controller processes the following types of Personal Data collected automatically:
·      Technical Data: Personal Data produced by devices, applications, tools, and protocols used, such as, for example, information about the device used, IP addresses, browser type, type of Internet Service Provider (ISP). Such Personal Data may leave traces which, in particular when combined with unique identifiers and other information received from servers, can be used to create profiles of individuals.
·      Navigation and usage Data of the Application: such as, for example, pages visited, number of clicks, actions performed, duration of sessions, etc.
·      Data regarding the exact location of the Data Subject: for example, geolocation data that precisely identifies the location of the Data Subject which can be collected through the satellite network (e.g. GPS) and other means, collected with the prior consent of the Data Subject. The Data Subject may revoke the consent at any time.
The failure to provide the Data Subject's Personal Data for which there is a legal, contractual obligation, or that constitute a necessary requirement for concluding the contract with the Controller, will result in the Controller's inability to establish or continue the relationship with the Data Subject.
The Data Subject who communicates to the Controller Personal Data of third parties is directly and exclusively responsible for their origin, collection, processing, communication, or dissemination.
2       Cookies and similar technologies
The Application uses cookies, web beacons, unique identifiers, and other similar technologies to collect Personal Data of the Data Subject on the pages, on the links visited, and on other actions performed when the Data Subject uses the Application. They are stored to be transmitted at the next visit of the Data Subject. The full Cookie Policy can be viewed at the following address: https://mpinformaticasrl.it/cookie-policy
3       Legal basis and purpose of processing
The processing of Personal Data is necessary:
·      for the execution of the contract with the Data Subject and specifically:
1      fulfillment of every obligation arising from the pre-contractual or contractual relationship with the Data Subject
2      support and contact with the Data Subject: to respond to the Data Subject's requests
·      for legal obligation and specifically:
1      the fulfillment of any obligation provided by current regulations, laws, and regulations, in particular, in tax and accounting matters
·      on the basis of the legitimate interest of the Controller, for:
1      marketing purposes via email for the Controller's products and/or services to directly sell the Controller's products or services using the email provided by the Data Subject in the context of the sale of a product or service similar to that being sold
2      statistical purposes with anonymous data: to carry out statistical analysis on aggregated and anonymous data to analyze the behavior of the Data Subject, to improve the products and/or services provided by the Controller and better meet the expectations of the Data Subject
·      on the basis of the consent of the Data Subject, for:
1      retargeting and remarketing: to reach the Data Subject with a personalized advertising announcement who has already visited or shown interest in the products and/or services offered by the Application using their Personal Data. The Data Subject can opt-out by visiting the Network Advertising Initiative page
2      for marketing purposes of the Controller's products and/or services: to send information or promotional materials, to carry out direct selling activities of the Controller's products and/or services or to conduct market research using automated and traditional methods
3      for marketing purposes of third-party products and/or services: to send information or promotional materials of third parties, to carry out direct selling activities or to conduct market research of their products and/or services using automated and traditional methods
4      detection of the exact location of the Data Subject: to detect the presence of the Data Subject, to monitor accesses, times, and the presence of the Data Subject in a specific place, etc.
Based on the legitimate interest of the Controller, the Application allows interactions with external platforms or social networks whose processing of Personal Data is governed by their respective privacy policies to which reference should be made. The interactions and information acquired from this Application are in any case subject to the privacy settings that the Data Subject has chosen on such platforms or social networks. This information – in the absence of specific consent for further purposes – is used solely to allow the use of the Application and to provide the requested information and services.
The Data Subject's Personal Data may also be used by the Controller to protect themselves in court before the competent judicial authorities.
4       Methods of processing and recipients of Personal Data
 
The processing of Personal Data is carried out using paper and computer tools, with organizational methods and strict logical connections related to the purposes indicated and by adopting appropriate security measures.
Personal Data is processed exclusively by:
·      persons authorized by the Data Controller who are committed to confidentiality or have an adequate legal obligation of confidentiality;
·      subjects who operate independently as distinct controllers or by subjects designated as processors by the Controller in order to carry out all processing activities necessary to pursue the purposes of this policy (e.g., commercial partners, consultants, IT companies, service providers, hosting providers);
·      subjects or entities to whom it is mandatory to communicate the Personal Data by law or by order of authorities.
The above-mentioned subjects are required to use appropriate guarantees to protect Personal Data and can only access those necessary to perform the tasks assigned to them.
Personal Data will not be disseminated indiscriminately in any way.
5       Location
Personal Data will not be transferred outside the territory of the European Economic Area (EEA).
6       Retention period of Personal Data
Personal Data will be retained for the time necessary to fulfill the purposes for which they were collected, in particular:
·      for purposes related to the execution of the contract between the Controller and the Data Subject, they will be retained for the entire duration of the contractual relationship and, after cessation, for the ordinary prescription period of 10 years. In case of judicial dispute, for the entire duration of the same, until the expiration of the deadlines for the exercise of appeal actions
·      for purposes related to the legitimate interest of the Controller, they will be retained until the interest is fulfilled
·      for compliance with a legal obligation, by order of an authority and for legal protection, they will be retained in compliance with the timeframes provided by such obligations, regulations, and in any case until the expiration of the statute of limitations provided by the regulations in force
·      for purposes based on the consent of the Data Subject, they will be retained until the revocation of consent
At the end of the retention period, all Personal Data will be deleted or retained in a form that does not allow the identification of the Data Subject.
7       Rights of the Data Subject
Data Subjects can exercise certain rights regarding the Personal Data processed by the Controller. In particular, the Data Subject has the right to:
·      be informed about the processing of their Personal Data
·      revoke consent at any time
·      limit the processing of their Personal Data
·      object to the processing of their Personal Data
·      access their Personal Data
·      verify and request the correction of their Personal Data
·      obtain the limitation of the processing of their Personal Data
·      obtain the deletion of their Personal Data
·      transfer their Personal Data to another holder
·      file a complaint with the supervisory authority for the protection of their Personal Data and/or take legal action.
To exercise their rights, Data Subjects can send a request to the following email address: info@mpinformaticasrl.it. The requests will be taken care of by the Controller immediately and fulfilled as soon as possible, in any case within 30 days.
Last update: 11/07/2024