(European Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016, concerning the protection of natural persons with regard to the processing of personal data – in short “GDPR”)
1. Owner and Data Protection Officer
The controller of the data collected through this site is Movantia S.r.l., with a registered office in Italy, Via Ravenna n.10, 40139 Bologna, Company Reg. No., Tax Code and VAT No. IT10218151008, (hereinafter: “Movantia”). it decides autonomously on the purposes and methods of the processing, as well as on the security procedures to be applied to guarantee the confidentiality, integrity, and availability of the data. The data protection officer (Data Protection Officer or “DPO”) is available for any information concerning the processing of personal data. The DPO can be contacted by writing to: firstname.lastname@example.org
2. Personal Data collected from the Site
The Data Controller collects the following types of Personal Data:
- Content and information provided voluntarily by the User:
- Personal Data that the User voluntarily provides through the Site during its use, such as personal data, contact details, access credentials to the services and/or products provided, personal interests and preferences and other personal content, etc. Failure by the User to provide Personal Data, for which there is a legal or contractual obligation or if they constitute a necessary requirement for the use of the service or for the conclusion of the contract, will make it impossible for the Data Controller to fully or part of its services.
- The User who communicates the Personal Data of third parties to the Owner is directly and exclusively responsible for their origin, collection, treatment, communication, or dissemination.
- Technical data that the computer systems and software procedures used to operate this Site can acquire, during their normal operation, as Personal Data, the transmission of which is implicit in the use of internet communication protocols. This information is not collected to be associated with identified Users, but which by their very nature could, through processing and association with Data held by third parties, allow Users to be identified in certain circumstances. This category includes IP addresses, or domain names used by Users who connect to the Site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, etc.
- Data relating to the use of the Site by the User may also be collected, such as for example the pages visited, the actions performed, and the functions and services used.
- Personal data collected through cookies or similar technologies for statistical reports such as Data on pages, visited links and other actions that the User performs when using our Services, within advertising or email content. They are memorized to then be retransmitted to the same sites at the next visit by the same User.
3. Purpose of data processing
Your personal data will be processed:
- a) without the User’s consent (article 6, letters b, c, f, GDPR), for the following purposes:
- collect data on Users such as personal data such as name and surname, address, email, telephone, navigation data.
- provide the functioning of the computer systems and software procedures used to operate the Site; they acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols, information that is not collected by Movantia;
- comply with the provisions of laws and regulations (national or community), or execute an order from judicial authorities or supervisory bodies to which Movantia is subject,
- exercise the rights of Movantia, in particular, that of defense in court;
allow Users to register on the Site and use the services reserved for registered Users;
- manage requests forwarded to our Customer Service.
In the aforementioned cases, the processing of your personal data is legitimate as it is necessary to execute a contract with a User or to provide him with the service he has requested from us.
Furthermore, we carry out statistical surveys and analyzes with data in aggregate form to understand how users interact and use the Site, to improve our offer and our services.
- b) with the User’s consent (article 7, GDPR), for the following purposes:
- organization of events, meetings, conferences and seminars;
- various types of marketing activities, including the promotion of products and services, the distribution of information and promotional material, the sending of newsletters and publications,
- management of surveys and questionnaires, also relating to the degree of customer satisfaction.
The provision of data for the purposes referred to in the previous section (a) is mandatory. The lack of data and/or any express refusal to process it will make it impossible for Movantia to follow up on a request, or the possible violation of requests from the competent Authorities. The provision of data for the purposes referred to in section (b) above is optional, with the consequence that the User may decide not to provide his consent, or to revoke it at any time by contacting the DPO.
When using particular Services (for example connecting to the Movantia profile on Twitter, Facebook, Instagram, YouTube, Linkedin, and other social networks) the Personal Data sent by the User to the Service manager may be processed. With respect to these hypotheses, the User acts as an independent data controller, assuming all the obligations and responsibilities of the law. In this sense, the User confers the widest indemnity on this point with respect to any dispute, claim, request for compensation for damage from treatment, etc. that should reach Movantia also from third parties whose Personal Data have been processed through the use by the User of the Services in violation of the applicable personal data protection regulations. In any case, if the User provides or otherwise processes Personal Data of third parties in the use of the Service, he guarantees from now on – assuming all related responsibility – that this particular hypothesis of treatment is based on an appropriate legal basis (for example, the consent of the interested party) pursuant to art. 6 of the Regulation which legitimizes the processing of the information in question.
4. Categories of personal data processed
Within the scope of the purposes of the treatments highlighted in the previous paragraph (3), only personal data will be processed concerning, for example, name and surname, tax code, VAT number, residence, domicile, place of work , e-mail or PEC address, telephone and fax numbers, etc.
5. Transfers of personal data
The Data is processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located. For the purposes referred to in paragraph (3), section (a) above, the personal data provided by the User may be made accessible:
- to employees and collaborators of Movantia, in their capacity as authorized data processors (or so-called “processors”), such as, for example, personnel management, commercial area employees, system administrators, etc.,
- to third parties who carry out activities in partnership with Movantia or supply on behalf of Movantia (IT companies, service providers, postal carriers, hosting providers, etc.) who, if necessary, may be appointed as Data Processors by the Data Controller , as well as accessing Users’ Personal Data whenever necessary and will be contractually obliged to keep Personal Data confidential in their capacity as Data Processors,
- to judicial or supervisory authorities, administrations, public entities and bodies (national and foreign).
Should the User express his consent to the use of personal data for the purposes referred to in the previous paragraph (2), section (b), the same may be made accessible to the subjects indicated in the previous points (1), (2 ), and (3).
6. Transfer and retention of personal data
The management and storage of Personal Data take place in the cloud and on servers located within the European Union available to Movantia, duly appointed as Data Processors. The transfer of data abroad to non-EU countries takes place in compliance with the provisions contained in Chapter V, GDPR (article 46), through the adoption of standard clauses drafted on the basis of version no. 2004/915/EC and no. 2010/87/EU elaborated by the European Commission. Users’ personal data will not be disclosed.
The Personal Data collected for the purposes indicated in the previous paragraph (3), section (a) will be processed and stored for the entire duration of the established relationship. Starting from the date of termination of this relationship, for any reason or cause, the Data will be kept for the duration of the prescription terms applicable pursuant to the law. The Personal Data collected for the purposes indicated in the previous paragraph (3), section (b) will be processed and stored for the time necessary to fulfill these purposes and in any case for no more than 10 years from the date on which Movantia receives the consent of the User and in any case up to the completion of the limitation period established by the regulations in force.
All the Data collected will not be subject to any automated decision-making process, including profiling, which may produce legal effects for the person or which may significantly affect him.
7. Exercisable Rights
The User has the right to ask Movantia, through the Site, at any time, to access his Personal Data, to rectify or cancel them or to oppose their treatment in the cases provided for by sending a request via e- email to the DPO for:
- Right of access – Obtain confirmation as to whether or not personal data concerning the User is being processed (article 15, GDPR),
- Right to rectification – Obtain, without undue delay, the rectification of inaccurate personal data concerning the User and the integration of incomplete personal data (article 16, GDPR),
- Right to cancellation – Obtain, without unjustified delay, the cancellation of Personal Data concerning the User, in the cases provided for by the GDPR (article 17, GDPR),
- Right to limitation – Obtain from Movantia the limitation of the treatment, in the cases foreseen by the GDPR (article 18, GDPR),
- Right to portability – Receive the Personal Data concerning the User provided to Movantia in a structured format, commonly used and readable by a computer device, as well as obtain that the same are transmitted to another Data Controller without impediments, in the cases provided for by the GDPR (article 20, GDPR),
- Right to object – Object to the processing of Personal Data concerning you, unless there are legitimate reasons for Movantia to continue the processing (article 21, GDPR),
- Right to lodge a complaint with the supervisory authority – Propose a complaint to the Guarantor Authority for the protection of personal data, Piazza di Montecitorio n. 121, 00186, Rome (RM).
To exercise their rights, Users can direct a request to the contact details of the Owner indicated on this page. Requests are made free of charge and processed by the Data Controller as soon as possible, in any case within 30 days.
8. Processing methods
The processing of Users’ personal data is carried out by means of the operations indicated in article 4, n.2), GDPR – carried out with or without the aid of IT systems – and precisely: collection, registration, organization, structuring, updating, conservation, adaptation or modification, extraction and analysis, consultation, use, communication by transmission, comparison, interconnection, limitation, cancellation or destruction. In any case, the logical and physical security of the Data and, in general, the confidentiality of the Personal Data processed will be guaranteed, implementing all the necessary technical and organizational measures to guarantee their security.
We protect Users’ Personal Data with technical and organizational security measures aimed at preventing them from being used illegitimately or fraudulently. We maintain technical, physical and administrative security measures designed to provide reasonable protection for Personal Data against loss, misuse, unauthorized access, disclosure and alteration. Security measures include firewall software, data encryption, access controls to our offices, and information access authorization controls. While we are committed to protecting our systems and services, you are responsible for protecting and maintaining the privacy of your passwords and account registration information, and for ensuring that the Personal Data we hold about you is accurate and up-to-date. We are not responsible for protecting Personal Data that we share with third parties based on an account connection that you have authorised. In particular, we use security measures that guarantee data encryption, confidentiality, integrity, availability of user data, the ability to restore data in the event of a data breach. Furthermore, Movantia undertakes to regularly test, verify and evaluate the effectiveness of technical and organizational measures in order to ensure continuous improvement in the security of the Treatments.
If you believe that the processing of your personal data has been carried out unlawfully, you can lodge a complaint with one of the competent supervisory authorities for compliance with the rules on the protection of personal data.
In Italy, the complaint can be presented to the Guarantor for the Protection of Personal Data, at the address http://www.garanteprivacy.it.
PP_v2.3 – 09/20/2022