INFORMATION PURSUANT TO THE REGULATION EU 679/2016 (“GDPR”)
The purpose of this document is to inform the individual (hereinafter “Data Subject”) regarding the processing of their personal data (hereinafter “Personal Data”) collected by the data controller, Marina Blu S.p.A., with registered office in Rimini (RN), via Ortigara 80, email address email@example.com, (hereinafter “Controller”), through the website https://marinadirimini.com/ (hereinafter “Application”).
1 Categories of Personal Data processed
The Controller processes the following types of Personal Data voluntarily provided by the Data Subject:
Contact Data: name, surname, address, email, phone, images, authentication credentials, any additional information sent by the Data Subject, etc.
Tax and Payment Data: tax code, VAT number, credit card details, bank account information, etc.
The Controller processes the following types of Personal Data collected in an automated manner:
Technical Data: Personal Data produced by devices, applications, tools, and protocols used, such as information about the device used, IP addresses, type of browser, type of Internet service provider (ISP). Such Personal Data may leave traces that, especially when combined with unique identifiers and other information received from servers, can be used to create profiles of individuals.
Browsing and Application Usage Data: such as pages visited, number of clicks, actions taken, session duration, etc.
The failure by the Data Subject to provide Personal Data for which there is a legal or contractual obligation, or if they constitute a necessary requirement for the conclusion of the contract with the Controller, will result in the Controller’s inability to establish or continue the relationship with the Data Subject.
The Data Subject who provides the Controller with Personal Data of third parties is directly and exclusively responsible for their origin, collection, processing, communication, or disclosure.
The processing of Personal Data is necessary:
1 fulfillment of any obligation arising from the pre-contractual or contractual relationship with the Data Subject
2 registration and authentication of the Data Subject: to allow the Data Subject to register on the Application, log in, and be identified, also through external platforms
1 the fulfillment of any obligation required by current laws, regulations, and rules, especially in tax and fiscal matters
1 email marketing purposes of products and/or services of the Data Controller to directly sell the products or services of the Data Controller using the email provided by the Data Subject in the context of the sale of a product or service similar to that being sold
2 statistical analysis with anonymous data: to perform statistical analysis on aggregated and anonymous data to analyze the behaviors of the Data Subject, improve the products and/or services provided by the Data Controller, and better meet the expectations of the Data Subject
1 retargeting and remarketing: to reach the Data Subject with a personalized advertising message who has already visited or shown interest in the products and/or services offered by the Application using their Personal Data. The Data Subject can opt-out by visiting the Network Advertising Initiative page.
2 marketing purposes of the products and/or services of the Data Controller: to send commercial and/or promotional information or materials, to carry out direct selling activities of products and/or services of the Data Controller, or to conduct market research through automated and traditional methods.
The Personal Data of the Data Subject may also be used by the Data Controller for legal protection before the competent judicial authorities.
The processing of Personal Data is carried out using both paper and electronic means, with organizational methods and logics strictly related to the specified purposes and by adopting appropriate security measures.
4 Processing methods and recipients of Personal Data
Personal Data is processed exclusively by:
The subjects listed above are required to use appropriate safeguards to protect Personal Data and may only access data that is necessary to perform their assigned tasks. Personal Data will not be indiscriminately disclosed in any way.
Personal Data will not be subject to any transfer outside the territory of the European Economic Area (EEA).
6 Personal Data retention period
Personal Data will be stored for the period of time necessary to fulfill the purposes for which they were collected, specifically:
At the end of the retention period, all Personal Data will be deleted or stored in a form that does not allow the identification of the Data Subject.
7 Rights of the interested party
Data Subjects have the right to exercise specific rights regarding the Personal Data processed by the Data Controller. In particular, Data Subjects have the right to:
Lodge a complaint with the supervisory authority for the protection of their Personal Data and/or take legal action.
To exercise their rights, Data Subjects can send a request to the following email address: firstname.lastname@example.org. The requests will be promptly handled by the Data Controller and processed as quickly as possible, in any case, within 30 days.
Last update: 11/12/2023.