The site www.meteoheroes.com (hereinafter "the Site") is owned by Meteo Operations Italia S.r.l. (hereinafter the "Company" or "MOPI", for corporate data see point 7), as Data Controller and the security measures applicable to this Site have been defined and developed to ensure that the information provided by users ( hereinafter "user", "users" or "you") are treated in compliance with the principles of lawfulness, correctness, transparency, purpose limitation and retention, data minimization, accuracy, integrity and confidentiality, in compliance with national regulations and European regulations in force.
1) PERSONAL DATA OBJECT OF THE TREATMENT
"Personal Data" means any information concerning an identified or identifiable natural person with particular reference to an identifier such as the name, an identification number, location data or an online identifier. The Personal Data collected by the Site are as follows:
a) Navigation data
The computer systems and software procedures used for the correct functioning of the Site acquire, during their normal operation, some Personal Data whose transmission is implicit in the navigation of the websites. This information is not collected to be associated with identified interested parties; however, by their very nature they could, through processing and association with data held by third parties, allow users to be identified.
These include the IP addresses or the names of the computers used by users who connect to the Site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters relating to the operating system and the IT platform used by the user.
The above data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Site.
b) Data provided voluntarily by the user
Through the Site, the user has the opportunity to voluntarily provide Personal Data, such as name and e-mail address for subscription to the newsletter service, for requests for demos or information through the various forms of the Site.
The personal data provided in this way are used for the sole purpose of satisfying or responding to the requests sent and are communicated to third parties only if this is necessary for this purpose. In this sense, the user grants the widest indemnity on this point with respect to any dispute, claim, request for compensation for damage from processing, and so on that should reach MOPI from third parties whose Personal Data have been processed through his use of the Site in violation of the applicable legislation.
c) Data not collected from the user
Pursuant to art. 14, n. 2, letter f) of the GDPR, MOPI informs that the data may be provided by third party Data Controllers on the basis of the consent specifically given by the User at the bottom of the information. These third party Data Controllers are required, in fact, to hold the legal rights to collect, use and share User information.
2) PURPOSE AND LEGAL BASIS OF DATA PROCESSING
The Personal Data you provide through the Site will be processed by the Company for the following purposes:
a) purposes related to the provision of services available through the Site (eg: contact request through the forms on the site, etc.);
b) purposes of statistical research / analysis on aggregated or anonymous data, therefore without the possibility of identifying the user, aimed at measuring the functioning of the Site and its operational functions, including the resolution of any technical problem;
c) purposes aimed at preventing or preventing fraudulent activities or improper use that could damage the MOPI site, or compromise the security of operations;
d) purposes related to the fulfillment of a legal obligation to which MOPI is subject;
e) purposes necessary to ascertain, exercise or defend a right in court or whenever the judicial authorities exercise their judicial functions.
The legal basis for the processing of Personal Data for the purposes referred to in point a) is the provision of a service or the response to a request, which do not require the consent of users, in accordance with the applicable legislation. The purpose referred to in point b) does not involve the processing of Personal Data.
As regards the purposes referred to in points c) and d), the processing is necessary for the pursuit of a legitimate interest of MOPI.
Finally, the purpose referred to in point e) represents a legitimate processing of Personal Data as it is necessary to fulfill a legal obligation to which the Company is subject.
The provision of your Personal Data is optional: the user is free to provide personal data contained in the forms on the Site or indicated in the contacts with the Data Controller to allow the sending of informative material, commercial offers or other communications. Failure to provide them may make it impossible to obtain what is requested.
f) Direct marketing purposes, to pursue commercial promotion, advertising communication, solicitation of purchasing behavior, market research, surveys (including telephone, online or through forms), statistical processing (in identification form), other research marketing samples in a broad sense (including prize events, games and competitions) of products and / or services referable to the Company, as well as sending advertising material or carrying out direct sales activities or interactive commercial communications on products, services and other activities, through telephone, SMS, MMS, fax, conventional mail, e-mail and related web applications.
By giving their consent, the User specifically and expressly authorizes such additional, possible treatments for advertising and marketing purposes.
For the purposes of the principle of fulfillment of the privacy obligations for the owner in compliance with the principles of simplification of the same obligations and pursuant to the General Provision of the Privacy Guarantor of May 15, 2013 entitled "Consent to the processing of personal data for purposes of" direct marketing "Through traditional and automated contact tools", the data controller informs:
That any consent given for the sending of commercial and promotional communications will imply the receipt of such communications not only through automated contact methods, but also through traditional methods, such as paper mail or calls via operator;
That the data subject's right to object to the processing of personal data for "direct marketing" purposes will extend to all contact methods, whether automated or not; the possibility of exercising this right in part remains unaffected, both with respect to certain means and certain treatments;
that the specific consent formula collected will be unitary and comprehensive and will refer to all possible means of marketing processing.
The interested party has the right to notify the data controller at the e-mail address email@example.com of a different will as regards the use of certain marketing means and as regards consent and / or denial for individual purposes.
The granting of consent to the processing for the purposes indicated above is absolutely optional and optional. Failure to provide it will not lead to any interference and / or consequence on all relationships that fall within the purposes of the processing referred to in point a), b), c), d), e) above.
g) Purpose of commercial profiling
It is possible that for marketing and service improvement purposes, the owner will process the so-called "profiling" data, defined pursuant to art. 4, paragraph 1, EU Regulation as "any form of automated processing of personal data consisting in the use of said personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning professional performance, the situation economic, health, personal preferences, interests, reliability, behavior, location or travel of said natural person ".
The profiling activity may concern "individual" personal data or "aggregate" personal data deriving from detailed individual personal data.
Fundamental elements of the profiling treatment will be:
1) the predetermination of the parameters for the structuring of the data considered individually;
2) the comparison, the intersection, the correlation of such data with each other and the comparative analysis carried out on the basis of predefined parameters, also by means of automated processes (i.e. the cataloging of individual data in clusters);
3) obtaining a profile through the preceding activities and which allows the identification of additional information with respect to individual data and allows the dynamic creation of profiles.
The treatments illustrated above will be hereinafter collectively referred to as "Profiling Treatment".
To proceed with a Profiling Treatment it is mandatory to acquire specific, separate, expressed, documented, preventive and completely optional consent.
Consequently, where the User decides to give specific consent, he must be informed in advance and aware that the purposes of the treatment pursued are of a specific commercial, advertising, promotional and marketing nature in a broad sense based on a Profiling Treatment.
With a view to absolute transparency, MOPI therefore informs that the data collected on the basis of specific consent may be the subject of a Profiling Treatment for the same purposes referred to in paragraph 2 of this information.
The provision of personal data and the provision of consent to the Profiling Treatment are absolutely optional and optional (and in any case can be revoked without formalities even after the performance) and failure to provide it will not result in consequences other than the impossibility for MOPI to proceed with the aforementioned treatments.
3) METHODS, LOGICS OF TREATMENT AND STORAGE TIMES
The processing of user information is carried out only if strictly necessary, manually and / or with the aid of IT or telematic or automated tools. The treatment will be based on principles of correctness, lawfulness, transparency and protection of confidentiality, in compliance with the provisions of art. 32 of the GDPR and Annex B of Legislative Decree 196/2003 (Articles 33-36 of the Code) on security measures, by persons specifically appointed and in compliance with the provisions of art. 29 GDPR and / or by third parties that MOPI can use to store, manage and transmit the data (for more details see point 5).
The treatment will be carried out with the logic of organization and processing of your Personal Data, also relating to the logs originating from the access and use of the services made available via the web, related to the purposes indicated above and, in any case, in order to guarantee security and confidentiality. some data. The Personal Data processed will be kept for the times provided for by the GDPR and by the applicable legislation in the time and, in any case, for a period not exceeding 5 years. Further information regarding the retention period of the Personal Data and / or the criteria used to determine this period can be requested by writing to the Data Controller (see point 7 for the Company's details).
4) ACCESS TO DATA
Your Personal Data may only be processed by persons in charge of processing pursuant to art. 29 GDPR. No data will be communicated or disseminated in violation of the law. The data provided by the User will not be disclosed to other subjects (entities or associations) that are not directly involved in the process of providing the service provided by MOPI. In particular, the subjects who may have access to your data are:
subjects who carry out activities necessary for the provision of the services offered by the Site, including, by way of example, the sending of e-mails and the analysis of the functioning of the Site who typically act as data processors of MOPI;
identifiable subjects from the activities carried out and detailed in the list referred to in paragraph 2 (system administrators - couriers - marketing managers - producers);
persons authorized by MOPI to process Personal Data who are committed to confidentiality or have an adequate legal obligation of confidentiality (e.g. employees and collaborators of MOPI).
5) THIRD PARTIES TO WHOM THE INFORMATION MAY BE COMMUNICATED
Any third parties to whom the data may be disclosed for the execution of processing operations related to the purposes specified in this statement, will be previously designated by the Data Controller as External Data Processors.
User information may also be disclosed to third parties for the following reasons:
a) in order to fulfill the obligations established by laws, regulations, protocols and by national or European legislation;
b) in order to implement regulations required by public authorities;
c) in order to allow MOPI to defend itself in court, for example in the case of violations by network users;
d) partner companies involved in the provision of the services offered by MOPI.
The data may be disclosed to third parties such as, by way of example and not limited to, couriers, Company lawyers, trusted professionals, companies / consultants for software assistance and / or the Site and / or supply of web services, companies controlled by MOPI or related to it, companies resulting from the transfers and / or mergers and / or acquisitions concerning MOPI, which will be able to carry out treatments for the above purposes and also to subjects for whom the communication is compulsorily required by community regulations, laws or regulation.
In this context, we require third parties to use the User's information in accordance with our instructions and conditions indicated. The aforementioned parties will process the information as independent Data Controllers.
6) DATA OF USERS UNDER AGE
MOPI does not collect Personal Data relating to minors under the age of 18. In the event of accidental recording of any information on minors, MOPI will promptly delete them at the request of users.
7) THE HOLDER OF THE TREATMENT
The Data Controller of user data is Meteo Operations Italia Srl, with registered office in Via G. Frova 32 - 20092 Cinisello Balsamo (MI), VAT number 03062710961. The updated list of persons authorized to process the processing is located at the headquarters legal representative of the Data Controller. For any further information or clarification, the Company can be contacted at the following e-mail address: firstname.lastname@example.org.
9) DATA TRANSFER OUTSIDE THE EU
The Company declares not to transfer user data collected through its website to non-EU countries.
10) USER RIGHTS
We inform you that the articles 15 and ss. of the GDPR give users the exercise of specific rights towards the Data Controller. In particular, you can:
a) obtain confirmation of the existence and access to Personal Data concerning you, even if not yet registered, and ask to know their origin, as well as the purposes, storage times, methods of treatment and the logic applied in case of treatments carried out with automated tools;
b) revoke any consent given regarding the processing of your Personal Data, without prejudice to the lawfulness of the processing carried out up to that moment;
c) receive the Personal Data processed in a structured format, commonly used and readable by an automatic device and, except in the case in which it is not technically feasible, directly transmit your data to another Data Controller;
d) obtain the cancellation, transformation into anonymous form or blocking of data which need not be kept for the purposes for which the data were collected and processed;
e) obtain the updating, rectification and integration of the data processed;
f) object, in whole or in part, to the processing of data for the aforementioned marketing purposes, or, for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection;
g) lodge a complaint with the supervisory authorities.
The exercise of these rights must not prejudice and / or harm the rights and freedoms of others.
You can exercise these rights at any time by writing by mail to the address of the Data Controller indicated above, or by e-mail to the e-mail address email@example.com
It is understood that, where requests are submitted by electronic means, the information will be provided free of charge and in a commonly used electronic format.
If the user's requests are manifestly unfounded or excessive, in particular due to their repetitive nature, MOPI can alternatively:
a) charge a reasonable fee taking into account the administrative costs incurred to provide the information or communication or take the requested action;
b) refuse to satisfy the request.
In both circumstances, the Company provides adequate justification to the user.
In the event that MOPI makes changes deemed important, users will be informed through the Site.