Privacy Policy

Version: 1.1 – data: 17.02.2021

(Information on personal data processing in accordance with Article 13 of the Regulation EU 2016/679)

Dear User,

Diennea S.r.l., with registered office in Faenza (48018 – RA), Viale G. Marconi n. 30/14, VAT number 02243600398, as Data Controller (hereinafter “Diennea” or the “Data Controller”) considers privacy and the protection of personal data as one of the main objectives of its business. This document outlines our policy on privacy and it was drafted in accordance with Article 13 of the Regulation EU 2016/679 (hereinafter “GDPR”): before providing any personal information to the Data Controller, we therefore invite you to carefully read this Privacy Policy as it contains important information regarding the protection of your personal data.

This Privacy Policy:

• is specifically intended for the website tbd.diennea.com (hereinafter “the Site”);

• forms an integral part of the Site and the services we offer;

• is also be intended as Information pursuant to art. 13 of the GDPR for those who interact with the web services of this Site.

The processing of your personal data shall follow principles of correctness, lawfulness, transparency, purpose and retention limitation, data minimization, accuracy, integrity, confidentiality and accountability pursuant to article 5 of the GDPR. Your personal data will therefore be processed in accordance with the legislation governing Privacy and confidentiality obligations.

Processing of personal data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

INDEX

1. Data Controller and Data Protection Officer (DPO)

2. Personal Data subject to processing

a. Browsing Data

b. Data provided voluntarily by the user

c. Third party Personal Data provided voluntarily by the user

d. Cookies

3. Purpose of processing, legal basis and mandatory or optional nature of the
processing

4. Recipients of Personal Data

5. Transfer of Personal Data

6. Retention of Personal Data

7. Data subjects’ rights

8. Amendments

1. Data Controller and Data Protection Officer (DPO)

The Controller of the processing is Diennea as specified above. The Data Controller’s organization comprises a Data Protection Officer (DPO). The DPO is available for any information regarding the processing of the personal data of Diennea, including the list of data processors. It is possible to contact the DPO by writing to dpo@diennea.com.

2. Personal Data subject to processing

When you use the Site, we inform you that Diennea may collect and process information related to you as an individual such as your name, an identification number, an online ID or one or more characteristic elements of your physical, physiological, mental, economic, cultural or social identity which allows you to be identified, either directly, or together with additional information (“Personal Data”).

Personal Data which may be processed by Diennea through the Site are as follows:

a. Browsing Data

During their normal operation, the computer systems and software procedures used to operate the Site acquire some personal data whose transmission is implicit in the communication protocols of the Internet. This information is not collected to be associated with identified subjects, but by their very nature could identify users through processing and association with data held by third parties. This category of data includes IP addresses or domain names of computers used by users that connect to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and computer of the user’s IT environment. These data are used in order to obtain statistical information in anonymous and/or aggregate form about the Site and to allow it to operate correctly. It permits the proper delivery of services and is used for security reasons as well as to establish liability in case of computer crimes against the Site or third parties. Diennea normally deletes navigation after sixty days.

b. Data provided voluntarily by the user

The Site offers users the opportunity to voluntarily provide Personal Data through, for example, registering a contact form, the optional sending of, explicit and voluntarily, an e-mail to the addresses listed on the Site, etc. This Privacy Policy is intended for the processing of Data provided voluntarily by the user through the Site.

c. Third party personal data provided voluntarily by the user

When using some of the services of the Site, you are allowed to submit Personal Data related to other persons (e.g. filling the section Tell us what you need). In any situation where you decide to share Personal Data related to other persons through the Site, you will be considered as an independent data controller regarding that Personal Data and must assume all inherent legal obligations and responsibilities. To this end, you must fully indemnify Diennea against any complaints, claims or demands for compensation for damages which may arise from the processing of this Personal Data, initiated by the third parties whose Personal Data have been processed through the use of the Site in violation of the applicable rules on personal data protection.

In any case, if you provide or in other way process Personal Data of third parties in using the Site, you henceforth guarantee – assuming all related responsibilities – that this specific processing is grounded on an appropriate legal basis in accordance with art. 6 of the GDPR, which legitimizes the processing of the information in question.

d. Cookies


Definitions, characteristics and application of the legislation

Cookies are small text files that are sent and registered on your computer or mobile device when you visit a website. When you visit the same site again, the files are then transmitted back to the relative website. Thanks to cookies, the website remembers your actions and preferences (such as, for example, login data, default language, font sizes, additional display settings, etc.) so that you don’t need to specify them again when you visit the site at a later date.

Cookies are used for authentication purposes, for session monitoring, and to store information about your activities of when you access a website. These cookies may also contain a unique identifier that allows for user experiences on the site to be monitored for statistical or advertising purposes. While navigating a site, the user may also receive cookies on their computer or mobile device from sites or web servers other than the one they are visiting (these are called “third party” cookies). Some operations cannot be performed without the use of cookies because some cases they are technically necessary for the operation of the site.

There are various types of cookies and depending on their features and functions, they may remain on your computer or mobile device for different periods of time. Cookies we use include both so-called session cookies, which are automatically deleted when you close your browser, and so-called persistent cookies, which remain on your device for a pre-established period of time.

According to Italian legislation, your prior explicit consent for the use of cookies is not always required. In particular, your consent is not required for technical cookies, i.e. those used for the sole purpose of transmitting a communication over an electronic communications network, or as strictly necessary to provide you with a service that has been explicitly requested. In other words, technical cookies are indispensable for the functioning of the site or to perform tasks you request.
Among the technical cookies, which do not require prior explicit consent for their use, the Italian Data Protection Authority (see General Measure “Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies – May 8, 2014”) also includes:

• “analytic cookies” used directly by the site operator to collect information, concerning the number of users and how they visit the site, provided information is only processed in aggregate form;

• browsing or session cookies used for authentication purposes;

• function cookies which allow your navigation on the basis of a set of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided to the same.

Your prior consent of the user is instead required for “profiling cookies”, i.e. those aimed at creating profiles related to the user in order to send him/her advertising messages in line with the preferences expressed by the same while surfing the web.

Types of cookies used by the Site and the possibility of (de-)selection

The Site uses the following cookies offering the possibility to (de-)select the same (and therefore to disable them), except for third-party cookies, for which you must directly refer to the relevant procedures for selecting and de-selecting the cookies mentioned below indicated by way of links:

• technical cookies – session or navigation – are strictly necessary for the operation of the Site or to allow you to make use of the content and services you have requested;

• technical-analytics cookies, which allow for an understanding of how the Site is used by you. These cookies do not collect information about your identity or any personal data. The data is processed in an aggregate and anonymous form;

• technical-functional cookies, i.e. used to activate specific functionalities of the Site and a number of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided.

WARNING: disabling the technical and/or functional cookies of the Site may lead to certain services or features of the Site being unavailable or the Site may not function properly, and you may be forced to change or manually enter some information or preferences each time you visit the Site.

·Third-party cookies, i.e. cookies from web sites or servers other than that of Diennea, used for specific purposes of the said third parties, including profiling cookies. Note that these subjects, listed below with the relative links to their privacy policies, are independent Controllers of the data collection and handling processes via cookies; you must therefore refer to their personal data handling policies, information policies and consent forms (selection and deselection of respective cookies) as specified in the aforementioned Provision. To complete this it must be noted that Diennea makes the utmost effort to track cookies on its own Site. These are updated regularly on the table below, where we ensure transparency of the cookies sent directly by Diennea and the purposes of these procedures. As concerns these cookies, we provide the links to the information policies of the third parties that send them via our Site: we assign these third parties, as noted above, with the responsibility of supplying the information policy and collecting consent from the users, as envisaged in the Provision. This responsibility refers not only to the cookies sent directly by the third parties but also any additional cookies sent via our Site based on the use of the services used by the third parties themselves. In fact, with regard to these cookies, sent by the suppliers of services of the aforementioned third parties, Diennea cannot exercise any right of control and cannot be aware of either the characteristics or purposes of these.

The following section lists the links to the information on third party cookies:
Google

Specifically, the cookies present on the Site are indicated at the following link: https://tbd.diennea.com/en/cookies/

How to view and modify the cookies including through your navigation program (so-called browser)

You can select which cookies to allow through the appropriate procedure described here: https://tbd.diennea.com/en/cookies/, and can authorise, block or delete (in whole or in part) cookies through the specific functions of their navigation program (so-called browser). However, in the hypotheses in which all or some of the cookies are disabled it is possible that the site may not be consulted or that certain services or certain features of the Site will not be available or will not work properly and/or the user may be forced to change or manually enter some information or preferences each time he/she visits the site. For more information on how to set preferences on the use of cookies through your browser, it is possible to consult these instructions:

· Internet Explorer

· Firefox

· Chrome

· Safari

3. Purpose of the processing, legal basis and mandatory or optional nature of the processing

Your Personal Data will be processed by electronic or automated means. The purposes and the legal basis of the processing of your Personal Data that we intend to carry out are the following:

a. to provide the services requested (e.g., a contact request, a request for information), to answer specific requests addressed to Diennea and to allow you to browse and explore the Site (“Service Provision”).

b. to allow you to subscribe to the Newsletters of Diennea and that of its brand “t.bd” (“Newsletter”).

The legal basis of the processing of Personal Data for the purposes of Service Provision and Newsletter is Article 6(1)(b) of the GDPR. This processing operations are required in order for us to provide the services, to respond to requests and/or to subscribe the newsletter(s). The provision of Personal Data for these purposes is optional, however, if you do not provide your data, we will not be able to provide you with the service, to respond to requests and/or to send the newsletter(s). You can always subscribe/unsubscribe the newsletter(s) by changing and/or updating your privacy preferences at "Edit profile" page accessible via the link at the foot of the newsletter or by writing to privacy@diennea.com.

c. to carry out marketing activities, conduct studies, research, market analysis and send you advertising and information material related to the activities, the products and the services of Diennea and of its brand “t.bd”. In accordance with the “Guidelines on Marketing and Against Spam – 4 July 2013 [Web doc 2542348]” issued by the Italian Data Protection Authority, if you decide to give your consent to receive information related to promotional activities of the Data Controller including market research, we inform you that said activity can be performed, as provided for in the applicable regulations, by way of “traditional methods” such as postal mail, a telephone operator, or “automated methods” such as e-mail, SMS and through the use social networks (“Marketing”).

Processing operations carried out for the Marketing purpose are based on the granting of your consent pursuant to Article 6(1)(a) of the GDPR. It is not mandatory to give your consent to Diennea for this purpose and you can, at any time, withdraw your consent that you have previously granted to traditional or automated methods by giving notice to the Data Controller without any formality, simply by changing and/or updating your privacy preferences at "Edit profile" page accessible via the link at the foot of the newsletter or by writing to privacy@diennea.com. You can always object to such processing activities for Marketing purpose by writing to privacy@diennea.com, without prejudice to the lawfulness of the processing founded on your previous consent.

d. to create user profiles by analysing preferences, habits, interests and consumption choices expressed through the use of the Site and the services offered, and, where appropriate, by using profiling cookies, in order to send you material and commercial communications and personalized promotions on the services offered by Diennea (“Profiling”).

The processing carried out for the Profiling purpose is based on your consent pursuant to Article 6(1)(a) of the GDPR, which may be collected through specific check-boxes or the cookie banner, or on legitimate interest of Diennea pursuant to Article 6(1)(f) of the GDPR. The provision of your Personal Data for this purpose is therefore entirely optional and does not affect your use of the services. You may oppose the processing of your Personal Data for Profiling purpose at any time by writing to privacy@diennea.com.

e. to fulfill the obligations provided for by law, regulations or EU legislation or request from competent Authorities (“Compliance”).

The processing of your Personal Data for the purpose of Compliance represents a legitimate processing of personal data pursuant to Article 6 (1)(c) of the GDPR.

f. to carry out statistical analysis without the possibility to identify the user (“Statistics”).

Please note that the processing of your Personal Data for the purpose of Statistics is not performed on Personal Data and therefore it can be freely performed by Diennea.

g. to carry out direct marketing activities via e-mail for services similar to those you have subscribed to, unless you objected to such processing initially or in subsequent communications, by writing to privacy@diennea.com (”Soft spam”).

The processing of your Personal Data for the Soft spam purpose represents a legitimate processing under the applicable law on personal data protection, which does not require your consent. You can object to the processing of your Personal Data for this purpose both when requesting the products and services available on the Site and on subsequent communications by the Data Controller by writing to privacy@diennea.com.

4. Recipients of Personal Data

For the purposes referred to in Section 3 above, your Personal Data may be shared with the parties listed below (“Recipients”):

a. subjects typically acting as data processors, namely: i) persons, companies or professional firms providing Diennea with advice and consulting in accounting, administrative, legal, tax, financial and debt collection matters related to the provision of the services; ii) subjects to engage with in order to provide the services (for instance, hosting providers) iii) persons authorised to perform technical maintenance (including maintenance of network equipment and electronic communications networks);

b. public entities, bodies or authorities to whom Diennea discloses your Personal Data when legally required to do so or under the orders of competent authorities or in case of abuse reports to investigate complaints and identify the source of messages received from users;

c. persons authorised by Diennea to process the Personal Data required for carrying out activities strictly related to the provision of the services, who have committed themselves to confidentiality or have an appropriate legal obligation of confidentiality (for example Diennea’s employees).

5. Transfers of Personal Data

Your Personal Data may be shared with Recipients located outside the European Economic Area, and specifically in the Republic of San Marino. The Data Controller ensures that your Personal Data are processed by these Recipients in accordance with the applicable rules on data protection. Indeed, transfers can be based on an adequacy decision or on the Standard Contractual Clauses approved by the European Commission. Further information is available from Diennea by writing to the following email address: privacy@diennea.com.


6. Retention of Personal Data

The Personal Data processed for the purposes of Service Provision and Newsletter will be retained for the period deemed strictly necessary to fulfill such purposes. In any case, since the Personal Data are processed for the provision of the services, Diennea will retain the Personal Data for the period allowed by Italian law to protect its interests (art. 2946 and ensuing articles of the Italian Civil Code).

For the Marketing and Profiling purposes, your Personal Data may be processed until you withdraw your consent.

The Personal Data processed for the purpose of Compliance will be retained for the period required by the specific obligations or by applicable law.

For the Soft spam purpose, Personal Data will be processed until you object the processing by writing to privacy@diennea.com or using the link found at the bottom of each sof spam email you receive.

Further information on the data retention period and the criteria adopted in determining this period may be requested in writing from the DPO of Diennea at the following address: dpo@diennea.com.

Diennea has, in any case, the possibility of retaining your Personal Data for the period allowed by Italian law to protect its interests (art. 2947 (1) (3) of the Italian Civil Code).

7. Data subject rights

Under Articles 15 and following of the GDPR, you, as a data subject, are entitled to request from Diennea, at any time, access to your Personal Data, the correction and erasure of your Personal Data, as well as to object to its processing according to Article 21 of the GDPR. You are also entitled to request the restriction of the processing of your Personal Data in the cases set out in Article 18 of the GDPR, as well as to obtain the Personal Data you have provided to Diennea in a structured, commonly used and machine-readable format, in the cases set out in Article 20 of the GDPR.

Requests should be made in writing to privacy@diennea.com.

You may interrupt the reception of soft spam by using the appropriate link at the bottom of each e-mail received.

Consent to the installation and reading of profiling cookies can be revoked by the methods indicated in section 2.d.

In any case, you will always be entitled to file a complaint with the competent supervisory authority (the Italian Data Protection Authority, Garante per la Protezione dei Dati Personali), pursuant to Article 77 of the GDPR, if you believe that the processing of your data violates applicable law.

8. Amendments

The Data Controller reserves the right to partly or fully amend this Privacy Policy, or simply to update its content, e.g., as a result of changes in applicable law. Diennea will inform you of such changes as soon as they are introduced, and they will be binding as soon as they are published on the Site. Diennea therefore invites you to regularly visit this Privacy Policy in order to acquaint yourself with the latest, updated version of the Privacy Policy, so that you may remain constantly informed on how Diennea collects and uses Personal Data.