aDoormore - Privacy Policy
This privacy policy, provided pursuant to Article 13 of the EU Reg. 2016/679 (“GDPR”), describes the processing of personal data carried out by Progetto Doable S.r.l. Società Benefit collected through the aDoormore platform (the “Site”) and relating to any user who accesses the Site in accordance with the conditions provided for each type of user as defined in the Terms and Conditions of the Site (the “User”).
1. Controller
The Controller is Progetto Doable S.r.l. Società Benefit, with registered office in via Caduti del Lavoro, 13, 25034, Orzinuovi (BS), e-mail: privacy@aDoormore.com (“Progetto Doable” or the “Controller”).
2. Categories of data processed
Data communicated by the User
The Controller collects personal data that each User enters in the account registration form within the Site such as first name, last name (the so-called personal details), e-mail (the so-called contact data), company role.
Data we may automatically collect
Cookies are used on the Site to collect and store personal data relating to the use of, access to or interaction through the Site (so-called browsing data) as further described in the Cookie Policy.
(together “Personal Data")
3. Methods of data processing
The Controller processes Users’ Personal Data by taking appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data, in accordance with the GDPR.
Processing is carried out by means of electronic, telematic and/or paper-based tools with organizational methods that are related to the purposes set out below.
4. Purpose and legal basis of processing
Personal Data collected through the Site will be processed:
- a) to enable Users to register on the Site. The legal basis for such processing is the performance of the contractual obligations to which the User is a party and/or to take steps at User’s request prior to entering into a contract, and to comply with related legal obligations;
- b) for the management of requests for information forwarded by the User, or for technical assistance. The legal basis for such processing is the performance of the contractual obligations to which the User is a party and/or to take steps at User’s request prior to entering into a contract, and to fulfil related legal obligations;
- c) to enable Users to take advantage of the services offered through the Site. The legal basis is the performance of the contractual obligations at the request of Users and to comply with legal obligations; and
- d) to send e-mail communications regarding other products and services similar and/or complementary to the Site. Pursuant to Article 130 co. 4 of the Privacy Code, such processing has its legal basis in the legitimate interest of the Controller in keeping its Users constantly informed and updated from time to time about the services available on the Site. This legitimate interest is balanced and compatible with the reasonable expectation of the User, since it is reasonable to believe that Users who use a service through the Site are interested in being updated on all the features and services available from time to time on the Site.
5. Provision of personal data and consequences if not provided
The provision of Personal Data for the purposes set out in points b), c) and d) is optional; refusal to provide Personal Data will make it impossible to access the services offered by the Site, to request technical assistance and to create a personal account.
6. Recipients or categories of recipients
Personal Data may be made accessible, or disclosed and processed by the following entities, which will be appointed by the Controller, as data processors or persons authorized to process the data, or they will act as autonomous data controllers, according to the case:
- any parent, subsidiary, associated companies of the Controller, employees and/or collaborators in any capacity whatsoever of the Controller and/or any parent, subsidiary, associated companies of the Controller;
- public or private entities, natural or legal persons of which the Controller uses to carry out the activities instrumental to the achievement of the above purpose (e.g. employment consultants) or to which the Controller is obliged to disclose Personal Data, by virtue of legal or contractual obligations; and
- financing or operating partners of the Controller.
7. Storage retention period
Personal Data may be stored in a form that permits identification of data subjects and for no longer than is necessary for the purposes for which the personal data are processed in accordance with Article 5 of the GDPR; and in particular:
- to provide services through the Site: Personal Data will be retained for the duration of the contractual relationship, as well as, once it has ended, for the statute of limitations provided for by applicable law;
- for the creation of an Account: until each User decides to delete his/her account;
- to respond to Users’ requests: Personal Data will be kept for the period necessary to provide a response to requests for information and/or assistance; and
- to send notices regarding other products and services similar and/or complementary to the Site: for the duration of the validity of the User’s account to allow him/her to access new services offered and/or available.
8. Rights of access, rectification, erasure, restriction and data portability
Data subjects are granted the rights set out in Articles 15 to 20 of the GDPR.
By way of example, each interested party may:
- obtain confirmation as to whether or not personal data concerning him are being processed;
- where a processing operation is in progress, obtain access to the personal data concerning him/her and to the information relating to the processing (e.g. the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed and, where possible, the storage period) as well as request a copy of the personal data;
- obtain the rectification of inaccurate personal data and the integration of incomplete personal data;
- obtain, if one of the conditions set out in Article 17 of the GDPR applies, the erasure of personal data concerning him/her;
- obtain, in the cases provided for in Article 18 of the GDPR, the restriction of processing;
- request data portability where data are processed automatically on the basis of consent or for the performance of the contract; and
- if the conditions set out in Article 20 of the GDPR are met, receive the personal data concerning him/her in a structured, commonly used and machine-readable format and request their transmission to another data controller, if technically feasible.
9. Right to object
Each User as a data subject has the right to object at any time to the processing of his/her Personal Data by writing to one of the addresses listed in the Controller Section. In any case, any opposition will not affect the lawfulness of the processing carried out up to that moment.
10. Right to lodge a complaint with the Garante
Any User as a data subject may lodge a complaint with the Garante per la Protezione dei Dati Personali if he/she considers that his/her rights under the GDPR have been infringed, in accordance with the procedures indicated on the Garante’s website accessible at: www.garanteprivacy.it.
11. Updates
This Privacy Policy will be subject to updates. The Controller therefore invites Users who wish to know how personal data collected through the Site are processed to periodically visit this page.