CONTACT INFORMATION NOTICE

pursuant to Art. 13 of Regulation (EU) 2016/679

Information on the processing of personal data for the "Contacts: Info, quotes, and assistance" service provided pursuant to Art. 13 of Regulation (EU) 2016/679 ("GDPR")

This policy supplements the website's Privacy Policy, with the aim of explaining to the User how the Data Controller will specifically process the data entered in this contact form: please therefore read our Privacy Policy.


1. Data Controller and Data Protection Officer


Data Controller: Voilàp Digital S.r.l, in the person of its pro tempore legal representative, with registered office in Via Archimede, 10 - 41019 - Limidi di Soliera (MO) - Italy, email address privacy@voilap.com, Tax ID/VAT No. 03556220360.

Data Protection Officer (DPO): Dr. Donato Eugenio Caccavella, email address: dpo.voilap@amicadpo.eu


2. Personal data processed, purposes of processing, and legal basis

The Data Controller will process your personal identification and contact data provided directly by you by filling in the data collection form in the relevant section of the Website.

Purposes include:

  • (a) respond to your message or request for information sent through this form; the legal basis for this purpose is the legitimate interest of the Data Controller pursuant to Article 6, paragraph 1, letter f) of the GDPR;
  • (b) use your email address for purposes related to registration for the Data Controller's newsletter, containing information on products or services, as well as promotions or invitations to events organized by the company; the legal basis for the processing of data is your consent, pursuant to Article 6, paragraph 1, letter a) of the GDPR. With regard to this purpose, you may withdraw your consent at any time.
  • (c) promotion and sale of "dedicated" products and services of the Data Controller, specifically identified through customer profiling techniques aimed at analyzing and predicting information relating to your preferences, habits, and consumption choices, including through the use of automated techniques or systems, also implemented through the enrichment of data with information acquired from third parties (enrichment). The legal basis for this purpose is your consent pursuant to Article 6, paragraph 1, letter a) of the GDPR.

3. Nature of the provision, data retention period, and processing methods

For the purposes referred to in paragraph 2(a) above, the provision of your personal data is mandatory in order to respond to your request, given that your refusal to provide such data will make it impossible for the Data Controller to respond to your message and to your request for information. With reference to the purposes referred to in paragraph 2, letters (b) and (c) above, the provision of your personal data is optional and your refusal to provide it will only make it impossible for the Data Controller to update you on its products, services, and/or initiatives or to develop promotional initiatives that are more in line with your profile. .

The retention period for your personal data:

  • For the purposes referred to in paragraph 2, letter (a) above, will last for the period necessary to respond to each individual request for information and in any case for no longer than 30 days from the collection of the data. Once the aforementioned period has elapsed or the requests in progress have been processed, your data will be destroyed or made anonymous
  • For the purposes referred to in paragraph 2, letters (b) and (c) above, will be for the period strictly necessary to respond to the individual request for information and in any case for a period not exceeding the achievement of the purposes of processing or until you decide to revoke your consent .

The processing is carried out in compliance with the requirements of the GDPR, according to the principles of fairness, lawfulness, and transparency and the protection of your rights described therein. Personal data is processed using IT, telematic, and/or paper-based tools, as well as with the use of security measures to ensure the confidentiality of personal data and to prevent unauthorized access by unauthorized persons..


4. Communication of data

For the purposes described in paragraph 2 above, the personal data processed will be known by the employees, similar staff, and collaborators of the Data Controller, who will act as persons authorized to process personal data. In addition, your personal data may be processed by third parties belonging, by way of example, to the following categories:

  • Technical assistance providers for the management of the IT system, logistics providers, advertising agencies, or other service providers;
  • Business partners;
  • Suppliers of external telematic platforms for sending communications;
  • Companies belonging to the Group to which the Data Controller belongs, for the performance of activities instrumental or ancillary to those of the Data Controller.

The subjects belonging to the above categories operate, in some cases, as data processors specifically appointed by the Data Controller in accordance with Article 28 of the GDPR, and in other cases in complete autonomy as separate data controllers, it being understood that, in the latter case, the communication of your personal data to such independent data controllers would take place solely for the purposes set out in paragraph 2 above.Your personal data will not be disclosed.


5. Transfer of personal data outside the European Union

The data will not generally be transferred outside the European Union; however, where specific requirements related to the location of the services provided by suppliers make it necessary to transfer data to countries outside the EU, including countries that do not offer adequate protection, the Company undertakes to ensure adequate levels of protection and safeguards, including contractual safeguards, in accordance with applicable regulations, including the inclusion of standard contractual clauses.


6. Rights of data subjects

In relation to the processing described in this Policy, as a data subject, you may, under the conditions set out in the GDPR, exercise the rights set out in Articles 15-21 of the GDPR, in particular:

  • Right of access: the right to obtain confirmation as to whether or not personal data concerning you are being processed and, if so, to obtain access to your personal data – including a copy thereof – and the communication, among other things, of the information referred to in Article 15 of the GDPR;
  • Right to rectification: the right to obtain, without undue delay, the rectification of inaccurate personal data concerning you and/or the integration of incomplete personal data in accordance with Article 16 of the GDPR;
  • Right to erasure (right to be forgotten):the right to obtain, without undue delay, the erasure of personal data concerning you, in the cases indicated in Article 17 of the GDPR; the right to erasure does not apply to the extent that processing is necessary for compliance with a legal obligation or for the performance of a task carried out in the public interest or for the establishment, exercise, or defense of legal claims;
  • Right to restriction of processing: the right to obtain restriction of processing in the cases specified in Article 18 of the GDPR;
  • Right to data portability: the right to receive, in a structured, commonly used and machine-readable format, personal data concerning you provided to the Data Controller and the right to transmit those data to another controller without hindrance, where the processing is based on consent and is carried out by automated means, as indicated in Article 20 of the GDPR. Furthermore, the right to have your personal data transmitted directly from the Data Controller to another data controller, where technically feasible;
  • Right to object: the right to object to the processing of personal data concerning you, unless there are legitimate reasons for the Data Controller to continue processing, pursuant to Article 21 of the GDPR;
  • Right to withdraw consent at any time, without prejudice to the lawfulness of the processing based on the consent given prior to the withdrawal, and this is permitted because, when each newsletter is sent, you will be informed of the possibility to object to the processing and withdraw your consent by simply clicking on the "Unsubscribe" button at the bottom of the email;
  • Right to lodge a complaint with the Data Protection Authority, Piazza Venezia n. 11, 00187, Rome (RM). To exercise all the rights identified above, simply contact the data controller or the DPO at the following email address:dpo.voilap@amicadpo.eu

7. Personal data of minors

The services on this website are intended for a general audience and are not intended for minors under the age of 14. The Data Controller does not knowingly collect personal data from users under this age group. If personal data belonging to a minor under the age of 14 is provided, the Data Controller will immediately delete it.