INFORMATION ON PROCESSING OF USER PERSONAL DATA according to art. 13 REGULATION (EU) 2016/679 – GDPR (named as Regulation)
In this page you will find the information about how your personal data are directly collected by Dinamica srl.
IDENTITY AND CONTACT DATA OF THE CONTROLLER:
the Controller is: DINAMICA S.R.L., company seat Via degli Olmi sn, scala D2 int.C – 61121 Pesaro (PU)
For any request regarding personal data processing you can contact the Controller at the following e-mail address email@example.com.
PURPOSES OF DATA PROCESSING:
Your personal data provided by using Dinamica’s webpage are processed for the following purposes:
- Processing products orders sent using Dinamica’s webpage and related fulfillment of tax and law obligations (for instance order processing, correspondence, invoicing) as well as sending products through our e-commerce platform;
- Answering the requests of customers to try Dinamica’s products for 30 days;
- Fulfilling tax or law obligations (customer management, contract management, order and invoices):
- Managing disputes (breaches of contract, transactions, credit recovery, fraudulent activities);
- Keeping users informed and also directly updated about our initiatives (marketing activity), promotions, price reductions, new products features and services, events and the advertising campaigns carried out by the Controller (Newsletters);
- Analyze and evaluate users choices and behaviors (named as “Profiling activity”) through Hotjar. Hotjar is an all-in-one software of visual analytics that allows to follow and understand user actions inside a web site.
LEGAL BASIS OF DATA PROCESSING
Providing data for the purposes referred to under letters a), b), c), and d) is necessary to offer services that meet the needs of the users who purchased them. The legal basis for data processing is the performance of a contract to which the user is party or the performance of pre-contractual measures related to services provided through the website (in accordance with art. 6, par. 1. letter b Regulation). Data processing for the purposes referred to letter e), f) is based on the consent freely given by the user (in accordance with art. 6, par. 1. letter a Regulation).
The data collected to be processed can be:
- identifying data (such as name, surname, address, place and date of birth, Tax identification number, telephone, e-mail, bank details and payment details)
- Data automatically collected (technical data such as IP address, browser, information about your PC, data related to the current position (approximately) of the device used; Data collected using cookies and similar technologies. For more information please visit the section about “Cookies”)
The optional, explicit and voluntary sending of e-mails to the addresses mentioned on this website leads to the processing of the sender’s address necessary to answer to the requests and to the processing of other personal data inserted in the e-mail.
CATEGORY OF PERSONAL DATA RECIPIENTS
The data mentioned above will be communicated to:
- Natural persons authorized by the Controller to process personal data in accordance with the art. 29 Regulation
- External subjects, formally named as Data Processors who can carried out activities related to processing on our behalf and of which you can ask for a list.
So, the data in print or electronic form will be communicated to the following categories to:
- finance administration and/or other public authorities where this is required by law or upon their request;
- credit institutes for purposes of online product purchase;
- other facilities, subjects and companies with which the Controller works to carry out related activities in connection with, or in support of, or as a result of the Services offered on the website, including the service of storage “cloud computing”, transport, shipping, and/or collect Products through a platform of e-commerce – to sending of emails, marketing and profiling activities;
- external consultants (for ex. to manage tax compliance)
DATA PROCESSING METHODS:
Processing your personal data will mainly occur using informatics instruments under the control of the Controller, by the subjects specifically put in charge, authorized and instructed to data processing in accordance with art. 29 Regulation. We inform you that we apply adequate security measures also in accordance to articles 5 and 32 of GDPR to prevent data loss or illicit use as well as not authorized access.
IN CASE OF REFUSAL TO PROVIDE DATA:
Providing personal data referred to under a), b), c) and d) is mandatory exclusively for processes necessary to answer to your general requests, to subscribe to our internet website or to perform orders.
The data processed for the purposes referred to under e) and f) is optional and is based on the consent freely given. In case of refusal to provide such data for the purposes above mentioned we will not be able provide the related service. For this purposes you can freely decide if you give your consent for the goals above mentioned and without prejudice to access to the website services. In any case users as interested persons have the right to withdraw the consent at any moment with affecting the lawfulness of the treatment based on the consent given before withdrawal.
DATA RETENTION PERIOD
Your personal data are kept in accordance with the following terms and criteria:
- Data gathered to conclude and implement contracts for the purchase of goods on the website: until the conclusion of the administrative and accounting procedures. The invoice data shall be kept for 10 years from the invoicing date.
- Data of the registered user: the data will be kept until the user will ask for the erasure of his/her profile
- The data processed for the purposes mentioned in letter d) will be kept until the eventual withdrawal of the consent or in any case within 2 years from the latest interaction of the user with the data Controller.
RIGHTS FOR DATA SUBJECTS
In your capacity as data subject, you have the rights mentioned in the articles 15 (right to access), 16 (right to rectification), 17 (right to erasure – right to be forgotten), 18 (right to restriction of processing), 19 (notification obligation regarding rectification or erasure of personal data or restriction of processing), 20 (Right to data portability), 21 (right to data object) of the Regulation.
In your capacity as data subject, you have the right to lodge a complaint with a supervisory authority in accordance with art. 77 of the Regulation, if the rights aforementioned have not been acknowledged. The complaint can be lodged with the Data Protection Authority. More information about how to lodge a complaint can be found on the website of the Data Protection Authority at the link: https://www.garanteprivacy.it/web/garante-privacy-en/home_en
To exercise the rights above mentioned you can contact the Data Controller at the email address firstname.lastname@example.org .
TRANSFER TO A THIRD STATE/INTERNATIONAL ORGANIZATION OF PERSONAL DATA
Personal data are transferred at national level and there is no intention to transfer them to a third state or to an international organization.
AUTOMATED DECISION-MAKING AND PROFILING
Automated decisional-making is used as well as profiling.