Privacy Policy

This information (“Privacy Policy“) is provided pursuant to Article 13 of EU Regulation 2016/679 (“GDPR“), to describe the methods of processing your personal data, as a user who browses the Orizon platform  www.orizon.dev (“Platform“) and mobile application (“App“) and uses the services contained therein.

Index

  1. Data Controller
  2. Types of personal data processed
  3. Purposes and methods of data processing
  4. Legal basis for the processing
  5. Collection of data and consequences of failure to provide it
  6. Withdrawal of consent
  7. Recipients/categories of recipients of personal data
  8. Data Retention Period
  9. Rights of the data subject
  10. Complaint to the Supervisory Authority
  11. Children’s personal rights
  12. Updates & Changes
  13. Links to Other Sites

1. Data Controller

The data controller is Cartello S.r.l., with registered office in Via Terrarossa 1, 16042 Carasco (GE), VAT [•], e-mail info@orizon.dev (hereinafter the “Data Controller“).

2. Types of personal data processed

The Data Controller collects and processes your personal data (“Personal Data” or just “Data“) and, specifically:

  • Navigation data: the computer systems and software procedures used to operate the Platform or App acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified data subjects but which, by its very nature, could allow users to be identified through processing and association with data held by third parties. This category of data includes, among others, IP addresses, the time of the request, the identification code indicating the status of the response given by the server, the user agent used, etc., and other parameters relating to the operating system and the user’s IT environment.

These data are not disseminated but are used for the sole purpose of obtaining anonymous statistical information on the use of the Platforms or the App and to check its correct functioning and are kept for the time defined by the relevant legal regulations. However, such data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Platforms or the App.

  • Data provided by you: personal identification and contact data, such as name, surname, e-mail address, telephone number, photographic images.
  • Cookies: text files that can be used to make the browsing experience more efficient for the user. For more details, please consult the Cookie Policy page.

3. Purposes and methods of data processing

The Personal Data you provide is collected and processed for the following purposes:

  1. manage your registration on the Platform and/or App and the consequent creation of your personal account, including customization with your profile picture;
  2. receive the Cartello newsletter to stay updated on the institutional initiatives promoted by the same;
  3. carry out direct marketing activities towards you, in order to keep you updated on all Cartello’s promotional initiatives, including through the sending of advertising and/or promotional material;
  4. carry out profiling activities towards you, in order to analyze your preferences, habits, interests and consumer choices for the creation of specific user profiles.

The processing of personal data will be carried out by the Data Controller and by expressly designated subjects, with the aid of IT tools and according to the principles of the law, protecting the confidentiality of the data subjects and their rights through the adoption of appropriate technical and organizational measures to ensure a level of security appropriate to the risk. Specific and adequate technical and physical security measures will also be adopted, pursuant to Articles 5 and 32 of the Regulation, aimed at avoiding the risks of loss, destruction and unauthorized access.

4. Legal basis for the processing

The legal basis for the processing for the purposes referred to in point 3 is:

  1. to manage your registration on the Platform and/or App and the consequent creation of your personal account, including customization with your profile picture, the execution of the contract in place with the Data Controller, pursuant to art. 6 (1) (b) GDPR;
  2. to receive the Cartello newsletter, to carry out direct marketing activities and to carry out profiling activities, your freely expressed consent, pursuant to Article 6 (1) (a) GDPR.

5. Collection of data and consequences of failure to provide it

The provision of your Personal Data is optional but necessary to achieve the purposes referred to in point 3. Failure to provide such data will have no other consequence than the impossibility of registering on the Platform and/or App and creating a personal account, including a profile picture, receiving the Cartello newsletter, carrying out direct marketing and/or profiling activities towards you.

6. Withdrawal of consent

You have the right to revoke at any time any consent given for the purposes of newsletters, direct marketing and/or profiling, without prejudice to the lawfulness of the processing carried out on the basis of the consent given before the revocation.

In order to revoke your consent to the processing, it will be sufficient to send your request to revoke consent to the Data Controller by registered letter, fax or e-mail to the addresses and contact details indicated in point 1 of this Privacy Policy.

7. Recipients/Categories of Recipients of Personal Data

The Data may be communicated, within the EU, to external structures, subjects and companies (including consultants, software houses, business partners, cloud computing providers) used by the Data Controller for the management of the Site and for the performance of activities connected, instrumental or consequent to the execution of the Services offered by the Platforms and/or the App.

In any case, the Data will not be transferred outside the European Union nor will they be disseminated.

8. Data Retention Period

Without prejudice to legal obligations, your Personal Data will be kept for a specified period, depending on the nature of the Services provided through the Platform or App, namely:

  1. to manage your registration on the Platform and/or App and the creation of your personal account, including personalization with your profile picture, until you request the deletion of the personal account created;
  2. to receive the Cartello newsletter, until the request to revoke the consent given;
  3. to carry out direct marketing activities, for a period not exceeding 24 months from their registration;
  4. to carry out profiling activities, for a period not exceeding 12 months from their registration.

9. Rights of the data subject

At any time, you may exercise your rights against the Data Controller pursuant to Article 15 and following of GDPR which, for convenience, are reported below:

  • Right of access and rectification (Articles 15 and 16 GDPR): the right to obtain confirmation as to whether or not your Personal Data is being processed and, if so, to obtain access to your Personal Data. You also have the right to request the rectification of inaccurate data and the completion of incomplete data. The exercise of these rights can be carried out by writing directly to the address info@orizon.dev. If you wish, we will provide you with a copy of the Data we hold about you.
  • Right to erasure of data (Article 17 GDPR): in the cases provided for by current legislation (e.g. the personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed, withdrawal of consent, unlawful processing, etc.), you can request the deletion of your Personal Data which we will do without delay.
  • Right to restriction of processing (Article 18 GDPR): in the cases provided for by current legislation (inaccuracy of personal data, unlawful processing of data, etc.) you have the right to obtain the restriction of the processing of your Personal Data.
  • Right to data portability (Article 20 GDPR): the right to receive your Data in a structured, commonly used and machine-readable format, in order to transmit them to another controller, or, if requested, we will provide for the direct transmission of your Data to another controller.
  • Right to object (Article 21 GDPR): the right to object at any time to the processing of Personal Data concerning you.

In general, in order to exercise these rights, it will be sufficient to contact the Data Controller by registered letter, fax or e-mail to the addresses and contact details indicated in point 1, possibly using the forms made available on the website of the Supervisory Authority (https://www.garanteprivacy.it).

From the receipt of your request, the Data Controller has one month to take all the necessary actions. Within this period, notwithstanding the exercise of your rights, you may receive additional automated communications that were planned to be sent before your request. The one-month deadline may be extended by two months in the case of complex applications or large requests.

10. Complaint to the Supervisory Authority

In the event that you believe that there has been a violation of your right to the protection of personal data, you have the right to lodge a complaint with the Supervisory Authority in the manner and in compliance with the terms set out on the Authority’s website (https://www.garanteprivacy.it).

11. Children’s personal data

The services on this Site are intended for a general audience and are not intended for children under the age of 18. We do not knowingly collect personal data from users under this age group. In the event of the release of personal data belonging to a minor under the age of 18, the Data Controller will immediately delete them.

12. Updates & Changes

The Data Controller may amend, supplement or simply update, in whole or in part, this Privacy Policy also in consideration of regulatory changes or the entry into force of new sector regulations.

Updates and changes will be communicated by publication on the Platforms and on the App. We therefore ask you to regularly access this section to check the publication of the most recent and updated Privacy Policy.

13. Links to Other Sites

This Privacy Policy is provided for the Platforms and the App and is not valid for other external websites that may be consulted through links.