PRIVACY POLICY
Information on the Processing of Personal Data
Art. 13 Reg. (UE) 2016/679
Pursuant to art. 13 of the European Regulation 2016/679 (“GDPR”or “Regulation”) the following information are provided to the Users of the website www.jesurum.it (“Site”). This information refers exclusively to the processing carried out through said Website and not through other web sites that may be visited through links herein, for which the Users are advised to peruse the relevant privacy policies as provided by the respective Controllers.
Controller: Jesurum S.r.l., with registered office in Via Antonio Pacinotti, 4 – 30175 Venezia – Tax Code and VAT number 01563650934 - tel. 0434 997963 – e-mail: info@jesurum.it.
PRIVACY POLICY
Categories Of Personal Data, Purpose Of The Processing And Its Lawfulness
Categories of personal data: name, surname, e-mail, personal data that may be included in the message.
Purpose: reply to the requests sent by the user through the interaction methods eventually present on the Site, or to the e-mail addresses available on the Site.
Legal basis: lawful processing as necessary for the implementation of a contract of which the data subject is a party, or for the execution of pre-contractual measures adopted at the request of the same – art. 6.1. (b) of the Regulation.
Categories of personal data: web surfing data (personal data whose transmission is implicit in the use of Internet communication protocols, for example IP addresses or domain names of the computers used by users, the time of the request and other parameters relating to the user's operating system and computer environment).Purpose: allow the user to browse the Site.
Legal basis: lawful processing as necessary for the implementation of a contract of which the data subject is a party, or for the execution of pre-contractual measures adopted at the request of the same – art. 6.1. (b) of the Regulation.
Categories of personal data: name, surname, e-mail, username.
Purpose: allow the creation of a personal user account ("Reserved Area") on the Site.
Legal basis: lawful processing as necessary for the implementation of a contract of which the data subject is a party, or for the execution of pre-contractual measures adopted at the request of the same – art. 6.1. (b) of the Regulation.
Categories of personal data: name, surname, e-mail address, telephone number, physical address, credit card or other payment method data.
Purpose: complete and fulfil the sale of products through the Site.
Legal basis: lawful processing as necessary for the implementation of a contract of which the data subject is a party, or for the execution of pre-contractual measures adopted at the request of the same – art. 6.1. (b) of the Regulation.
Categories of personal data: name, surname, e-mail address.
Purpose: direct marketing activities through the transmission of communications or material (e.g., through e-mail and newsletter) regarding products/services similar to those for which the user has requested information through the Site.
Legal basis: lawful processing as necessary for the pursuit of a lawful interest of the controller - art. 6.1. (f) of the Regulation. The lawful interest of the Controller is represented by the promotion of its activity through direct marketing - see Recital no. 47 of the Regulation.
Categories of personal data: name, surname, residential address, contact details, history of the user's operations on the Site.
The purpose is to manage any eventual disputes arising from purchases or bookings through the Site.
Legal basis: lawful processing as necessary for the pursuit of a lawful interest of the controller - art. 6.1. (f) of the Regulation. The lawful interest of the Controller is represented by the possibility of establishing, exercising, defending one's rights and/or defending oneself against challenges.
Categories of personal data: name, surname, e-mail address.
The purpose is to enable marketing activities by sending newsletters to the user's e-mail address, possibly including profiled marketing.
Legal basis: user’s consent – art. 6.1.(a) GDPR.
Categories of personal data: name, surname, residential address, tax data.
The purpose is the accounting management of payments for products bought through the Site.
Legal basis: legal obligation to which the Controller is subject – art. 6.1.(c) GDPR.
The Site generally does not process special categories of personal data (i.e. data concerning religious beliefs, trade union membership, sexual preferences and the others indicated in art. 9 of the Regulations) and we therefore ask all users not to include such data when sending a contact through the Site, or in other forms of interaction provided for by the Site. Should such data be spontaneously transmitted by the user/involved party (for example by means of an e-mail to the e-mail addresses present on the Site), it is understood that such transmission represents the consent of the user/involved party to their processing pursuant to art. 9, paragraph 2, letter (a) for the sole purposes expressed in this information notice and in accordance with the conditions and procedures contained herein.
PRIVACY POLICY
Mandatory Disclosure:
the provision of data for marketing purposes is optional and failure to provide such data and/or the request not to use it for direct marketing purposes will not affect the possibility of browsing the Site and/or purchasing orders. The provision of other data is necessary for browsing and/or sending messages and purchasing orders through the Site. Failure to provide such data may make it impossible to navigate on the Site and/or to respond to messages or manage orders.
PRIVACY POLICY
Methods Of Processing:
personal data is processed on paper and by computer in compliance with the provisions on the protection of personal data and, in particular, with the appropriate technical and organisational measures referred to in Article 32.1 of the Regulation, and with the observance of all precautionary measures to ensure its integrity, confidentiality and availability.
PRIVACY POLICY
Possible Recipients Of Personal Data:
the data may be communicated to (i) third parties who operate, also in the name and on behalf of the Controller, for the performance of services connected to the purposes indicated in this notice, and in particular the management and maintenance of the Site, promotional activities, the sharing of information on products and/or services of the Controller, etc.; (ii) other companies connected to the Controller; (iii) consultants of the Controller; (iv) authorities and public bodies to whom communication is mandatory.
Data is not transferred outside the European Economic Area.
PRIVACY POLICY
Retention:
the data provided by the user are kept in the Controller's archives and are retained for a period of 10 (ten) years from the date of the last interaction with the user, in light of the limitation period of any claims arising from the relationship between the Controller and the user, as provided for by law. The web-surfing data will be stored for the technical time necessary to perform the functions for which they were collected.
PRIVACY POLICY
Profiling:
the user's name, surname, e-mail address, telephone number and other personal data may be used for the purpose of creating a user profile and sending targeted marketing of the user's interest. Such profiling has no legal effect on the user.
PRIVACY POLICY
Rights Of The Data Subject:
At any moment, the data subject may exercise towards the Controller, the rights provided for in articles 15 to 22 of the Regulation, i.e. the right to ask for:
a. access to personal data, or to be informed by the Controller of his/her personal data retained by the Controller, the purposes for which these data are processed, their origin and other information required by art. 15 of the Regulation;
b. the rectification of personal data in case of inaccuracy of the same;
c. the cancellation of personal data (so-called ‘right to be forgotten’);
d. the limitation of the processing of personal data, or the right to obtain the suspension of the processing of personal data for the period necessary to verify the request for revision of personal data, or in other cases provided for by art. 18 of the Regulation;
e. the right to the portability of data, i.e. the right to receive personal data in a structured format, commonly used and machine-readable format- even by requesting the direct transfer to another controller (with respect to data whose processing is carried out by automated methods);
f. the right to object to the processing data pursuant to art. 6, paragraph 1, letters e) or f) of the Regulation (the right to object);
g. the right to lodge a complaint pursuant to Articles 77 et seq. of the Regulation to a supervisory authority, which for the Italian State is identified in the Italian Data Protection Authority (Garante per la protezione dei dati personali). The methods of complaint are indicated at this link: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524.
PRIVACY POLICY
Changes To This Privacy Policy:
this privacy policy may be subject to changes over time - including those related to the possible entry into force of new sector regulations, the updating or provision of new services or technological innovations. The changes to the policy become applicable at the time they are published on the Site, it being understood that the Controller may not use the data collected in advance for processing for purposes other than those described herein, without informing the user.