The purpose of this document is to inform Users regarding Personal Data collected by 3V Agency S.r.l. and the website www.3vagency.com (hereinafter the "Application”).
The Data Controller, as identified here below, can modify or simply update this Information Statement in full or in part, informing Users to this effect. Modification and updates will be binding as soon as they are published on the Application. Therefore, the User is invited to read the Information Statement each time they access the Application.
Should the User fail to accept the amendments set forth in this Information Statement, they shall be required to cease use of this Application and can request the removal of their Personal Data by the Data Controller.
1. Personal Data collected by the Application
The Data Controller collects the following types of Personal Data:
A. Contents and information provided by the User on a voluntary basis
- Contact details and contents: for example, personal information, email or postal address and other contact information, security information used for authentication and account access, interests, personal preferences and other personal contents, etc..
- Personal data collected by Social Media: Users can share data disclosed to social media with the Application. The User has the right to control Personal Data that can be accessed by the Application insofar as they enable access to their social media accounts, by using the privacy settings available in social media involved. By associating accounts managed by social media with the Application and in authorising the Controller to access such Data, the User grants their consent to the acquisition, processing and storage of Data provided by said social media, in compliance with this Information Statement.
The User's failure to provide Personal Data that is compulsory for legal or contractual purposes, or which constitute a necessary requirement for the use of the service or for the stipulation of the contract, will mean that the Controller shall be unable to provide their services in whole or part.
The User who discloses third party Personal Data to the Controller is directly and exclusively liable for their provenance, collection, processing, disclosure or distribution.
B. Data and contents automatically acquired during Application use
- Technical data: computerised systems and software procedures essential to the functioning of this Application may acquire some Personal Data during the course of normal operation; the transmission of said data is implicit in the use of Internet communication protocols. Such information is not collected for the purpose of associating it with identified Users, but by its very nature may enable the identification of Users, through processing and association with data held by third parties. This category includes IP addresses, or domain names used by Users who connect to the Application, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained, etc..
- Data on use: Data on the use of the Application by the User may also be collected, for example: pages visited, actions carried out, functionalities and services used.
- Geolocalisation data: The Application can collect position Data, which may be precise or imprecise. Precise Data on position can be GNSS Data (Global Navigation Satellite System, GPS for example), as well as Data that identify the closest repeater, Wi-Fi and bluetooth hotspots, disclosed when position-based products or functionalities are enabled.
C. Personal data collected with cookies or similar technologies
Collected personal data may be used to execute contractual and pre-contractual obligations, statutory obligations and in the pursuit of the Controller's legitimate interests and for the following purposes:
- User registration and authentication by disclosing Data to Google Inc. https://policies.google.com/privacy, Facebook Inc. https://www.facebook.com/about/privacy;
- support and contact with the User by disclosing Data to Google Inc. https://policies.google.com/privacy, Facebook Inc. https://www.facebook.com/about/privacy;
- live chat interaction by disclosing Data to Google Inc. https://policies.google.com/privacy, Facebook Inc. https:// www.facebook.com/about/privacy;
- comment e feedback
- access to accounts on third party services by disclosing Data to Google Inc. https://policies.google.com/privacy, Facebook Inc. https://www.facebook.com/about/privacy;
- the viewing of contents from external platforms by disclosing Data to Google Inc. https://policies.google.com/ privacy, Facebook Inc. https://www.facebook.com/about/privacy;
- external management of payments by credit card, bank transfer or other instruments. Data used for payment are acquired directly by the selected payment service provider, without being processed in any way by this Application;
- traffic optimisation and distribution by disclosing Data to Google Inc. https://policies.google.com/privacy;
- users database management;
- profiling of characteristics, behaviours, User's choices, to provide customised services or promotions, by disclosing Data to Google Inc. https://policies.google.com/ privacy, Facebook Inc. https://www.facebook.com/about/ privacy;
- the sending of emails or newsletter and mailing list management;
- design and/or creation of commercial communication campaigns;
- remarketing and behavioural targeting by disclosing Data to Google Inc. https://policies.google.com/privacy, Facebook Inc. https://www.facebook.com/about/privacy;
- communication for own market research and surveys;
- disclosure and/or transfer for third party promotional and commercial purposes;
- storage, hosting and management of backend infrastructure;
- technical monitoring of infrastructure for maintenance, troubleshooting and performance improvement purposes;
- commercial affiliation;
- communication for own promotional and commercial purposes;
- disclosure and/or transfer for third party market research and surveys.
3. Processing procedures
Personal Data is processed by means of computerised and/or digital tools, with organisational methods and procedures strictly related with specified purposes.
Under some circumstances, persons or entities involved in the Controller's organisation may also have access to Personal Data (for example, staff management and sales operators, system administrators, etc.), including external persons or entities (such as IT companies, service providers, postal couriers, hosting providers, etc.) Said persons or entities may also be appointed Data Processor by the Controller and may access the Personal Data of Users whenever necessary; they shall be contractually bound to maintain the confidentiality of Personal Data.
The updated list of Data processors can be requested by email, please submit your request email@example.com.
4. Legal basis for processing
The Controller processes Personal Data regarding the User under the following conditions:
- The User grants their consent for one or more specific purposes;
- processing is necessary for the execution of a contract with the User and/or the execution of pre-contractual measures;
- processing is necessary to fulfil a legal obligation the Controller is required to comply with;
- processing is necessary for the execution of a duty of public interest or for the exercise of public authority the Controller is vested with;
- processing is necessary for the pursuit of the Controller's or third party interests.
You may request clarification from the Controller at any time regarding the concrete legal basis for each processing scenario.
Data are processed at the Controller's operating offices and in any other location or premises where the Controller may be based. For further information please contact the Controller at the following email address firstname.lastname@example.org.
6. Security measures
Processing is carried out in accordance with processes and tools that guarantee the security and confidentiality of Data, insofar as the Controller has adopted suitable technical and organisational measures to guarantee and enable evidence of how Processing is carried out in compliance with reference regulations and legislation.
7. Data conservation period
The Controller will process Personal Data for the length of time necessary to fulfil purposes pertaining to the execution of the contract between the Controller and User and never beyond 10 years after the termination of the relationship with the User and in any case never beyond the compulsory term specified by legislation in force.
When Personal Data processing is necessary for the pursuit of the Controller's legitimate interest, Personal Data shall be stored until the fulfilment of said interest.
If Personal Data processing is subject to the User's consent, the Controller can store Personal Data until the revocation of said consent.
Personal Data may be stored for a longer period of time if necessary for the fulfilment of a legal obligation or if ordered by an authority.
All Personal Data will be deleted upon the expiry of the storage period. Upon the expiry thereof, the right to access, erase, rectify and the right to Data portability can no longer be exercised.
8. Automated decision-making processes
No collected data will be subjected to automated decision-making processes, including profiling, which may generate legal or significant effects for the person.
9. Rights of the User
Users can exercise specific rights with reference to Data processed by the Controller. In particular, the User has the right to:
- withdraw consent any time;
- object to the processing of their Data;
- access their Data;
- verify and request rectification;
- obtain the limitation of processing;
- obtain the erasure of their Personal Data:
- receive their Data or have them transferred to another controller;
- lodge a complaint to the Personal Data Protection Authority and/or take legal action.
To exercise their rights, Users can contact the Controller using contact information provided in this document. Applications are free of charge and will be handled by the Controller as soon as possible and in any case within 30 days.
10. Data Controller
The Data Controller is 3V Agency s.r.l., with registered office in Via Giuseppe Meda, 45 - 20141 Milan (MI), Italy, Tax identification/ VAT number 09650970966, e-mail email@example.com, address
Certified email address firstname.lastname@example.org;
Last updated: Milan, 08/04/2019