PERSONAL DATA PROTECTION POLICY
This Policy is being provided pursuant to and in accordance with Art. 13 of Regulation (EU) 2016/679 (hereinafter “GDPR”), on the protection of natural persons with regard to the processing of personal data.
This website (hereinafter “Site”) and all the services supplied here (hereinafter “Services”) are not intended for minors under 16 years of age and Armony SpA, as the data controller (hereinafter “Company” or “Data Controller”), does not intentionally collect personal information of minors. If information on minors is unintentionally registered, the Data Controller will erase it promptly on the users' request.
Legal basis and purposes of processing
Your personal data is processed:
A) without your express consent, for the following purposes of services/use of the Site:
- managing and maintaining the Site;
- allowing you to use any Services you have requested;
- processing a contact request;
- satisfying obligations laid down by law, by a regulation, by EU regulations or by an order of the Authority;
- preventing or identifying fraudulent activity or malicious damage of the Site;
- exercising the Data Controller's rights;
your consent is not required for said purposes, as data processing is necessary to supply the Services requested or to satisfy a legal obligation;
B) only with your specific and separate consent, also to send you newsletters and/or invitations to events or to register you for events in which the Data Controller takes part or is the organiser (hereinafter “Marketing”).
Data storage period
Your data will be processed for the time strictly necessary to pursue the above purposes, after which it will be erased or rendered anonymous. With specific reference to the purposes described in point B), your personal data will be processed for 24 months, unless you withdraw consent beforehand.
Nature of providing the data and consequences in the case of refusal
Providing the data for the purposes of point A) is necessary to allow use of the services offered. Providing the data for the purposes of point B) is optional. You may therefore decide not to provide any data or subsequently to deny consent to processing of data already provided; in this case, you will not be able to receive the communications described above via e-mail.
Communication of data and categories of recipients
Your data may be communicated to employees or collaborators of the Data Controller, as authorised processors, and also to third companies or other parties (website providers, hardware and software assistance technicians, professional firms, etc.) who perform outsourced activities on the Controller's behalf, as processors; your data will not be disclosed under any circumstances.
Transfer of personal data to third countries or international organisations
Your personal data will not normally be transferred to non-European third countries. However, the Company uses certain IT services in cloud computing that could involve data processing through servers or IT equipment located in the United States of America: the suppliers of said services have confirmed that they will be performed in compliance with the specific guarantees protecting personal data envisaged by the agreement reached between the United States and the European Union, called Privacy Shield, which they have declared that they apply.
Rights of data subjects
You are entitled (see Arts. 15-22 GDPR) to ask our company for access to your personal data and request its rectification if incorrect, erasure or restriction of processing, if the requirements for this are satisfied, and also to obtain portability of the data you have supplied, only if it is subject to automated processing based on your consent or on the contract. You are also entitled to withdraw consent given for the processing purposes that require it, without affecting the lawfulness of processing based on consent before its withdrawal. You are entitled to file a complaint with the Supervisory Authority.
Parties involved in processing
The Data Controller is Armony SpA, which may be contacted at firstname.lastname@example.org
Last review: June 2018.
This Policy may be changed. We therefore recommend that you check this page regularly and consider the most recent version of the policy provided there.