Disclosure Art. 13 GDPR
VERTIGO SRL respects the privacy rights of users of the website accessible at www.gobriko.it and recognizes the importance of protecting personal data collected through this site.
This disclosure therefore aims to give evidence of full compliance with data protection legislation (EU Reg. 2016/679) and therefore make navigation within the site transparent and safe.
If you do not share what is reported in this document, we advise you not to continue browsing.
The services provided by VERTIGO SRL can only be purchased by the registered user. During the registration phase and during the purchase of goods and services, the user undertakes to communicate his personal data in a correct and updated way.
In the event that the user purchases the services on behalf of third parties, he acts as independent owner of the personal data of third parties. In this case, the user assumes all legal obligations and responsibilities. Therefore, the user undertakes to provide VERTIGO SRL with ample indemnity with respect to any objection, claim, request for compensation for damage from treatment that should reach VERTIGO SRL from subjects whose personal data are referred.
1. DATA CONTROLLER: VERTIGO SRL
Headquarters: Via Martiri della Libertà 42/e, 25035 Ospitaletto (BS)
Phone: 030 5281843
2. TYPE OF PERSONAL DATA COLLECTED
The personal data collected through the site do not have the nature of particular data (as defined by Article 9 of the GDPR), but are only suitable for identifying the User (for example name, surname, tax code, residence, telephone, e-mail). In particular, personal data may concern:
2.1. Navigation data: information recorded by VERTIGO SRL's computer systems during the normal activity of providing its services. This category of data includes, for example, all information relating to internet communication protocols, IP addresses and access logs to VERTIGO SRL's IT systems.
2.2. Name, Surname, Email Address, provided voluntarily by the user during the registration or service purchase procedure.
2.3. Third party data provided voluntarily by the user on behalf of third parties who do not have a direct relationship with VERTIGO SRL.
2.4. Traffic data: as part of the provision of the e-mail service, any data subjected to processing for the purpose of sending a communication, including the data necessary to identify the user. This information is that specified in Legislative Decree 30 May 2008, n. 109, such as:
- •IP address used and e-mail address and any additional identifier of the sender;
- • IP address and fully qualified domain name of the mail exchanger host (in the case of SMTP technology), or of any type of host relating to a different technology used for communication transmission;
- • e-mail address and any additional identifier of the recipient of the communication;
- • IP address and fully qualified domain name of the mail exchanger host (in the case of SMTP technology), or of any type of host (relative to a different technology used), which provided for the delivery of the message;
- • IP address used for receiving or consulting e-mail messages by the recipient regardless of the technology or protocol used;
- • date and time (GMT) of connection and disconnection of the user of the Internet e-mail service and IP address used, regardless of the technology and protocol used.
3. PURPOSE OF THE TREATMENT:
The personal data collected on the website are processed by VERTIGO SRL for the following purposes:
- 3.1 Purpose a) Management of the registration procedure and access to the reserved area; Operational, technical and administrative management of the goods and services purchased by the User; Respond to requests for assistance or information, sent through the communication channels established by VERTIGO SRL;
- Legal basis: Execution of a contract of which the interested party is a part or the execution of pre-contractual measures adopted at the request of the same.
- 3.2 Purpose b) Fulfill legal, accounting and tax obligations;
- Legal basis: Compliance with legal and regulatory obligations to which the Data Controller is required.
- 3.3 Purpose c) Carry out direct marketing via e-mail for services similar to those purchased or in order to promote products or services in which the User is reasonably interested;
- Legal basis: Request for consent.
- 3.4 Purpose d) Security and prevention of fraudulent conduct;
- Legal basis: Need for the Data Controller to pursue its own legitimate interest and to protect its rights arising from the contract.
4. METHOD OF TREATMENT
The personal data processed are those indicated in point 2.; the processing will take place with the aid of electronic tools (mostly PCs/landline telephones/smartphones) connected to the network, to a physical server and to the cloud, and with the support of paper archives kept in dedicated rooms, accessible only by authorized personnel. Technical and organizational measures have been adopted to support and protect the security of such data.
5. DURATION OF THE TREATMENT
The data is processed and stored in our offices and on the company tools used (e.g. computers, servers, smartphones, etc.). Data processing (in paper and digital format) is carried out with suitable measures to guarantee the security and confidentiality of personal data, in particular in compliance with adequate security measures and according to the principles of lawfulness, necessity and proportionality. Some of the software we use is managed by cloud systems (e.g. mailboxes and management software).
- Purpose a) For the entire duration of the contract;
- Purpose b) For the entire duration envisaged by the relative obligations (10 years);
- Purpose c) Until withdrawal of consent
- Purpose d) Six years from their generation or until the statute of limitations of legal rights and actions;
The data are also processed by VERTIGO SRL for ordinary company processing related to the provision of the service (e.g.: for documentation purposes in the event of dispute of the invoice or payment claim, for fraud detection, to perform analyzes on behalf of customers), pursuant to the provisions of the law. In this case, the data is stored with stringent security measures applied in accordance with the law and subsequently deleted.
It should be noted that the data will subsequently be deleted. In the event that the need to restore data via backup should arise, the new deletion/anonymization of your data is guaranteed.
6. COMMUNICATION AND DISSEMINATION OF DATA
Personal data may be shared for the purposes specified above with:
7.1. Collaborators of the Data Controller, as subjects designated and authorized to process personal data, bound by confidentiality;
7.2. Professional firms that provide assistance and consultancy in accounting, administrative, legal, tax, financial matters and subjects with whom it is necessary to interact for the provision of the Services.
7.3. Authorities that manage the WHOIS database which contains the personal data of the assignees of domain names.
7.4. Subjects that provide the payment service by credit card (Paypal, Stripe, etc.) or other services instrumental to those provided by VERTIGO SRL.
7.5. Subjects delegated to carry out technical maintenance activities.
7.6. Judicial authority for purposes of repression and investigation.
These subjects will process the data as "Data Processors", and therefore duly appointed and authorized to process personal data under the direct authority of the Data Controller, Vertigo Srl, or as Data Controller or independent authorized "Data Controllers" to access it under the provisions of the law, regulations and standards; in any case, your data will not be disclosed.
7. STORAGE PLACE
The hardware infrastructure used by VERTIGO SRL to provide its services is located within the data center resident in Italy certified ISO 27001 in order to guarantee maximum security.
- Right of access: obtain confirmation as to whether or not personal data is being processed and, if so, request access, receive information relating to the purpose of the processing, the categories of personal data processed and the retention period, the recipients to whom these may be communicated;
- Right of rectification: obtain, without unjustified delay, the rectification of inaccurate personal data and the integration of incomplete personal data;
- Right to portability: receive your personal data provided to the Data Controller in a structured format, commonly used and readable by an automatic device, as well as obtain that they are transmitted to another data controller without impediments;
- Right to cancellation: obtain, without unjustified delay, the cancellation of your personal data;
- Right of limitation: obtain from the Data Controller the limitation of the treatment;
- Right to withdraw the consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation;
- Right to object: oppose the processing of your personal data, unless there are legitimate reasons for the Data Controller to continue processing;
- Right to lodge a complaint with the Personal Data Protection Authority or other Supervisory Authority.
To exercise your rights, you can send a pec to: Vertigo Srl, firstname.lastname@example.org; an email to the address email@example.com. Remember to attach a valid identity document.
This information may be subject to changes. The Owner reserves the right to modify or simply update its content, in part or completely, also due to changes in current legislation.