PRIVACY POLICY Welol NEXT s.r.l

This privacy policy is made in compliance with the EU General Data Protection Regulation 2016/679 and subsequent amendments and/or additions as well as national legislation or regulations on the processing of personal data from time to time applicable (“Privacy Policy”), to ensure that the processing of personal data is carried out in compliance with the rights and freedoms of individuals with particular regard to the protection of personal data.

 

Welol NEXT srl  as Data Controller (hereinafter also: ” Owner ” or  ” Welol  ) pursuant to EU Regulation 679/2016 (from now on: ” GDPR “) and Legislative Decree 196/2003 (hereinafter ” Privacy Code “) – Before communicating any personal data to the Data Controller, you are invited to carefully read this Privacy Policy because it contains important information on the protection of your personal data.

This Privacy Policy:

  • is intended for the site www.welol.it, (hereinafter: ” Site “), as well as for requests via the telephone number 011 19665702, mail  info@welol.it
  • forms an integral part of the Site and the services we offer,
  • is provided pursuant to art. 13 of the GDPR to those who interact with the web services of the Site or who contact Welol by telephone or post

The processing of your personal data will be based on the principles of correctness, lawfulness, transparency, purpose limitation and conservation, minimization and accuracy, integrity and confidentiality, as well as the principle of accountability pursuant to art. 5 of the GDPR.

Your personal data will therefore be processed in accordance with the legislative provisions of the GDPR and the confidentiality obligations set forth therein as well as those of the Privacy Code still in force today.

By processing of personal data  we mean any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, registration, organization, structuring, storage , adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction, as defined in art. 4.2 of the GDPR.

We inform you that the personal data being processed may be constituted – also depending on your decisions on how to use the services – by any information concerning your person suitable for making him or her identified or identifiable, including textual information, photographic or video images and by any other information provided.

INDEX

Below we provide the index of this Privacy Policy so that you can easily find information relating to the processing of your personal data that interest you.

  1. DATA CONTROLLER: WHO WE ARE AND WHAT WE DO
  2. WHAT DATA WE PROCESS
    • Navigation data
    • Data provided voluntarily by you – Particular Data
    • Third party data provided voluntarily by you
    • Cookies
    • Data processed in interaction with social networks
  3. WHY WE PROCESS YOUR DATA – PURPOSE OF THE PROCESSING
  4. LEGAL BASIS AND MANDATORY OR OPTIONAL NATURE OF THE PROCESSING
  5. RECIPIENTS OF PERSONAL DATA
  6. TRANSFERS OF PERSONAL DATA
  7. STORAGE OF PERSONAL DATA
  8. RIGHTS OF THE INTERESTED PARTY
  9. CHANGES
  10. CONTACTS

***

  1. DATA CONTROLLER: WHO WE ARE AND WHAT WE DO

The data controller is  Welol NEXT srl  with registered office in Via Vincenzo Gioberti 18 – 10128 Turin VAT number 10409950010, which has as its purpose the consultancy in the development of complex technological projects based on Microsoft technology and digital transformation processes.

  1. WHAT DATA WE PROCESS

We inform you that the personal data being processed may be constituted – also depending on your decisions on how to use the services – by an identifier such as the name, an identification number, location data, an online identifier or one or more characteristic elements of your identity suitable to make the interested party identified or identifiable, depending on the type of services requested (hereinafter only “personal data” as defined in art. 4.1 of the GDPR).

The personal data processed through the Site are as follows:

  • Navigation data

The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the Site, the URI (Uniform Resource Identifier) ​​addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data are used for the sole purpose of obtaining any anonymous statistical information on the use of the Site to check its correct functioning, to identify anomalies and / or abuses, and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site or third parties. These data are used for the sole purpose of obtaining any anonymous statistical information on the use of the Site to check its correct functioning, to identify anomalies and / or abuses, and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site or third parties. These data are used for the sole purpose of obtaining any anonymous statistical information on the use of the Site to check its correct functioning, to identify anomalies and / or abuses, and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site or third parties.

  • Data provided voluntarily by you – Particular Data

Except for the reference to specific information, this Privacy Policy is also intended for the processing of data voluntarily provided by you through  the Site. In this regard, we invite you not to enter in the  Write to us  form  contained within the Site and not to communicate information. that may fall within the category of special categories of personal data referred to in art. 9 of the GDPR (for example, data referring to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, life / sexual orientation as well as genetic data, biometric data or data relating to your state of health ), unless it is expressly requested and subject to specific information and possible consent.

  • Third party data provided voluntarily by you

In the use of particular services, the processing of personal data of third parties may occur, which you have communicated to  Welol. With respect to these hypotheses, you act as an independent data controller, assuming all the obligations and responsibilities of the law. In this sense, you grant the widest indemnity on this point with respect to any dispute, claim, request for compensation for damage from treatment, etc. that should reach the Data Controller from third parties, whose personal data have been processed through your use of the Website services in violation of the applicable rules on the protection of personal data. In any case, if you provide or otherwise process personal data of third parties in the use of the Site,

  • Cookies

Information on the cookies served by the Site is available at the following address www.welol.it/ Cookie policy

  1. WHY WE PROCESS YOUR DATA – PURPOSE OF THE PROCESSING

Your personal data will be processed, with your consent where necessary, for the following purposes, where applicable:

3.1. allow navigation of the Site, the provision of Welol services through the Site and subscription to the newsletter;

3.2.  find specific requests, including telephone requests, addressed to  Welol ;

3.3.  fulfill any obligations established by applicable laws, regulations or community legislation, or satisfy requests from the authorities;

3. 4 . exercise the rights of the owner;

3 . 5 . fulfill contractual and pre-contractual obligations deriving from existing relationships with you;

3.6. for statistical purposes, without it being possible to trace your identity.

 

Your personal data, even falling within the category of particular categories, will be processed with automated and non-automated tools.

Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.

  1. LEGAL BASIS AND MANDATORY OR OPTIONAL NATURE OF THE PROCESSING

The legal basis for the processing of personal data for the purposes referred to in sections 3.1 and 3.2 and 3.5. is art. 6 (1) (b) of the GDPR  ([…] the processing is necessary for the execution of a contract of which the interested party is a party or for the execution of pre-contractual measures adopted at the request of the same ), as the treatments are necessary to the provision of services. The provision of personal data for these purposes is optional, but failure to provide it would make it impossible to activate the requested services.

 

The legal basis for the purpose referred to in section 3.3 is art. 6 (1) (c) of the GDPR ( […] processing is necessary to fulfill a legal obligation to which the data controller is subject ). In fact, once the personal data has been provided, the processing is indeed necessary to fulfill legal obligations to which  Welol  is subject.

The legal basis for the purpose referred to in section 3.4 is art. 6 (1) (f) of the GDPR (….  The processing is necessary for the pursuit of the legitimate interest of the owner or third parties, provided that the interests or fundamental rights or freedoms of the interested party do not prevail …). In fact, once the personal data has been provided, the processing is indeed necessary for the pursuit of a legitimate interest of  Welol  under the conditions indicated above,

 

It is also specified that the processing referred to in section 3.6 is not performed on personal data and therefore can be freely carried out by  Welol .

Lastly, in the event of any provision of Particular Data, where required, the processing has a legal basis in your consent pursuant to art. 9 (2) (a) of the GDPR  ([…] the interested party has given his explicit consent to the processing of such personal data for one or more specific purposes ), subject to specific information. 

  1. RECIPIENTS OF PERSONAL DATA

Your personal data may be shared, for the purposes referred to in section 3 of this Privacy Policy, with:

5.1. subjects who typically act as data processors , namely: i) people, companies or professional firms that provide assistance and advice to  Welol  in accounting, administrative, legal, tax and financial matters or other types of advice; ii) subjects delegated to carry out technical or IT maintenance activities; iii) credit institutions, insurance companies; iv) companies and bodies controlling, controlled and connected to  Welol , limited to the pursuit of administrative and accounting purposes connected to the performance of organizational, administrative, financial and accounting activities; v) Welol distributors and agents ; vi) Carriers, Transporters, Freight Forwarders, Couriers, Postal Freight Forwarders, for the eventual delivery of the goods; vii) paid service providers; viii) order fulfillment centers; (collectively ” Recipients “).

5.2. subjects, bodies or authorities to whom it is mandatory to communicate your personal data by virtue of legal provisions or orders of the authorities;

5.3. persons authorized by  Welol  to process personal data necessary to carry out activities strictly related to the provision of services, who are committed to confidentiality or have an adequate legal obligation of confidentiality and who guarantee the processing of data in accordance with the GDPR.

The complete and updated list of Managers is kept at the headquarters of the Data Controller, located in Via Vincenzo Gioberti 18 – 10128 Turin, and can be sent by sending a written request to the Data Controller at the addresses indicated in the “Contacts” section of this information.

  1. TRANSFERS OF PERSONAL DATA

Personal data are stored on servers located within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the European Economic Area. In this case, the Data Controller ensures from now on that said transfer will take place in compliance with the applicable legislation based on an adequacy decision or on the Standard Contractual Clauses approved by the European Commission. More information is available by sending a written request to the Data Controller at the addresses indicated in the “Contacts” section of this statement.

  1. STORAGE OF PERSONAL DATA

The personal data processed for the purposes referred to in section 3 will be kept for the time strictly necessary to achieve those same purposes as well as, in the case of treatments carried out for the provision of services, up to the period of time envisaged and allowed by the Italian legislation for the protection of interests and the right of defense of  Welol , having regard to the limitation periods provided for by the applicable legislation.

Further information regarding the data retention period and the criteria used to determine this period can be requested by sending a written request to the Data Controller at the addresses indicated in the “Contacts” section of this statement.

  1. RIGHTS OF THE INTERESTED PARTY

In your capacity as interested party, pursuant to art. 15 and ss. of the GDPR and of the art. 7 of the Privacy Code, you have the right to:

  1. obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
  2. obtain the indication: a) of the origin of the personal data; b) the purposes and methods of the processing; c) of the logic applied in case of treatment carried out with the aid of electronic instruments; d) the identity of the owner, manager and the representative appointed pursuant to art. 5, paragraph 2 of the Privacy Code and article 3, paragraph 1, of the GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;
  3. obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment is proves impossible or involves the use of means that are manifestly disproportionate to the protected right;
  4. object, in whole or in part: a) to the processing of personal data concerning you, even if pertinent to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and / or through traditional marketing methods by telephone and / or paper mail, It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods extends to the traditional ones and which in any case remain without prejudice to the possibility for the interested party to exercise the right of opposition even only partially. Therefore,

Where applicable, it also has the rights referred to in Articles. 16 – 22 of the GDPR (Right of rectification, right to be forgotten, right to limitation of treatment, right to data portability, right to object, right to object to automated processing, including profiling).

Requests must be sent in writing to the Data Controller at the addresses indicated in the “Contacts” section of this statement.

In any case, you always have the right to lodge a complaint with the competent supervisory authority (Guarantor for the protection of personal data), pursuant to art. 77 of the GDPR, if you believe that the processing of your data is contrary to the legislation in force. 

  1. CHANGES

Welol  reserves the right to modify or simply update the content of this Privacy Policy, in part or completely, also due to changes in the applicable legislation. In this case  Welol will  inform you of these changes as soon as they are introduced and they will be binding as soon as they are published on the Site –  Welol   therefore invites you to regularly visit this section to become aware of the most recent and updated version of the Privacy Policy in order to always be updated on the data collected and on the use made by the Data Controller.

  1. CONTACTS

To exercise the above rights or for any other request, you can write to the Data Controller:  Welol NEXT srl  with registered office in Via Vincenzo Gioberti 18 – 10128 Turin email: info@welol.it