NOTICE PURSUANT TO THE RULES REGARDING THE PROTECTION OF PERSONAL DATA.
We hereby issue this notice, pursuant to art. 13 of Regulation (EU) 2016/679 (hereafter, “GDPR”), on the protection of natural persons with regard to the processing of personal data.
This website (hereinafter “Site”) and all the services provided herein (hereinafter “Services”) are not intended for children under the age of 16 and Peoplerise s.r.l., in its capacity as Data Controller (hereinafter “Company” or “Data Controller”), does not intentionally collect personal information relating to children. In the event where any information about minors is accidentally recorded, the Data Controller will delete them immediately upon the user’s request.
Legal basis and purpose of processing
Your personal data are processed:
- A) without your express consent, for the following purposes pertaining to service/Site usability:
- managing and maintaining the Site;
- allowing you to use Services that you may request;
- participate, via the Site, in initiatives organised by the Data Controller (e.g. events);
- processing a contact request;
- fulfilling obligations required by Law, regulations, EU legislation or orders from the Data Protection Authority;
- preventing or uncovering any fraudulent activity or abuse that may harm the Site;
- exercising the rights of the Data Controller;
with regard to these purposes, your consent is not required because processing of data is necessary to provide the Services requested or to fulfil legal obligations;
- B) Only with your specific and express consent, for the following additional purposes:
- sending e-mails to you containing opinion and satisfaction surveys, sending newsletters and/or invitations to events or signing You up for events that the Data Controller takes part in or organises (hereafter referred to as “Marketing”);
Data retention period
Your personal data will be processed for the period of time strictly necessary to fulfil the aforementioned purposes. After this period, they will be deleted or made anonymous.
Regarding the purposes described in point B), your personal data will be processed for 24 months for Marketing purposes, unless you revoke Your consent, which may relate to all, one or some of these purposes, beforehand.
Nature of the provision of the data and consequences of refusals
Providing data for the purposes referred to in point A) is necessary if you wish to sign up to the Site and make use of the services on offer.
Providing data for the purposes referred to in point B) is optional. Therefore, you may decide not to provide any data or to subsequently refuse to allow the processing of data already provided: if this is the case, you will not receive invitations to events, newsletters and opinion polls by e-mail and, above all, you will not receive personalised information, in line with your preferences, about initiatives. You will continue to benefit from the services referred to in point A).
Scope of data disclosure and categories of recipients
Your data may be disclosed:
- for the purposes referred to in point A), to employees and partners of the Data Controller, in their capacity as authorised processors and/or system administrators;
- for the purposes referred to in point B), to third party companies or other parties (website providers, cloud providers, e-payment service providers, suppliers, hardware and software support technicians, forwarding agents and carriers, credit institutions, professional firms, etc.), who, acting as data processors, carry out outsourcing activities on behalf of the Data Controller.
If your data is processed on behalf of the Company by third parties, these parties will be designated as data processors contractually or by other legal means. In any event, Your data will not be circulated.
Transfer of data to third countries and/or international organisations
For reasons that are strictly organisational, some of your personal data may be transferred to countries outside the EU—particularly the US—as the Data Controller uses cloud services provided by suppliers selected from those who provide adequate safeguards, as required by art. 46 of the GDPR, as they adhere to the Privacy Shield framework.
Rights of data subjects
You are entitled (under articles 15-22 GDPR) to request that our Company grants you access to your personal data and rectifies data if incorrect, to delete data or limit processing if conditions are met. You also have the right to data portability if said data, provided by you, are subject to automated processing based on your consent or a contract.
You have the right to withdraw any consent granted for processing purposes that require it, without prejudice to the lawfulness of processing carried out prior to withdrawal.
You also have the right to lodge a complaint with the relevant supervisory authority: The Italian Data Protection Authority.
Entities responsible for processing
The Data Controller is Peoplerise s.r.l. via San Marco – Padua. The company can be contacted via the following email address: firstname.lastname@example.org.
Last updated: May 2018.
This Policy is subject to change. We therefore recommend that you check this web page regularly and consider the most current version and information contained therein to be applicable.
Having read this notice, the Customer
- grants their consent
- does not grant their consent
to their personal data being processed for marketing purposes.
 To express more detailed preferences (e.g. allowing marketing activities to be carried out via automated means only and not traditional ones), you may directly contact the Data Controller via the contact details in the notice.