Privacy Notice

PRIVACY INFORMATION NOTICE PURSUANT TO ARTICLE 13 OF REGULATION (EU) 2016/679 – GENERAL DATA PROTECTION REGULATION, “GDPR”

Dear Customer,
We wish to inform you that the 2016/679 / EU Regulation (“General Data Protection Regulation”, briefly defined with the English acronym “GDPR”) of the European Parliament and of the Council of 27.4.2016, provides for the protection of natural persons with regard to to the processing of personal data. According to this legislation, the processing must be based on principles of correctness, lawfulness, transparency and protection of confidentiality. Liquidweb Srl attaches great importance to your privacy and is committed to protecting it and, in compliance with EU Regulation n. 2016/679, we invite you to read the following Notice, which was written in a simple and concise way so as to allow you to understand how Liquidweb Srl will process the personal data you provide

Data Controller

The Data Controller is LIQUIDWEB SRL with registered office at Via Cesare Maccari, 53100, Siena (SI).

Purposes

Your personal data are processed without your expressed consent (art. 24 letter a, b, c Privacy Code and art. 6 letter b, and GDPR), for the following purposes:

• contract execution and management,
• fulfill the obligations set forth in the tax and accounting fields;
• comply with the obligations incumbent on the Data Controller and required by current legislation;
• sending of commercial communications.

Legal basis of processing

The Data Controller treats your personal data lawfully, where the processing:

• it is necessary for the execution of a contract of which you are a part. The provision of data is necessary to be able to provide the services of the company and any refusal to provide such data could lead to failure or partial continuation of the relationship;
• it is necessary to fulfill a legal obligation incumbent on the Owner himself;
• it is based on the legitimate interest in sending, by email, commercial communications relating to products or services usually purchased by you.

Processing methods

The processing of your data is carried out by means of the operations indicated in the art. 4 Privacy Code and art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data will be processed electronically.

Duration

Your personal data, subject to processing for the purposes indicated above, will be kept for the duration of the contract and, subsequently, for the time in which the Data Controller is subject to conservation obligations for tax purposes or for other purposes, provided for by laws or regulations.

Data communication

We also inform you that the data collected will never be disclosed and will not be communicated without your explicit consent, except for the necessary communications that may involve the transfer of data to public bodies, consultants or other subjects for the fulfillment of legal obligations.

Nature of data provision and consequences of refusal to respond

The provision of your data for the purposes indicated above is necessary for the conclusion and / or execution of contractual and / or legal obligations, the failure to communicate the data therefore makes it impossible to fulfill these obligations. To achieve the purpose of sending commercial communications pertaining to the products or services you usually purchase, your consent is not necessary, but the legitimate interest of the Data Controller is sufficient (Article 6, letter f and recital No. 47, GDPR). The legitimate interest allows the Data Controller, even in the absence of a specific consent of the interested party, to send to the latter communications via e-mail of a commercial nature relating to a product / service similar to that covered by a previous contract already stipulated with the interested. The legitimate interest of the Data Controller, however, may be interrupted by the data subject at any time. The latter can in fact exercise the cd. “OPT OUT”, or expressing the right to exclude the data in question. Therefore, in every communication made by the Data Controller you will always be given the opportunity to exercise the right of exclusion from the relevant mailing list, by direct communication to the Data Controller, or by selecting the “delete” – or “unsubscribe” – entry at the bottom of the communication.

Nomination of the Data Protection Officer

The Owner considered it necessary to appoint a Person in charge of Personal Data Protection (defined as “D.P.O.”: data protection officer). The DPO can be contacted at the email address: privacy@braincontrol.eu

Data profiling and dissemination

Your personal data are not subject to disclosure or to any fully automated decision-making process, including profiling.

The Data Controller stores his data in the cloud, through the Google Suite system, which uses data centers supported all over the world. Google guarantees a level of security appropriate to the highest international standards such as ISO and SSAE16 / ISAE 3402, also has adhered to the Privacy Shield which imposes a series of obligations relating to control and transparency, in order to comply with European legislation on treatment of personal data.

Rights of data subjects

The rights granted to you by the GDPR include those of:

• ask the Data Controller to access your personal data and information concerning them (art. 15 GDPR); the correction of inaccurate data or the integration of incomplete ones (art. 16 GDPR); the cancellation (c.d. “right to oblivion”) of personal data concerning you (upon the occurrence of one of the conditions indicated in article 17, paragraph 1, GDPR, and in compliance with the exceptions provided in paragraph 3 of the same article); the limitation of the processing of your personal data (in the event of one of the hypotheses indicated in article 18, paragraph 1 GDPR);
• request and obtain from the Data Controller – in cases where the legal basis of the processing is the contract or consent, and the same is carried out by automated means – your personal data in a structured and machine-readable format, also for the purpose of communicating such data to another data controller (so-called right to the portability of personal data, art. 19 GDPR);
• oppose the processing of your personal data at any time in the event of special situations affecting you (art. 21 GDPR);
• withdraw consent at any time (art. 7, paragraph 3, GDPR), limited to cases in which the processing is based on your consent for one or more specific purposes and concerns common personal data (for example date and place of birth or place of residence), or particular categories of data (eg data revealing racial origin, political opinions, religious beliefs, health status or sexual life). The treatment based on the consent and carried out prior to the revocation of the same preserves, however, its lawfulness;
• make a complaint to a supervisory authority (Authority for the protection of personal data – www.garanteprivacy.it). (Guarantor for the protection of personal data – www.garanteprivacy.it – Piazza di Monte Citorio n. 121 – 00186 ROME – Fax: (+39) 06.69677.3785 – Telephone: (+39) 06.696771 – E-mail: garante@gpdp.it – Certified mail: protocollo@pec.gpdp.it
• The exercise of the aforementioned rights can be exercised by written communication to the Data Controller or to the DPO, to be sent by e-mail to the address indicated below: privacy@braincontrol.eu