Privacy Notice APP "FAI Centro!" and "faicentro.it" Website

Privacy Policy

Dear user, with this page the Chamber of Commerce, Industry, Crafts and Agriculture of Venice Rovigo (hereinafter CCIAA of Venice Rovigo) intends to provide you with all the information required by the art. 13 of Regulation (EU) 2016/679 (also known as GDPR or General Regulation for the Protection of Personal Data), regarding the processing of personal data carried out through the "Fai Centro!" application and through the faicentro.it website "Fai Centro!" is an online service that provides users with information about commercial initiatives (offers, discounts, events, etc.) promoted by the operators of the Mestre Urban Trade District. This information is provided solely and exclusively for the "Fai Centro!" and for the faicentro.it website with the exclusion of any other website and / or web application.

 

1. Data Controller

The owner of the processing of personal data is the Chamber of Commerce, Industry, Crafts and Agriculture of Venice Rovigo, with headquarters in Via Forte Marghera, 151 30173 Venezia Mestre (VE) e-mail privacy@dl.camcom.it; PEC cciaadl@legalmail.it

 

2. DPO - Data Protection Officer 

In order to better protect data subjects, as well as in compliance with the aforementioned legislation, the Data Controller has appointed its own DPO, Data Protection Officer (or DPO, Head of personal data protection), which can be contacted at the following address: http://rpdcciaadl@legalmail.com

 

3. Type of Users

In relation to the use of the Site and App, the following types of Users are distinguished: - Simple users: people who download the app and can access the information services offered by the app, as well as activate the "Fai Centro!" Fidelity Card on their account - Professional Users: Operators of the Urban District of Commerce of Mestre who have access to the reserved area and can publish the information related to their commercial initiatives as well as upload the points on the Fidelity Card of the Users

 

4. Purposes and legal bases of the processing

The personal data processed while browsing the site and during the use of the App are intended for the purposes specified below. 1) Proper functioning of the App and of the website (in pursuit of the legitimate interest of the Data Controller). 2) Provision of services to Professional Users Registration on the site, activation and management of the account with the possibility of publishing advertisements / information / news regarding the exercise of the promoted commercial initiatives. 3) Provision of services to Simple Users: a) Registration for the app, creation and management of the account; management of the fidelity card associated with the account according to the Regulations published in the APP, in compliance with a contractual obligation assumed towards the User himself; b) Sending of notifications and / or communications regarding commercial activities of the Mestre Centro di Commercio district with the related ongoing initiatives, located near its location.

 

5. Personal data collected

Simple User registration data: The data collected during registration will be limited to those strictly necessary for the creation of the User account, ie user name (e-mail address) and password. Professional

User registration data: The data collected during registration will be limited to those strictly necessary for the creation of the Professional User account, ie: Name, Surname, Company name, Fiscal Code and VAT number; Registered office; Username (e-mail address) and password.

Location information: where the App is used by a mobile device with the active position detection function, the App collects and processes information on the current position of the User for the sole purpose of communicating to the latter the commercial activities of the District Trade Center of Mestre Center (and related ongoing initiatives), located in its vicinity. The User can deactivate the sharing of this information at any time by changing the settings directly on his device.

Navigation data: The computer systems and software procedures used for the ordinary operation of the app and the site acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of computers and terminals used by users, the URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request, the method used in the submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's IT environment.

Finally, the Chamber of Commerce reports that the computer systems and software procedures used to operate the App [such as, for example, Apple store, Google Play or Windows Phone Store] acquire, during their normal operation, some data however referable to the User whose transmission is implicit in the use of internet communication protocols, smartphones and devices used. This category of data includes, by way of example but not limited to, the identity of the telephone, the User's contacts, e-mail, and credit card data. The User will be able to consult the Privacy information relating to these treatments on the following sites:

Apple Store - https://www.apple.com/legal/privacy/it/

Google Play - https://www.google.it/intl/it/policies/privacy/

Windows Store - https://privacy.microsoft.com/it-IT/privacystatement/

 

6. Authorized, Data Processors and Recipients of personal data

Both the navigation data and those provided voluntarily by the Users can be communicated to external subjects formally appointed by the CCIAA of Venice Rovigo as Data Processors pursuant to art. 28 GDPR and belonging to the following categories: companies that provide site maintenance services and IT systems; companies that provide electronic communications services and, in particular, electronic mail; companies that perform management and maintenance services for the Data Controller database. These subjects have the right to rely on additional, their own data processors, operating in the same areas. The data provided by the Simple User will in no case be communicated to the operators of the Urban District of Commerce of Mestre. The management of the points accumulated with the loyalty card, in fact, will not involve the processing of the Simple User's personal data since these points will be credited or scaled only by association with the relative numeric code.

 

7. Data retention period

With reference to navigation data collected for the purpose referred to in point 4, num. 1, they are kept only for the use of the website.

With reference to the data processed for the purpose referred to in point 4, num. 2 and num. 3 lett. a), personal data is stored for the entire registration period by the User. User data will be deleted no later than 30 days after the account is closed.

With reference to the data processed for the purpose referred to in point 4, num. 3 lett. b), the data relating to the position are not recorded by the app and therefore are processed instantly.

 

8. Nature of data provision and consequences of failure to provide data

For the purpose referred to in point 4, num. 1, the provision of data is necessary and not optional. For the purpose referred to in point 4, num. 2 and num. 4 lett. a), the provision of data is necessary. Failure to provide the necessary data will make it impossible to activate the account.

 

9. Data transfer in non-EU countries

The CCIAA of Venice Rovigo can avail itself, also through its own data processors, of telematic communication service companies and, in particular, of electronic mail, which could make the messages and personal information of users transit even in countries. not belonging to the European Union, or that in such countries could save backup copies of data, in order to limit the risks associated with possible data loss. These service companies are selected for reliability, security and compliance with national and European legislation regarding the processing of personal data.

The transfer abroad thus carried out is in line with this legislation, since it is implemented only towards countries (or sectors of these) which have been subject to an adequacy decision and which, therefore, guarantee an adequate level of protection of personal data, or on the basis of standard contractual clauses validated by a European supervisory authority and compliant with the models proposed by the Commission with Decision 2010/87 / EU. With specific reference to the United States of America, any transfer of data to this country is made exclusively to companies certified pursuant to the Privacy Shield, an agreement that requires U.S.A. stringent obligations to protect the personal data of European citizens and subject to control by the US authorities.

 

10. YOUR RIGHTS

The Regulation (EU) 2016/679 recognizes, as an Interested Party, various rights, which you can exercise by contacting the Owner or the DPO at the addresses indicated in points 1 and 2 of this information. Among the rights that can be exercised, as long as the conditions from time to time envisaged by the law are met (in particular, articles 15 and following of the Regulations) there are:

- the right to know if the CCIAA of Venice Rovigo is processing personal data concerning itself and, in this case, to have access to the data being processed and to all information relating thereto;

- the right to rectify inaccurate personal data concerning you and / or the integration of incomplete ones;

- the right to delete personal data concerning him;

- the right to limit the processing;

- the right to oppose the processing; the right to the portability of personal data concerning him; the right to revoke consent at any time, without prejudice to the lawfulness of the processing, based on consent, carried out before revocation.

In any case, you also have the right to submit a formal Complaint to the Guarantor Authority for the protection of personal data, according to the methods you can find at the following link: https://www.garanteprivacy.it/home/modulistica-e -services-online / claim.

To receive more information about your rights, you can contact the Owner or the DPO directly, or consult the official pages of the Guarantor Authority https://www.garanteprivacy.it/home/diritti and https://www.garanteprivacy.it/ web / guest / regolamentoue / rights-of-interested.

Confronta versione