THE “CONTROLLER” OF THE PROCESSING
The data controller is Wora S.r.l., with registered office in Via Alberico Albricci 8, 20122, Milan (MI), Tax Code and VAT number 11446000967 (the “Controller” or “Wora”).
CATEGORIES OF PROCESSED DATA
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the website, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the operating system and the user’s computer environment. Navigation data will be collected exclusively in the legitimate interest of allowing the user to enjoy the contents published on the Controller’s website and its correct administration and management. This data is stored for a short time and could be used to ascertain responsibility in the event of hypothetical computer crimes against Wora. Afterwards, the data is stored only in anonymous form for exclusive statistical interest.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. The legal bases for the processing are, therefore, the legitimate interest of the Controller to respond to communications received or the need to fulfill pre-contractual requests made by the interested party. The data will be kept for the time necessary to satisfy any requests from the sender or issues submitted to the Controller and, in any case, for the time imposed by specific legal provisions. The sender has, however, the right to request their deletion according to the methods, conditions and limits set out in art. 17 of the GDPR. If the voluntary contact by the user takes place by filling in the form in the “Contacts” section, he will receive specific information in these locations.
OPTIONALITY OF DATA PROVISION
METHOD OF TREATMENT AND SUBJECTS AUTHORIZED TO THE TREATMENT
The processing related to the web services of this site (physically “hosted” on the Wix.com server located in the United States) takes place at the headquarters of the Data Controller. The control and custody of the information are managed by authorized personnel in charge of processing online requests. Occasionally, for exclusive technical reasons, authorized personnel who provide assistance to the site and the Data Controller’s computer systems may access the data. No data derived from web browsing is communicated or disseminated to additional third parties unless in compliance with legal obligations.
Specific security measures are observed to prevent the loss of data, illegal or incorrect use, and unauthorized access.
TRANSFER OF DATA ABROAD
Requests and messages sent spontaneously to the Data Controller to the email addresses or in the compilation of web forms on the site may be tracked/stored on servers located outside the EU or the European Economic Area (EEA) belonging to third-party platforms we use; similarly, the Wix.com server, where this site is physically “hosted”, is also located outside the EU. Consequently, it is possible that your personal data may be transferred to subjects or companies located outside the EU or the European Economic Area (EEA). In these cases, or should the need arise to use other types of extra-EU suppliers who have access to some of your personal data, the Data Controller will provide you with full information and verify that all measures (contractual and non-contractual) suitable and necessary are adopted to guarantee an adequate level of protection of your personal data in accordance with and in the manner indicated by Chapter V of the GDPR and, in any case, by the current legislation on the protection of personal data. In any case, you can always request more information about the identity of the third-party entities outside the EU who may know/process your personal data and the activities they carry out by requesting it from the company privacy contact or at the email address firstname.lastname@example.org.
RIGHTS OF THE DATA SUBJECT
The data subject has the right to ask the Data Controller for access to data, its rectification, deletion, limitation of processing, or to object to data processing under the conditions set by articles 15, 16, 17, 18, 21 of the GDPR. Lastly, the data subject has the right to lodge a complaint with a supervisory authority if they believe that the processing concerning them violates the applicable regulation to the protection of their data. To request information on data processing or to exercise your rights on your data, please contact us at email@example.com.
The information provided here may be subject to revision following:
- changes in the regulation on the protection of personal data, for the aspects of interest here;
- technological implementations adopted by the Data Controller that impact the current processing methods;
- organizational changes in the Data Controller’s structure that may affect the data subject.
Users are kindly requested to periodically consult this information in order to be constantly updated on the characteristics of the processing.
INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO EU REGULATION 2016/679
Dear User, we wish to inform you that the EU Regulation 2016/679 (“GDPR”) provides for the protection of individuals with regard to the processing of personal data. Wora S.r.l., with registered office in Via Alberico Albricci 8, 20122, Milan (MI), VAT number 11446000967, as the “Data Controller”, pursuant to article 13 of the GDPR, therefore provides you with the following information:
- CATEGORIES OF DATA: we will process personal data provided in mandatory and optional fields. We will also process information voluntarily provided in the free text field. In this regard, please do not disclose sensitive information, information relating to third parties, or statements that harm the dignity or decorum of others.
- OBLIGATION OR NOT TO PROVIDE DATA: We inform you that providing data is mandatory for some fields and their possible failure to provide will result in the non-submission of the form and therefore the impossibility of receiving and satisfying your request. Failure to provide data in the optional fields, as well as partial or incorrect provision of data, may prevent us from fully or correctly handling your requests.
- SOURCE OF PERSONAL DATA: Personal data is collected directly from you when submitting this form.
- PURPOSE OF DATA PROCESSING AND LEGAL BASIS: The processing of data in relation to the completion of this form is based on the need to satisfy pre-contractual requests of the interested party (art. 6, par. 1, letter b of the GDPR) and the legitimate interest of the Data Controller to process requests for information solicited by the interested party (art. 6, par. 1, letter f of the GDPR).
- RECIPIENTS OF THE DATA: Within the limits relevant to the indicated purposes, your data will be processed by persons authorized to process and manage corporate communication. For exclusive reasons of technical assistance to the site or the Data Controller’s IT system, data could be accessible to IT staff authorized for this purpose. The hosting service providers / applications / IT platforms that host this site and the communications deriving from it are responsible for the technical storage of data and are identified as Data Processors according to art. 28 of the GDPR. Your data will not be disseminated in any way.
- TRANSFER OF DATA ABROAD: the collected data is not communicated abroad. However, all requests and messages sent to the Data Controller spontaneously to email addresses or in filling in the web forms present on the site can be tracked / stored on servers located outside the EU or the European Economic Area (EEA) belonging to the third-party platforms we use; consequently, your personal data may be transferred to individuals or companies located outside the EU or the European Economic Area (EEA). In these cases, or if the need arises to use other types of extra-EU providers who have access to some of your personal data, the Data Controller will provide you with full information and verify that all measures (contractual and not) suitable and necessary to guarantee an adequate level of protection of your personal data are adopted in agreement and with the methods indicated by Chapter V of the GDPR and, in any case, by the current legislation on the protection of personal data. In any case, you can always request more information on the identity of the third parties outside the EU who can know / process your personal data and the activities carried out by them by making a request to the corporate privacy manager or to the address firstname.lastname@example.org.
- METHOD OF DATA PROCESSING: The personal data you provide will be processed with IT tools in compliance with adequate technical and organizational security measures to prevent data loss, improper or incorrect use, and unauthorized access.
- CONSERVATION PERIOD: The collected data will be stored for the time necessary to fully process your request and to keep track of it in case of any developments, after which they may be deleted.
- RIGHTS OF THE INTERESTED PARTY: Pursuant to Chapter III of the GDPR, the interested party always has the right to request from the Data Controller access to their data, rectification or deletion of the same, limitation of processing or the possibility of objecting to processing, to request data portability, to revoke (where it has been requested) consent to processing by asserting these and other rights provided for by the GDPR through a simple communication to the Data Controller. Finally, the interested party has the right to lodge a complaint with a supervisory authority if they believe that the processing that concerns them violates the legislation applicable to the protection of their data.
- DATA CONTROLLER: The data controller is Wora S.r.l., with registered office in Via Alberico Albricci 8, 20122, Milan (MI), VAT number 11446000967. To request information on data processing or exercise your rights on your data, please contact us at email@example.com.