This policy describes the methods and purposes of the processing of personal data of users who access and use the following websites:
(hereinafter, simply the “Sites”) in compliance with the current legislation on the protection of personal data. In compliance with the principles recognized by the European Regulation 679/2016, this information provides the user (data subject) any further information necessary to ensure correct and transparent processing, in relation to the specific context in which the personal data are collected and subsequently processed.
This policy is provided only for the Sites listed above, and not for the websites, Apps and Social Platforms accessible through hyperlinks contained therein, for which reference should be made to the relevant information on the processing of personal data.
The Controller is “Digitalmoka S.r.l.”, with registered office in via Anguillarese 186, 00123 Rome (hereinafter “DIGITALMOKA” or “Controller “).
The types of data processed include:
DIGITALMOKA processes user’s personal data for purposes related to the provision of the services offered through the Sites, as well as to guarantee of correct functioning of the same. The legal basis of the processing is, therefore, constituted by the performance of a contract to which the data subject is party , pursuant to art. 6, par. 1, lett. b) of Regulation (EU) 679/2016 (GDPR). In particular, the user’s personal data are collected and processed for the following purposes:
The processing will be carried out using paper and / or IT tools, by individuals authorized to do so, who operate under the direct authority and according to the instructions given by the Controller, with processing strictly related to the purposes indicated and, in any case, in such a way as to guarantee the security and confidentiality of the data processed.
The processing operations are carried out in such a way as to guarantee the security of data and systems. Specific security measures are adopted in order to minimize the risk of destruction or loss, even accidental, of the data, of unauthorized access, of processing that is not permitted or does not comply with the purposes indicated in this policy .
However, the security measures adopted do not allow for the risk of interception or compromise of personal data transmitted via telematic devices to be absolutely ruled out. It is therefore recommended to verify that the device employed by the user is equipped with software systems suitable for the protection of the telematic transmission of data, both inbound and outbound (such as, for example, updated antivirus systems, firewalls and spam filters).
The data being processed will be kept for a period not exceeding that necessary to achieve the purposes for which they were collected and subsequently processed. In particular:
The personal data of the data subject may be communicated to:
specifically authorized collaborators and employees of the Controller, within the scope of their duties;
providers of the services offered through the Sites or connected to the functioning of the same.
Under no circumstances will personal data be communicated, disseminated, sold or otherwise transferred to third parties for illegal purposes and, in any case, without providing suitable information to the interested parties and obtaining their consent, where required by law. Any communication of data at the request of the judicial or public security authorities, in the manner and in the cases provided for by law, remains unaffected. Personal data will not be transferred abroad, to Countries or international Organizations not belonging to the European Union that do not guarantee an adequate level of protection, as recognized, pursuant to art. 45 GDPR, through an adequacy decision of the EU Commission. Should it be necessary for the provision of the Services, the transfer of personal data to Countries or international Organizations outside the EU, for which the Commission has not made an adequacy decision pursuant to art. 45 GDPR, will take place only in the presence of adequate guarantees provided by the recipient Country or Organization, pursuant to art. 46 GDPR and provided that the data subjects have enforceable rights and effective remedies. In the absence of an adequacy decision by the Commission, pursuant to art. 45 GDPR, or adequate guarantees, pursuant to art. 46 GDPR, the cross-border transfer will take place only if one of the conditions indicated in art. 49 GDPR is fulfilled.
The data subject has the right to access their personal data, to request their correction, updating and deletion or limitation, if incomplete, erroneous or collected in violation of the law, as well as to oppose the processing for legitimate reasons or obtain portability.
Specifically, the data subject have the right to obtain from the controller confirmation as to whether or no personal data concerning him or her are being processed , even if it has not yet been recorded, and to its communication in intelligible form.
The data subject also has the right to obtain information on:
The data subject has the right to obtain:
The data subject has the right to object, in whole or in part:
Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their usual residence, place of work or place of the alleged infringement.
The above rights are exercised with a request addressed to the Controller, by sending an e-mail message to the address mailto:[email protected]. The request is formulated freely and without formalities by the data subject, who has the right to receive suitable feedback within a reasonable timeframe, depending on the circumstances of the case.
The data subject may make use, for the exercise of their rights, of non-profit bodies, organizations or associations, whose statutory objectives are of public interest and which are active in the field of protection of the rights and freedoms of the interested parties with regard to the protection of personal data, providing, for this purpose, a suitable mandate. The data subject may also be assisted by a person of trust.
It is possible to receive more information on the purposes and methods of processing personal data by writing to mailto:[email protected] and indicating “Privacy” in the subject line.
To find out about your rights, lodge a complaint and always be updated on the legislation on the protection of individuals with regard to the processing of personal data, the data subject can contact the personal Data Protection Authority, by consulting the website at the address http://www.garanteprivacy.it/.
The original text of this information is drawn up in Italian and the Italian text is the only one that will be authentic in the relationship between the data subject and the Controller.
It should be noted that, for the convenience of the data subject, this information is also available in English: it is understood, in any case, that any translation is provided solely for facilitative purposes and that in any case of conflict or discrepancy, the Italian version will remain prevailing and legally binding in the relations between the Controller and the data subject, without prejudice to DIGITALMOKA’s exemption from any liability deriving from translation defects.
Information updated in June 2021