INFORMATION FOR THE PROCESSING OF PERSONAL DATA PURSUANT TO THE EUROPEAN REGULATION 2016/679
This information is provided for sites under the domain “yawclub.com” (hereinafter referred to as the Site).
Holder of the treatment of personal data
Sydea S.r.l. Via Edith Stein, 7 40013 – Castel Maggiore (BO) P.IVA: 08215181218, company that carries out software development activities, is the owner of the processing of personal data collected and processed through the Site
Object of the Treatment
The IT systems and software procedures connected to our website, used for the maintenance and management of IT systems, acquire, during their normal operation, some personal data whose collection is implicit in the normal use of tools necessary for the required operations.
These data are not accompanied by any additional personal information and are used to:
receive and manage orders, provide products and services, process payments and communicate in relation to orders, products, services and promotional offers;
web analysis, verification of the number of visitors to the site, comments received;
communication of any crimes to the judicial authority;
measures for the security of networks and communications;
The company processes the personal, identification data (for example, name, surname, company name, address, telephone number, e-mail address, bank and payment details) communicated by the individual user / client and usually provided by the interested party at the time of conclusion of the contract and / or in any case necessary for the conclusion of the contractual relationship.
The legal basis that legitimizes the processing of such data is the need to provide the customer with the requested service / product, to maintain contact with the customer himself, for all fiscal / tax obligations and to guarantee the correct functioning of the website and compliance with any safety regulations imposed by law.
Purpose of the Treatment
Without your consent, pursuant to art. 6 lett. b), c) and f) GDPR, your data may be processed for the following Service Purposes:
conclude the contracts for the sale and services of the Owner;
fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships with the interested party;
fulfill the obligations for the completion of online payments;
fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority;
exercise the rights of the owner, for example the right to defense in court;
Only with your specific and distinct consent (Article 7 of the GDPR), for the following Marketing Purposes:
Registration on the website, as specified in the General Conditions, accessible from the Site;
send you via e-mail, post and / or text message and / or telephone contacts, newsletters, commercial communications and / or advertising material on products or services offered by the Data Controller and survey of the degree of satisfaction with the quality of services;
send you commercial and / or promotional communications from third parties via e-mail, post and / or sms and / or telephone contacts.
Data will be processed for the execution of the assignment received for the performance of the provision of the services offered by the Data Controller. The data will be processed by the Company in compliance with the principles of lawfulness, fairness and transparency. The data processing concerns data of a so-called nature. common, i.e. personal, financial and banking data.
Methods of the Treatment
The processing of personal data is carried out by means of the operations indicated in art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subjected to both paper and electronic and / or automated processing. The data processing will last strictly necessary for the fulfillment of the assignment received The data will be kept for the entire duration of the contractual relationship and for the time necessary for the definition of any accounting and / or administrative operation connected to the contract stipulated between the parties and in any case in compliance with the terms of the law in force.
We take physical, electronic and organizational security measures in relation to the collection, storage and disclosure of our customers’ personal data. Our security procedures mean that we may ask to verify your identity before disclosing personal data.
When registering on our website, it is important to take adequate measures to prevent unauthorized access to your password and to your computer, devices and applications.
It’s recommended to use a unique password to access the Site that is not also used for other online accounts.
It’s important to always make sure that you are logged out when you finish the activity on a computer shared with other users.
Access to Data
Your data may be made accessible for the purposes referred to in art. 2A) of this policy:
to employees and collaborators of the Company, in their capacity as persons in charge and / or internal managers of the processing and / or system administrators;
to third-party companies or other subjects (Professional Firms, Law Firms, etc.) who carry out outsourced activities on behalf of the company, in their capacity as any external data processors.
Without the need for express consent (Article 6 letter b) and c) GDPR), the Company may communicate your data for the purposes referred to in art. 2A) of this policy to Supervisory Bodies, Judicial Authorities, as well as to those subjects to whom the communication is required by law for the accomplishment of the aforementioned purposes. These subjects will process the data in their capacity as independent data controllers.
Your information won’t be disseminated.
Personal data is stored on servers located within the European Union. In any case, it is understood that the Company, if necessary, will have the right to move the servers even outside the EU. In this case, the Company ensures from now on that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission.
Nature of the provision of data and consequences of refusing to respond
The provision of data for the purposes referred to in art. 2.A) of this policy is mandatory. In their absence, we will not be able to guarantee the correct and complete performance of the activities envisaged by the assignment received.
Rights of the interested party
In your capacity as an interested party, you have the rights referred to in art. 15 GDPR and precisely the rights of:
get confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
- a) origin of personal data;
- b) of the purposes and methods of the processing;
- c) the logic applied in case of processing carried out with the aid of electronic tools;
- d) the identity of the owner, managers and any representative designated pursuant to art. 3, paragraph 1, GDPR;
- e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;
- a) updating, rectification or, when interested, integration of data;
- b) cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed;
- c) attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right;
object, in whole or in part:
- a) for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection;
- b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator through and -mail and / or through traditional marketing methods by telephone and / or paper mail. It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility remains for the interested party to exercise the right of opposition also only partially. Therefore, the interested party can decide to receive only communications using traditional methods or only automated communications or neither of the two types of communication.
Where applicable, it also has the rights referred to in Articles. 16-22 GDPR: Right of rectification, right to be forgotten, right to limitation of treatment, right to data portability, right of opposition, rights relating to profiling (in relation to this last right it is specified that pursuant to art. 22 paragraph 1 of the GDPR, the application of the rules on the general prohibition of profiling is limited to the only cases in which the automated decision-making process :
- 1) produces legal effects;
- 2) significantly affects the person of the user;
- 3) the decision is based entirely (solely) on the automated processing of data, as well as the right of complaint to the Guarantor Authority.
How to exercise rights
You can exercise your rights at any time by sending:
- a registered letter a.r. to: Sydea S.r.l., Via Edith Stein, 7, 40013 – Castel Maggiore (BO);
- an email to: firstname.lastname@example.org.
The person in charge of data processing and management by the Data Controller can be reached at the e-mail address: “email@example.com” any request in this regard can be sent directly to that address.
Personal data processed through the use of third party services
The main third party services that process the data are listed below.
ACCESS TO ACCOUNT ON THIRD PARTY SERVICES ACCESS TO FACEBOOK ACCOUNT Permissions: About me.
AMAZON OMAKASE COMMERCIAL AFFILIATION Personal Data: Usage data; Tracking Tool
RAKUTEN ADVERTISING AFFILIATES Personal Data: Usage Data; Universal unique identifier (UUID); Tracking Tool
CONTACT THE USER MAILING LIST OR NEWSLETTER Personal Data: email
MANAGEMENT OF CONTACTS AND SENDING OF MESSAGES MAILUP AND AMAZON SIMPLE EMAIL SERVICE Personal Data: email
MANAGEMENT OF TAG GOOGLE TAG MANAGER Personal Data: Cookies; Usage data
INTERACTION WITH SOCIAL NETWORKS AND EXTERNAL PLATFORMS LIKE BUTTON AND SOCIAL WIDGETS OF FACEBOOK, +1 BUTTON AND SOCIAL WIDGETS OF GOOGLE + AND TWEET BUTTON AND SOCIAL WIDGETS OF TWITTER Personal Data: Cookies; Usage data
ADVERTISING GOOGLE ADSENSE, CRITEO, GOOGLE AD MANAGER, ADCOLONY, SMART ADSERVER, PUBLIC SIMILAR TO FACEBOOK, ADFORM AND COMSCORE Personal Data: Cookies; Usage data
ADMOB AND FACEBOOK AUDIENCE NETWORK Personal Data: Cookies; Usage data; unique device identifiers for advertising (Google Advertiser ID or IDFA identifier, for example)
DIRECT EMAIL MARKETING (DEM) Personal Data: email
4 STROKE MEDIA NIELSEN, PREBID, AMAZON MOBILE ADS, IOL ADVERTISING, VIADS ADVERTISING, QUANTCAST ADVERTISE AND SIMILAR GOOGLE ADS PUBLIC SEGMENTS Personal Data: Usage Data; Tracking Tool
DIRECT REGISTRATION Personal Data: date of birth; e-mail; province; username; first name; last name; age; sex; phone
FACEBOOK OAUTH Personal Data: Tracking Tool; various types of data
REMARKETING AND BEHAVIORAL TARGETING FACEBOOK CUSTOM PUBLIC Personal Data: Cookies; e-mail
ADOBE AUDIENCE MANAGER, FACEBOOK REMARKETING, CRITEO DYNAMIC RETARGETING, GOOGLE AD MANAGER AUDIENCE EXTENSION AND REMARKETING GOOGLE ADS Personal Data: Usage Data; Tracking Tool
RAKUTEN ADVERTISING REMARKETING Personal Data: Usage Data; Universal unique identifier (UUID); Tracking Tool
PLATFORM AND HOSTING SERVICES AMAZON APPSTORE Personal Data: Usage Data
STATISTICS GOOGLE ANALYTICS AND FACEBOOK ADS CONVERSION MONITORING (FACEBOOK PIXEL) Personal Data: Cookies; Usage data
GOOGLE ANALYTICS FOR FIREBASE Personal Data: Application updates; opening the Application; Cookie; Usage data; duration of the session; unique device identifiers for advertising (Google Advertiser ID or IDFA identifier, for example); device information; number of sessions
QUANTCAST MEASURE, COMSCORE ANALYTICS, GOOGLE ANALYTICS WITH ANONYMIZED IP AND MONITORING OF YAHOO ADVERTISING CONVERSIONS Personal Data: Usage Data; Tracking Tool
REPORTS ON DEMOGRAPHIC DATA AND INTERESTS OF GOOGLE ANALYTICS Personal Data: unique identifiers of advertising devices (Google Advertiser ID or IDFA identifier, for example); Tracking Tool
SIMPLE ANALYTICS Personal Data: Usage Data; device information; language
YOUTUBE ANALYTICS AND REPORTING API Personal Data: Data communicated during the use of the service; Usage data
CONTENT AND FUNCTIONALITY PERFORMANCE TEST (A / B TESTING) GOOGLE OPTIMIZE AND GOOGLE OPTIMIZE 360 Personal Data: Usage Data; Tracking Tool
FONT AWESOME Personal Data: Usage Data
GOOGLE SITE SEARCH WITH ADSENSE Personal Data: Usage Data; Tracking Tool
Other informations about Personal Data Treatment
ADDITIONAL DATA REQUIRED BY yawclub The Site collects email, province, year of birth, name, surname, address, telephone.
ACCESS TO THE DIRECTORY The Site may request access to your address book.
UNIQUE IDENTIFICATION OF THE DEVICE The Site can track Users by saving a unique identification code of their device, for statistical purposes or to store Users’ preferences.
In most cases, Users can choose not to receive push notifications by consulting their device settings, such as the notification settings for mobile phones, and then modifying these settings for the Site, for some or all of the applications on the device in question.
Users should be aware that disabling push notifications can negatively affect the use of the Site.
PUSH NOTIFICATIONS FOR DIRECT MARKETING The Site may send push notifications to the User for direct marketing purposes (in order to offer services and products provided by third parties or not related to the service or product provided by the Site).
In most cases, Users can choose not to receive push notifications by consulting the settings of their device, such as the notification settings for mobile phones, and then modifying these settings for the Site, or for all applications on the device in question.
Users should be aware that disabling push notifications can negatively affect the use of the Site.