Information on the processing of personal data pursuant to art. 13 and 14 of EU Reg. 2016/679 (hereinafter "GDPR")
Thank you for choosing the Olimpia Splendid App.
The privacy and security of our Customers' personal data have always been one of our priorities. For this reason, we are constantly committed to processing such data in full compliance with the principles of lawfulness, fairness and transparency towards the data subject.
With this information notice, we intend to explain how and why we collect, store, share and use our Customers' personal data, as well as illustrate the choices and rights that they can freely exercise.
1.WHICH OF YOUR PERSONAL DATA DO WE PROCESS?
Our Company processes the personal data that the Customer provides upon registration and while using the App:
name and surname (upon registration)
email address (upon registration)
geo-location data of the Olimpia equipment (during App registration)
IP address of the Olimpia equipment (while using the App)
technical data, such as temperature settings, timer, ventilation speed (while using the App)
Our Company also collects anonymous information related to the download and use of the App for the sole purpose of acquiring statistical data on the number of users who have downloaded or are actively using the App.
In any case, we do not use the collected data collected either for customer profiling purposes, or for offering products or other commercial purposes.
However, please be informed that the IT systems and software procedures of third parties responsible for the operation of the Apps (Apple Store, Google Play) may acquire, whilst providing their services, some data that can be traced back to the user. The transmission of these data is implicit in the use of internet communication protocols, smartphones and devices used. Our Company is not involved in such processing, which is carried out autonomously and exclusively by the respective Data Controllers, nor can it be held responsible for it. Therefore, we invite you to also consult the privacy policies published on the aforementioned platforms in advance. Simply uninstalling the App from your mobile device will immediately stop the collection of any further information by our Company.
Please note that the Olimpia App uses Amazon's AWS platform as an IT technology for the rental and distribution of the services necessary for the operation of the App itself.
AWS will autonomously manage the collection of the IT certificates necessary for the operation of the hosted OLIMPIA App.
For further information, please refer to the AWS Information Notices at the following address https://aws.amazon.com/it/compliance/shared-responsibility-model/
2.WHY AND ON WHAT LEGAL BASIS DO WE PROCESS YOUR DATA?
The personal data referred to above will be processed exclusively:
For purposes strictly related to the download and activation of the App. In particular, to allow the download of the App, and exclusively for reasons related to the need to provide the service, the user must agree to make some resources of the mobile device available to the App itself,
As a Company, we are subject to compliance with legal obligations and provisions, such as those regarding data retention under commercial and tax law. Therefore, we also process the Customer's personal data to the extent necessary for the fulfilment of legal obligations, it being understood, however, that the personal data of an individual Customer are disclosed only in the presence of a legal obligation towards the Public Order and Judicial Authorities.
For the pursuit of a legitimate interest by the Data Controllers (e.g. defence in court of a right of the Data Controller).
The legal basis for the processing is the consent given by the data subject as per point sub. a) and sub. b), the contract between the parties (App Terms of Service) and the legitimate interest of the Data Controller as per points sub. c), sub. d) and sub. e).
3.HOW DO WE PROCESS YOUR DATA?
The Customer's data will be processed mainly, although not entirely, with the aid of electronic or IT tools, in constant and essential compliance with the security measures provided for by art. 32 of the GDPR and exclusively for the purposes mentioned above. The data will also be managed and protected in environments where access is under control. The processing of personal data is carried out by means of the operations indicated in art. 4 n. 2) GDPR and precisely: collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. We limit access to the Customer's information only to those who need to use it for legitimate and relevant purposes. In any case, such data will be acquired and processed without carrying out targeted analyses for "profiling".
4.HOW LONG DO WE KEEP YOUR PERSONAL DATA?
The data will be collected directly from the Customer, from the Olimpia Splendid product or from their mobile device through our App. Unless the law imposes specific storage requirements, we retain the Customer's personal data for the duration indicated in the App service activation contract and for a further term of 10 years and six months or 15 years and six months from the termination of the relationship (in consideration of the limitation periods of the rights in relation to which we may need to defend ourselves or the storage requirements imposed by law), if these are data necessary to execute the contracts between us or to carry out operations arranged/requested by the data subject or to satisfy our legitimate interest. Subsequently, the data will be securely and permanently deleted or may be made anonymous and aggregated, i.e. without any direct or indirect reference to natural persons, and will be retained solely for statistical purposes.
5.TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN ECONOMIC AREA
The Customer's personal data are stored on our secure servers located both within and outside the European Union. In the case of international transfers originating from the European Economic Area (EEA), where the European Commission has recognised an adequate level of data protection in a non-EEA country, personal data will be transferred on this basis. We also inform you that, for purposes solely related to the execution of the service provided with this App, the Customer's personal data, processed by the Olimpia Splendid platform, will be handled by a supplier (data processor) identified by Olimpia Splendid S.p.A. and located outside the EEA with whom we have implemented appropriate safeguards to ensure their protection, including the signing of standard contractual clauses approved by the European Commission. We therefore invite the Customer to contact us at the references mentioned in point sub. 9 should they wish to receive further information or request to view a copy of the specific safeguards applied to the export of their personal data.
6.WHO DO WE SHARE YOUR PERSONAL DATA WITH?
The Customer's personal data may be made accessible to: employees and collaborators of our Organisation, in their capacity as authorised/designated persons for processing and/or system administrators; third-party companies or other entities that carry out outsourced activities on behalf of the Data Controller, in their capacity as Data Processors. The aforementioned data may be communicated to and entrusted to entities that can access the data by virtue of legal, regulatory or EU legislation, within the limits provided for by such rules. Without the need for explicit consent (pursuant to art. 6 lett. b) and c) GDPR), the Data Controller may communicate the aforementioned data to Supervisory Bodies, Judicial Authorities, as well as to those entities to whom communication is mandatory by law for the performance of the aforementioned purposes. These entities will process the data in their capacity as independent data controllers. In any case, the Customer's personal data will not be divulged.
7.WHAT ARE THE NATURE AND CONSEQUENCES OF REFUSING TO PROVIDE YOUR DATA?
The provision of data is optional but still necessary for the use of the service. Refusal to provide data does not allow the use of the App.
8.WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?
In accordance with current legislation (Articles 15-22 GDPR), in relation to the processing of personal data carried out by us, the Customer is granted the following rights:
• access: it is possible to obtain information relating to the processing of personal data and a copy of such personal data;
• rectification: if you believe that your personal data is inaccurate, not up-to-date or incomplete, you can request that such personal data be corrected or amended;
• deletion: you can request the erasure of your personal data, if the reasons provided for by law exist;
• restriction: you can request the restriction of the processing of your personal data, if the reasons provided for by law exist;
• objection: you can object to the processing of your personal data carried out on the basis of our legitimate interest, for reasons relating to your particular situation. You may also object to the processing of personal data carried out for direct marketing purposes, including profiling to the extent that it is related to such direct marketing;
• data portability: where legally possible, you have the right to receive or obtain the direct transmission to another data controller (if technically possible) of the personal data you have provided and that generated during the course of our relationship. Data resulting from our processing and assessments are excluded, if the processing is based on consent or contract and is carried out by automated means;
• withdrawal: you may withdraw the consent given for the processing of your personal data at any time.
These rights can be exercised by sending a request to the Data Controller in the following ways:
by post to Olimpia Splendid S.p.A., Via Industriale 1/3 - 25060 Cellatica (BS)
by e-mail message to the following e-mail address: privacy@olimpiasplendid.it
The Customer has the right to withdraw any consent given in relation to the processing of their data at any time and to lodge a complaint with the Supervisory Authority (Garante Privacy) for the protection of personal data at the following link http://www.garanteprivacy.it or with the European Data Protection Supervisor using the following link http://www.edps.europa.eu.
9.CONTACTS OF THE DATA CONTROLLER AND DATA PROTECTION OFFICER (DPO/RPD)
The Data Controller of personal data is:
Olimpia Splendid S.p.A. with registered office in Via Industriale 1/3 - 25060 Cellatica (BS), e-mail: privacy@olimpiasplendid.it
Please also note that Olimpia Splendid S.p.A. has appointed a Data Protection Officer (DPO/RPD) who can be contacted at the following address: dpo@olimpiasplendid.it
10.UPDATE OF THE INFORMATION NOTICE
In a world where technologies are constantly changing, it may be necessary to periodically update this Information Notice. We will inform you of any changes through the App or through our other usual communication channels.
CONSENT TO THE PROCESSING OF PERSONAL DATA
The Customer, having received the above information notice, having acquired the information provided by the Data Controller pursuant to Article 7 of EU Reg. 2016/679, by signing up for the service declares that they consent to the processing of data for the purposes referred to in point 2 sub. a) and sub. b) of the information notice (download and activation of the Olimpia Splendid App, including for instance, but not limited to, the geolocation of their mobile device).
;
