Information pursuant to Art. 13 of the Italian Legislative Decree [LD] of June 30th, 2003, No. 196
(Personal Data Protection Code)
User information will be processed according to the principles of correctness, lawfulness, transparency, and protection of their privacy and rights.
By continuing to browse the website www.revee.it —hereinafter simply “website”—, Users declare that they accept the following conditions.
Personal data sent voluntarily by Users through the appropriate forms and sections available on the website, or by email or phone, to REVEE S.r.l. —hereinafter simply “REVEE”— will be processed in compliance with the principles of protection of personal data established by the Privacy Code (LD 196/2003) and other applicable regulations.
Providing the aforementioned information is optional. However, should Users decide not to provide data indicated as mandatory (and marked with an asterisk [*]), this will impede to correctly manage information requests sent to REVEE through the website and to use the services provided by the portal.
In order to offer better services to all our Users, we collect data in the following ways:
- Browsing data: During their normal operation, computer systems and software procedures used to operate this website collect some personal data, the transmission of which is implicit in the use of Internet communication protocols.
- This information is not collected in order to be associated with identified parties concerned. Yet, due to its very nature, it might allow to identifying Users by processing and combining it with other data held by third parties. This data category includes the IP addresses, or domain names, of the computers used by Users to connect to the website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the server response status (success, error, etc.), and other parameters pertaining to the User’s operating system and IT environment.
- This data is solely used to generate anonymous statistics on the use of the website and to verify its correct functioning. Furthermore, this information could be used to ascertain responsibility in the event of hypothetical computer crimes against the website, only at the request of the appointed supervisory authorities.
- Data voluntarily provided by Users If Users on this website send their personal data in order to access certain services or to make requests via e-mail or phone, REVEE will consequently collect data such as the sender’s address or any other personal data that will be used exclusively to respond to the request or providing the service to the sender. The personal information provided by Users will be communicated to third parties only if it is necessary to comply with their requests.
- Data collected from the Users’ use of our services: We collect information about the services used by Users and how they are used, for example when Users view and interact with our ads and content and those of our partner companies. This information includes:
- Activities performed and information provided by Users: We collect the contents and other information provided by Users when using our services. This may be information present or related to the contents provided. We also collect information on how Users use our services, such as the types of content they view or interact with, or the frequency and duration of such activities.
- Device-related information: We collect information on computers, phones or other devices through which Users access our services, based on the permissions provided. We may associate the information we collect from Users’ different devices in order to provide consistent services on different devices. Here are some examples of information we collect:
- Attributes such as the operating system, the hardware version, device settings, names and types of files and software, battery and signal strength, and device identifiers.
- Positions of the devices, including specific geographic locations, such as through GPS, Bluetooth or WiFi.
- Connection information such as the name of Users’ mobile operator or ISP, browser type, language, time zone, mobile phone number and IP address.
- Health-related and sensitive data: Data processing could also include sensitive data pursuant to Art. 4, paragraph 1, lett. d) of LD 196/03 (regarding the state of health) that Users may share with us in their enquiry. In this case, the information shall be processed within the limits indicated by the current general authorization of the Italian Data Protection Authority and with the exclusive purpose of processing Users’ requests. Such data will in no case be transmitted to third parties, except for what is strictly necessary in order to provide the services requested by Users, in full compliance with the provisions of LD 196/03.
PURPOSES OF DATA PROCESSING
The personal data collected will be used by REVEE —and/or by subjects related to it or delegated by it— to fulfill any contractual obligations and to provide the services requested during their purchase/subscription. This includes in particular:
- replying to a User’s phone enquiry;
- allowing the registration on the website, which is necessary to access certain sections and to communicate with REVEE;
- subject to the User’s consent and until its revocation, carrying out marketing activities —such as, but not limited to, sending samples, promotional and advertising material, conducting related analysis on registered users, allowing REVEE to improve the services and products offered to its customers—, also via e-mail, fax, MMS and SMS, as well as sending newsletters for Users to receive updates on all website-related news, new products, and other news on REVEE activities;
- answering any queries, complaints or comments;
- replying to Users’ requests in relation to the services offered, ads or the website;
- using data for the purposes of recruitment, evaluation and selection of personnel. Users are also required to register on the website in order for REVEE to process their service-related requests. For that, they will be asked to provide personal data, which will be processed solely for this purpose and for the time strictly necessary.
Personal data provided by the User may be transmitted to third-party business partners of REVEE in order to process the User’s projects and requests.
It is without prejudice to the possibility for REVEE to treat these data in aggregated form, in compliance with the measures established by the Italian Data Protection Authority and by virtue of the specific exemption from consent provided by the same authority, for analysis and electronic processing (e.g. classification of all clients in homogeneous categories for levels of services, consumption, expenditure, etc.) to periodically monitor the development and performance of the company’s activities, improve services, design and implement commercial communication campaigns.
REVEE will also use personal data for administrative and accounting purposes, as well as for the execution of contractual obligations. For the same purposes, personal data may be communicated to subsidiaries and/or affiliated companies. In accordance with Art. 130, paragraph 4, of the DL 196/03, e-mail addresses can be used also for the direct sales of products or services similar to those already purchased by the User.
DATA PROCESSING METHODS
All personal data received through the registration procedures for our services is processed by REVEE by mostly-automated tools for the time strictly necessary to achieve the purposes for which it was collected.
In order to prevent data loss, abuse, incorrect data use and unauthorised access, specific security measures have been implemented by the Data Controller.
Personal data is recorded and stored on electronic databases owned by the Data Controller, and will be kept on the servers in the territory of the countries belonging to the European Union or outside the EU, in compliance with the legislation on protection of personal data.
Personal data is processed by REVEE through its representatives, responsible for managing the website and marketing activities.
Personal data will be made available to employees or collaborators of REVEE marketing team. Working under the direct authority of REVEE, they act as Data Processors under articles 29 and 30 of LD, and will receive suitable operational training; the same will happen —through Data Processors appointed by the Data Controller— with employees or collaborators of the Data Processors.
Personal data provided directly by Users by filling in online forms may be communicated to the sales force, area managers or distributors of the Data Controller’s area.
Such data will not be disclosed, except if the website shows names of winners of any contests or initiatives with prizes promoted on the website by the Data Controller.
DATA CONTROLLER AND DATA PROCESSORS
The Data Controller is Revée S.r.l. (VAT No. IT-10818580010), with registered office in Turin (TO, Italy), Corso Quintino Sella 131.
The Data Processor is Mr. Paolo CRIPPA (tax ID No. CRPPLA65B09F704M), whose domicile for such role is the same as the headquarters of REVEE in Turin (TO, Italy), Corso Quintino Sella 131.
RIGHT OF ACCESS TO PERSONAL DATA AND OTHER RIGHTS (PURSUANT TO ART. 7 OF LD 196/2003)
The User may at any time exercise their rights under Art. 7 of LD 196/2003, including the right to access their data and obtain an update or cancellation due to a violation of the law, to object to the processing of data for the purpose of sending advertising material, direct sales and commercial communications, and to request the updated list of Data Processors, by written notice to be sent to the Data Controller in the following ways: via post to Revee S.r.l. (VAT No. IT-10818580010), with registered office in Turin (TO, Italy), Corso Quintino Sella 131, or via e-mail ([email protected]).
The translation of Art. 7 of LD 196/2003 is copied below in full.
Art. 7 – Right to access personal data and other rights
1. The data subject has the right to obtain confirmation of the existence or not of any personal data related to him/her, even if not yet registered, and the intelligible communication thereof.
2. The data subject has the right to obtain the following information:
a) the origin of his/her personal data;
b) the data processing purpose and methods;
c) the logic applied when data is processed by electronic means;
d) the identity of the Data Controller, Data Processors, and the appointed representative in accordance with article 5, paragraph 2;
e) the subjects or categories of parties to whom personal data may be communicated, or who could learn about it as national appointed representatives or Data Processors.
3. The interested party has the right to obtain:
a) the update, edit or —if he/she wishes so— integration of data;
b) the deletion, transformation into anonymous form or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) evidence that the operations mentioned in letters a) and b) were brought to knowledge —including their content— of those to whom the data was communicated or disclosed, except in the case where such fulfillment proves to be impossible or requires the use of means that are disproportionate with respect to the protected right.
4. The concerned party has the right to object, completely or partially, to:
a) for legal reasons, the processing of his/her personal data, even if the data is relevant to the purpose of their collection;
b) the processing of personal data for the purpose of sending advertising material or for direct sales, or for conducting market research or commercial communications.