Privacy Policy

The Data Controller is Spindox S.p.A. and can be reached by sending a written communication to Spindox S.p.A., based in Milan, via Bisceglie 76, 20152, or by sending an e-mail to the following certified address: spindox@legalmail.it

It will be processed exclusively for the purpose of responding to the query, i.e., for the provision of the service in accordance with this policy and the specific Privacy Information provided when subscribing to individual services.

Possible purposes for processing personal data provided include:

• Responding to requests for information about services provided by the Controller and/or presenting a commercial offer and/or drafting and managing a contract.
• Inviting users, including via email, to participate in training courses, conferences, events, and exhibitions organized by the Controller.

Possible personal data processed include:

• Name and surname
• Company affiliation
• Phone number (landline and/or mobile)
• Email

The IT systems and software procedures responsible for the operation of this website collect, during normal operation, certain data that is implicitly transmitted through the use of Internet communication protocols.

These data are not collected with the intention of associating them with users, but they could allow identification through processing and association with data held by third parties. These data are used solely to obtain anonymous statistical information on the use of the site and to verify its proper functioning. Additionally, in the event of hypothetical computer crimes against the site, the data may be used to ascertain any liability.

Categories of data include:

• IP addresses
• Domain names of computers used by users who connect to the site
• URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the server’s response (success, error, etc.), and other parameters related to the user’s operating system and IT environment.

The data described above are referred to as technical cookies, and they do not require the user’s consent. For more clarification on the data collected during navigation and the purposes, please refer to the “COOKIE POLICY“ section.

Aside from what is specified for navigation data classified as technical cookies, the personal data indicated on this page are processed by the Controller based on the user’s consent to processing or for fulfilling a contract.

Failure to provide such data may only result in the inability to obtain the requested service.

The data will be processed exclusively by personnel and collaborators of Spindox and, if necessary, by companies expressly appointed as data processors (e.g., for the technological maintenance of the site). If necessary, a complete list of data processors can be requested by contacting the Data Controller via e-mail.

Personal data provided by users will only be communicated to third parties if the communication is necessary to fulfill the user’s requests, without prejudice to what is provided in specific privacy notices for individual services.
For more information on navigation data, refer to our “COOKIE POLICY” section for details about recipients.

In general, in the case of transfers outside the EU, service providers will be selected from those providing adequate guarantees as specified in Article 46 of the GDPR.

The personal data indicated on this page will be retained for no longer than is necessary to achieve the purposes mentioned above.

The Data Controller does not carry out any automated decision-making processes on the personal data processed. The only profiling on this site pertains to navigation data, provided there is explicit consent for profiling and marketing cookies.
For more clarification, refer to the “COOKIE POLICY“ section.

• Access: You can be informed about the processing of your personal data and possibly receive a copy (Article 15 of the EU Regulation).
• Rectification: You can modify inaccurate data about you (Article 16 of the EU Regulation).
• Right to be Forgotten: You can request that your data be deleted at any time (Article 17 of the EU Regulation).
• Restriction: Under certain conditions, you can request that the processing of your personal data be limited. In this case, the Controller will not process the data for any purpose other than storage (Article 18 of the EU Regulation).
• Data Portability: You can receive your data or have it transferred to another Controller (Article 20 of the EU Regulation).
• Objection: You can object to the processing of your data when it is based on a legal basis other than consent (Article 21 of the EU Regulation).
• Automated Processing: You have the right not to be subjected to automated decision-making processes (Article 22 of the EU Regulation).

For further information about the rights of the data subject, please refer to the website www.garanteprivacy.it or request a complete extract of the articles mentioned from the Controller. These rights can be exercised in accordance with the Regulation by:

• Sending an email to dpo@spindox.it;
  or
• Sending a registered letter to the Data Controller’s legal office at: Via Bisceglie, 76, 20152 Milano or
• sending an email to the PEC: spindox@legalmail.it, at the attention of the Data Protection Officer.

In compliance with Article 19 of the EU Regulation, Spindox S.p.A. will inform the recipients to whom personal data have been communicated of any rectifications, erasures, or limitations requested, wherever possible.

Pursuant to Article 7 of the EU Regulation, the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

If the Data Subject believes their rights have been violated, they have the right to lodge a complaint with the Data Protection Authority, following the procedures indicated by the Authority at the following web address: www.garanteprivacy.it