Facebook Linkedin

Privacy Policy

INFORMATION FOR THE PROCESSING OF PERSONAL DATA OF USERS

Pursuant to Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as well as any applicable national and EU legislation

 

  1. Data Controller

Vero Project S.p.A., with its registered office in Concesio (BS), Via Stella No. 44, Tax Code and VAT No. 07623480964, represented by its legal pro tempore representative, acting as Data Controller (hereinafter “Data Controller”), informs you that your personal data will be processed for the purposes and in the manner detailed below.

The processing of personal data shall be carried out in accordance with the law and in compliance with the principles of necessity, fairness, lawfulness, transparency, protection of your privacy and your rights, limitation of the processing purpose and data retention, data minimization, accuracy and quality, as well as integrity and security of the data.

For any matter regarding the processing of your personal data, the Data Controller can be contacted via the following e-mail address: privacy@veroproject.it .

 

  1. Categories and Origin of the Processed Personal Data

Browsing data. The computer systems and software procedures employed for the operation of the website https://www.veroproject.it/ (hereinafter “Website”) acquire, during their normal functioning, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified individuals; however, due to its nature, it could, through processing and association with data held by third parties, allow for the identification of users. This category of data includes the IP addresses or domain names of the computers used by users when accessing the Website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the response given by the server (indicating successful completion, error, etc.) and other parameters related to the user’s operating system and IT environment. These data are used solely to derive anonymous statistical information concerning the usage of the Website and to monitor its proper functioning and are deleted immediately after processing. The data may be used to ascertain liability in the event of potential cybercrimes against the Website; save for this eventuality, web contact data are not retained for more than seven days and in any case not longer than necessary to process the requests submitted.

Data provided voluntarily by the User to register on and to access to the Website customer area. Registering on the customer area of the Website requires the collection of specific data provided by the data subject, such as name, surname, email address, position within the company, and message content. This personal data will be processed by the Data Controller solely for the purpose of creating a Website account for the customer. Subsequent usage of the functions provided under the customer area of the Website is conditional upon prior access to the area, for which some personal data is required (i.e. username and password).

Data provided voluntarily by the User via the contact form. The optional, explicit, and voluntary submission of messages through the contact form available on the Website results in the subsequent collection of the data provided by the sender (name, surname, email address, message content), which is necessary to respond to the submitted requests. The personal data collected through this method will be processed by the Data Controller solely for the purpose of responding to the information request received and for any subsequent related communications.

Data provided voluntarily by the User through the free demo request form. It is possible to formally request a free demo of Data Controller’s products on the Website. This request is conditional upon the Data Controller collecting the following data: name, surname, business sector, email address, telephone number and message content. The personal data collected through this method will be processed by the Data Controller solely for the purpose of responding to the request and for any subsequent related communications.

Data provided voluntarily by the User through the course subscription form. Subscribing to the courses offered by the Data Controller may require the provision of the following personal data: e-mail address, telephone number, VAT number and message content. This personal data will be processed by the Data Controller solely for the purpose of responding to the request and any subsequent related communications.

Data provided voluntarily by the User through the newsletter subscription form. Users voluntarily provide data through the newsletter subscription form. In order to subscribe to the website’s newsletter, the following personal data must be provided: email address and name. This data will be processed by the data controller solely for the purpose of processing the request and any subsequent related communications.

Data processed for the Whistleblowing procedure. The submission of reports of significant events pursuant to Legislative Decree No. 24/2023 via the reporting channel established by the Data Controller may involve the processing of personal data such as, by way of example, the name, surname, and work role of the reporting party, and may, depending on the content of the reports and the acts and documents attached thereto, give rise to the processing of personal data belonging to special categories as per Article 9 of Regulation (EU) 2016/679 (including data relating to health conditions, sexual orientation, or trade union membership) or personal data relating to criminal convictions and offenses as per Article 10 of Regulation (EU) 2016/679, in accordance with the specific Whistleblowing Privacy Policy available at the following link: [-].

Except where expressly provided for by law, the Data Controller does not collect personal data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, nor does it process genetic data, biometric data intended to uniquely identify a natural person, or data relating to the health, sex life, or sexual orientation of users. The Data Controller therefore invites you not to provide such data.

The consent of minors to the processing of their personal data is valid from the age of 16. The Data Controller will not proceed with the processing of personal data of children under 16 years of age, unless the parents or legal guardians consent to the collection, use, and disclosure of the children’s information by the Data Controller.

 

III. Purposes of data processing

On the basis of your free, explicit, and informed consent or under other legally permissible circumstances (including Article 6 of Regulation (EU) 2016/679), the Data Controller informs you that the personal data will be processed for the following purposes:

  1. Statistical research and analysis on aggregated or anonymous data, thereby ensuring that the user cannot be identified, aimed at assessing the functioning of the Website, measuring traffic, and evaluating usability and interest;

Legal basis: legitimate interest of the Data Controller.

  1. Management of contact requests received through the Website’s contact form, the free demo request form, the course registration form, the newsletter subscription form;

 Legal basis: performance of a contract to which the user is a party or pre-contractual measures adopted at the user’s request.

  1. Reception and management of notifications of potentially significant events pursuant to Legislative Decree No. 24/2023;

Legal basis: compliance with a legal obligation to which the Data Controller is subject and the pursuit of the legitimate interest of the Data Controller related to the exercise of its specific rights, also in the context of employment law.

The Data Controller informs you that in the event of failure to provide the personal data required for the purposes described under point b), it will be objectively impossible to provide you with the services offered by the Data Controller through the Website.

  1. Sending commercial communications (newsletters) via email concerning the offer of products or services provided by the Data Controller;

Legal basis: express consent.

 

  1. Methods of processing and data retention period

The personal data of the data subjects are processed primarily by computerized means by personnel authorized to process such data pursuant to Article 29 of Regulation (EU) 2016/679 or by processors appointed pursuant to Article 28 of Regulation (EU) 2016/679, for the time necessary to achieve the purposes for which they are collected or for any other legitimate purpose connected therewith, and in any event not beyond the periods provided by law for the protection of rights and/or for legal obligations. Adequate security measures are adopted to prevent data destruction or loss, unauthorized use, and unauthorized access, pursuant to Article 32 of Regulation (EU) 2016/679.

 

  1. Data communication and dissemination

The personal data collected referring to the user will not be disseminated in any way, except for the right of the Data Controller to communicate them to third parties, whose activity is necessary and related to the achievement of the purposes indicated above, such as, but not limited to: email service providers, providers involved in occasional maintenance and repair operations, cloud service providers, hosting and virtual server service providers, connectivity and telephony service providers, chat and communication service providers, mailing list service providers, file transfer service providers, remote assistance service providers, social networks, third parties that perform or distribute banking, financial and insurance services, archiving, assistance and consulting activities, administrative and judicial authorities competent to request and obtain information concerning you.

Your data may be disclosed to professional partners and/or companies located abroad as well – in Countries belonging and not belonging to the European Union or the European Economic Area (so-called Third Countries) recognized by the European Commission having an adequate level of protection of personal data or, if not, only if an adequate level of protection of personal data with respect to that of the European Union is contractually guaranteed by the company located in the Third Country (e.g., by signing the standard contractual clauses provided by the European Commission) and that the exercise of the rights of the data subjects is always ensured.

More specifically, the personal data made available by the Website may be transferred to servers located outside the EU if the IT providers used by the Data Controller (listed above as recipients) require this, or if they use cloud computing technology that cannot determine the location of your data with certainty.

 

  1. Rights of data subject

Each data subject may at any time exercise the rights referred to in articles 15 and following of the Reg. (EU) 2016/679. In particular, each data subject can ask the Data Controller to confirm the existence or otherwise of personal data concerning him, access to personal data and the correction or cancellation of them or the limitation of the processing that concern him or to object to processing, in addition to the right to data portability and the right to complain to the data protection authority. You may obtain information about the source from which the personal data originates and, where applicable, whether the data comes from publicly accessible sources. Moreover, if the processing is based on explicit consent, the data subject will have the right to withdraw the consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the withdrawal.

In order to ensure that your data will not be breached or used illegitimately by third parties, before granting a request from you to exercise any of the aforementioned rights, we will ask you for certain information to be certain of your identity.

You may exercise your rights by written request to be sent to the e-mail address: privacy@veroproject.it .

This information is written in Italian. In case of conflict between the Italian version and any translation in another language, the Italian version shall prevail.

Share the Post: