Types of data collected
In compliance with current regulations, the Data Controller keeps a list of the information collected. Full details of each type of data collected are provided in the appropriate sections in this privacy policy or in specific informative notices displayed before data are collected. Personal Data may be freely supplied by the User or, in the case of Usage Data, collected automatically while this Application is being used. Unless otherwise specified, the supply of all the Data requested by this Application is mandatory. If the User refuses to furnish the data, it may be impossible for this Application to provide the Service. Whenever the supply of Data is indicated in this Application as optional, Users are free to choose not to provide such Data, without affecting the availability of the Service or its operation in any way whatsoever. Any Users having doubts as to which data are mandatory, are advised to contact the Data Controller. Unless otherwise explicitly specified, Cookies – or other tracking tools – may be utilised by this Application or the owners of third-party services used by the Application, in order to supply the Service requested by the User, and for other purposes described in this document and in the Cookie Policy, if available. The User will be held responsible for the Personal Data of third parties obtained, published or shared via this Application and declares that he or she has the right to disclose or disseminate them, thereby relieving the Data Controller of any liability towards third parties.
How and where collected data are processed
Data Processing Methods
The Data Controller takes appropriate security measures to prevent unauthorised access, disclosure, alteration or destruction of the Personal Data. Processing is carried out using IT and/or electronic communication tools, with organisational procedures and logics strictly linked to the stated purposes. As well as the Data Controller, in some cases other subjects involved in management of this Application may have access to the Data (administrative, sales, marketing and legal personnel, system administrators etc.), as well as certain external parties (such as third-party providers of technical services, delivery couriers, hosting providers, IT companies, communications agencies), who are nominated as Data Processors by the Data Controller. An up-to-date list of Data Processors can be requested from the Data Controller at any time.
Legal basis of processing
The Data Controller processes Personal Data relating to the User in the following circumstances:
The Data Controller can always be requested to provide clarification regarding the actual legal basis of each processing operation and, in particular, to specify whether the processing is based on the law, envisaged in a contract or necessary in order to enter into a contract.
Place
Data are processed at the Data Controller's operating premises and any other place where the parties involved in the processing are located. For further information, contact the Data Controller.
The User’s Personal Data may be transferred to a state other than that in which the User is located. For further information regarding where data are processed, the User can consult the section providing details of the processing of Personal Data.
The User has the right to obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organisation operating under international public law or made up of two or more countries, such as the UN, and regarding the security measures taken by the Data Controller to safeguard the Data.
The User may verify whether one of the transfers described above has actually taken place, by examining the section of this document giving details of the processing of Personal Data or asking for information from the Data Controller, using the contact details given above.
Data storage period
Data are processed and stored for the period of time necessary to achieve the purposes for which they were collected. Therefore:
If the processing of data is based on the User’s consent, the Data Controller may retain the Personal Data for a longer period until consent is withdrawn. Furthermore, the Data Controller may also be obliged to store Personal Data for a longer period of time in order to perform a legal obligation or comply with an order made by an authority.
The Personal Data will be erased at the end of the storage period. Therefore, once this period has expired, the right of access, to erasure, rectification and the right to data portability may no longer be exercised.
The user's right
Users may exercise specific rights connected with Data processed by the Data Controller.
More specifically, Users have the right to:
Details of the right to object
When Personal Data are processed in the public interest, in the exercise of official authority vested in the Data controller or to pursue a legitimate interest of the Data Controller, Users have the right to object to the processing on grounds connected with their particular circumstances.
It is pointed out that Users whose data were processed for direct marketing purposes may object to processing without justification. To ascertain whether the Data Controller is processing data for direct marketing purposes, Users can consult the relevant sections in this document.
How to exercise rights
To exercise their rights, Users may make a request for contact with the Data Controller, namely Carmine Di Domenico, at the following email address dataprivacy@groupcopernicus.com. Requests are made free of charge and will be dealt with by the Data Controller as soon as possible, in any event within no more than a month.
Further information on processing
Legal Defence
The User's Personal Data may be used by the Data Controller in legal proceedings or during the preliminary stages of an action to be brought to defend its rights against the improper use of this Application or of the Services connected to it by the User.
Specific Notifications
At the User’s request, in addition to the information contained in this Privacy Policy, this Application may provide the User with additional, context-based information on specific Services, or the collection and processing of Personal Data.
System and Maintenance Logs
For operational and maintenance requirements, this Application, and any third-party services used by it, may collect system Logs, in other words, files which record any interactions which may also include Personal data, such as the User's IP address.
Information not contained in this Policy
Further information on the processing of Personal Data may be requested at any time from the Data Controller using the contact information provided.
Reply to queries regarding “Do Not Track”
This Application does not support “Do Not Track” requests. To find out if they are supported by any third-party services used, the User should consult the corresponding privacy policies.
Changes to this Privacy Policy
The Data Controller reserves the right to make modifications to this Privacy Policy at any time, notifying Users of such changes on this web page and, if possible, on this Application, and also whenever technically and legally feasible, to send Users notification using one of the contact details in the Data Controller’s possession. Therefore, you are advised to check this page regularly, and to take the last revision date shown at the bottom of the page as reference.
If the changes relate to processing for which the legal basis is consent, the Data Controller will ask for the User’s consent again, if necessary.