Privacy

Data Controller

FORME S.R.L.

 

Data Controller’s email address: amministrazione@formesrl.com

 

Types of Data collected

Among the types of Personal Data that this website collects, by itself or through third parties, are the following: first name, last name, and email address.

Complete details of each type of Personal Data collected are provided in the relevant sections of this privacy policy or by specific explanatory texts displayed prior to the Data collection.
Personal Data may either be freely provided by the User, or, in case of Usage Data, collected automatically when the User uses this website.

Unless otherwise specified, all Data requested by this website is mandatory. Failure to provide this Data may make it impossible for this website to provide its services. In cases where this website specifically states that some Data is not mandatory, Users are free not to communicate this Data without it having an effect on the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory are advised to contact the Data Controller.
Unless otherwise specified, any use of Cookies – or of other tracking tools – by this website or by the Data Controllers of third-party services used by this website, serves the purpose of providing the Service required by the User, in addition to any other purposes described in this document and in the Cookie Policy, if one exists.

Users are responsible for any third-party Personal Data obtained, published or shared through this website and confirm that they have the right to communicate or disclose the data, releasing the Data Controller from any liability to third parties.

 

Method and Place of processing the Data collected

 

Methods of Processing

The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.

The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and means strictly related to the purposes indicated. In addition to the Data Controller, in some cases, the Data may be accessible to certain persons involved with the operation of this Website (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Data Controller. The updated list of these parties may be requested from the Data Controller at any time.

 

Methods of Processing

The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.

The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and means strictly related to the purposes indicated. In addition to the Data Controller, in some cases, the Data may be accessible to certain persons involved with the operation of this Website (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Data Controller. The updated list of these parties may be requested from the Data Controller at any time.

 

Legal basis of processing

The Data Controller may process Personal Data relating to Users if one of the following applies:

  • Users have given their consent for one or more specific purposes. Note: Under some legislations the Data Controller may be allowed to process Personal Data without having to rely on consent or any other of the following legal bases, until the User objects to such processing (“opt-out”). This, however, does not apply, whenever the processing of Personal Data is subject to European data protection law;
  • processing is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
  • processing is necessary for compliance with a legal obligation to which the controller is subject;
  • processing is related to a task that is carried out in the public interest or in the exercise of the official powers vested in the Data Controller;
  • processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party.

In any case, the Data Controller will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

 

Place

The Data is processed at the Data Controller’s offices and in any other places where the parties involved in the processing are located. For further information, please contact the Data Controller.
The User’s Data may be transferred to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.

Users are also entitled to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Data Controller to safeguard their Data.

If any such transfer takes place, Users can find out more by referring to the relevant sections of this document or requesting information from the Data Controller, whose contact details are provided at the beginning of this document.

 

Storage Period

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User shall be retained until such contract has been fully performed.
  • Personal Data collected for the purposes of the Data Controller’s legitimate interests shall be retained as long as needed to fulfil such purposes. Users may find specific information regarding the legitimate interests pursued by the Data Controller within the relevant sections of this document or by contacting the Owner.

The Data Controller may be allowed to store Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Data Controller may be obliged to store Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the storage period.

 

Purpose of Data processing

The Data concerning the User is collected to allow the Data Controller to provide its Services, as well as for the following purposes: Contacting the User.

Users can find further detailed information about the purposes of processing this data and about the specific Personal Data used for each purpose in the respective sections of this document.

 

Details of the Processing of Personal Data

Personal Data is collected for the following purposes and uses the following services:

  • Contacting the User

 

Rights of the User

Users may exercise certain rights in relation to the Data processed by the Data Controller.

In particular, the User has the right to:

  • withdraw consent at any time. Users may withdraw their consent to the processing of their Personal Data as indicated above.
  • object to the processing of their data. Users may object to the processing of their Data when such processing relies on a legal basis other than consent. Further details about the right to object are given in the section below.
  • access their Data. Users have the right to obtain information about the Data processed by the Data Controller, about certain aspects of the processing and to receive a copy of the Data processed.
  • verify and request rectification. Users may verify the accuracy of their Data and request that it be updated or corrected.
  • put limits on the processing. When certain conditions are met, Users may request that the processing of their Data be limited. In this case, the Data Controller shall not process the Data for any other purpose than their storage.
  • obtain erasure or removal of their Personal Data. When certain conditions are met, Users may request that their Data be erased by the Data Controller.
  • receive their Data or have them transferred to another Data Controller. Users have the right to receive their Data in a structured, commonly used and machine-readable format and, where technically feasible, have the right to transmit such Data without hindrance from the Data Controller. This provision is applicable when the Data is processed by automated means and the processing is based on the User’s consent, on a contract to which the User is a party or on contractual measures connected to it.
  • provide claim. Users may lodge a complaint with the competent supervisory data protection authority or take legal action.

Details of the right to object

When Personal Data is processed in the public interest, in the exercise of the official powers vested in the Data Controller or to pursue a legitimate interest of the Data Controller, Users have the right to object to the processing for reasons related to their particular situation.

Users are reminded that, if their Data is processed for direct marketing purposes, they may object to the processing without providing any justification. To find out whether the Data Controller processes data for direct marketing purposes, Users can find out more by referring to the relevant sections of this document.

 

How to exercise your rights

In order to exercise their rights, Users may send a request to the Data Controller at the address indicated in this document. Requests shall be submitted free of charge and processed by the Data Controller as soon as possible and in any event within one month.

 

More information about the processing

 

Defence in court

The User’s personal data may be used by the Data Controller in court or in the stages leading to possible legal action, in order to provide protection from abuses of this website or related services by the User.

The User understands that the Data Controller may be required to disclose data at the request of the authorities.

 

Specific Privacy Policies

In addition to the information contained in this privacy policy, this website may provide the User with additional and relevant information concerning particular services or the collection and processing of Personal Data at the user’s request.

 

System logs and maintenance

For operation and maintenance purposes, this website and any third-party services may collect System logs, in other words files that record interaction with this website and that may contain other Personal Data such as the User’s IP Address.

 

Information not contained in this policy

More details concerning the processing of Personal Data may be requested from the Data Controller at any time using the contact information provided.

 

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page and, where technically and legally feasible, by sending a notification to Users through the contact details available to the Data Controller. Please consult this page regularly, checking the date of the last update made indicated at the bottom of the page.

If the changes involve processing for which consent is the legal basis, the Data Controller will collect the User’s consent again, if necessary.