Privacy e Policy

Policy on the processing of personal data pursuant to Articles 13 and 14 of EU Reg. 2016/679

Data Subjects: Website Browsers.

As the Data Controller of your personal data, and in compliance with EU Regulation 2016/679 (hereinafter ‘GDPR’), Flosslab S.r.l. hereby informs you that the aforementioned legislation provides for the protection of data subjects with respect to the processing of their personal data and that said processing must be based on the principles of fairness, lawfulness, transparency, and the protection of confidentiality and rights.

Your personal data will be processed in compliance with the legal provisions of the aforementioned legislation and the confidentiality obligations contained therein.

Purpose and Legal Basis of Data Processing

Your data will specifically be used for the following purposes, which relate to contractual or pre-contractual obligations:

• technical and functional access to our website. Your data is deleted when you close your browser;
• to send promotional and/or informative materials to the email addresses provided by the data subject, but only if they give their consent.

The Data Controller might obtain knowledge of special categories of personal data when performing the aforementioned data processing activities, namely: Internet navigation log files.

The processing of personal data belonging to special categories is performed in compliance with Article 9 of the GDPR.

Data Processing Methods

Your personal data might be processed in the following ways:

• using directly managed or programmed software systems;
• temporary processing in anonymous form.

All data processing is carried out in compliance with the methods set out in Articles 6 and 32 of the GDPR and through the adoption of appropriate security measures. Your data will only be processed by employees expressly authorised by the Data Controller and, in particular, the following categories of employees:

• programmers and analysts;
• marketing and sales employees.

Circulation

Your personal data will not be circulated.

Retention Period

We would like to inform you that, in compliance with the principles of lawfulness, purpose limitation, and data minimisation, and in accordance with Article 5 of the GDPR, your personal data will only be retained for the amount of time it takes us to perform the services we provide.

The Data Controller

In accordance with the law, the Data Controller is Flosslab S.r.l. (Via Cesare Battisti 14, 09122 – Cagliari (CA); VAT No. 03096510924; Email: [email protected]; Telephone: +39-070-7512011) in the person of its pro tempore legal representative.

The Data Protection Officer (DPO) appointed by the Data Controller pursuant to Article 37 of the GDPR is: Stefano Marras (Tax Code: MRRSFN72S18B354E; email: [email protected]).

You have the right to ask the Data Controller to delete (right to be forgotten), limit, update, rectify, or transfer your data, or to oppose the processing of your personal data. You can also exercise all of the rights listed in Articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR.

EU Reg. 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, and 22 – Rights of Data Subjects

1. Data subjects have the right to obtain confirmation of the existence or lack thereof of their personal data, even if it has not yet been recorded. They also have the right to their receipt in an intelligible form, and to lodge complaints with the Supervisory Authority.

2.2. The data subject has the right to know:

• the source of their personal data;
• the data processing purposes and methods used;
• the logic applied if data is processed using computer means;
• the identification details of the Data Controller, its employees, and the representative appointed pursuant to Article 5(2);
• the subject or categories of subjects to whom personal data could be sent, as well as the subjects who could become aware of them in their capacity as designated representative(s) for their region, in addition to the data processor(s) or person(s) in charge of data processing.

3. Data subjects have the right to request:

• the updating, rectification or, where interested, integration of their data;
• the erasure, transformation into anonymous form, or halting of data processed in breach of the law, including data whose retention is not necessary for the purposes for which they were originally collected or subsequently processed;
• certification to the effect that the operations as per letters A) and B) have been communicated (including with regard to their contents) to the entities to whom the data were communicated or circulated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;
• data portability.

4. Data subjects have the right to object, in whole or in part:

• to the processing of personal data concerning them, for legitimate reasons, even if it is pertinent to the purpose of data collection;
• the processing of their personal data in order to send advertisements or direct sales materials or to perform market research or sales communications.