This privacy policy aims to provide all the information regarding the
processing of personal data carried out by Iumob S.r.l. when the user contacts LooveDate.com
(as better specified below).
1. INTRODUCTION
– WHO ARE WE?
Iumob S.r.l., with registered offices in Via Comelico, No. 3, 20135 Milano, Tax Code/VAT No. 07048770965, enrolled in the Company Register of Milan with
the No. MI-1931950 (hereinafter
the “Data Controller”), owner of the
website www.LooveDate.com (hereinafter
the “Website” or the “Site”),
as the controller of personal data of the users who browse and are registered
on the Website (hereinafter the “Users”)
provides the following privacy policy according to Article 13 of EU Regulation
2016/679 dated 27 April 2016 (hereinafter, “Regulation” or “Applicable Law”).
2. HOW
TO CONTACT US?
The
Data Controller takes the utmost account of its Users’ right to privacy and
protection of personal data. For any information related to this privacy
policy, Users may contact the Data
Controller at any time, using the following methods.
Online:
- Contacting
customer service through the dedicated contact form;
By
Mail:
Sending a registered letter with return receipt
to the registered offices of the Data Controller (Via Comelico, 3, 20135
Milano);
For
specific requests to be sent to our Data Protection Officer:
- Users may also contact the Data Protection Officer (DPO) of the Data
Controller, the contact data of which is reported below: Italian company Shibumi
S.r.l. in the designated person of Avv. Lapo Curini Galletti - e-mail: dpo@iumob.it.
3. WHAT
DO WE DO? – PROCESSING PURPOSES
The
User may contact the Data Controller through the appropriate form by browsing
the Site, by e-mail or by any other method indicated by the Data
Controller. In relation to these
activities, the Data Controller collects personal data relating to the Users.
This
Site and any services offered through the Site are reserved for individuals who
are 18 years and over. Therefore, the Data Controller does not collect personal
data relating to individuals under 18 years of age. Upon request of the Users,
the Data Controller will promptly delete all personal data that has been
involuntarily collected and related to subjects under the age of 18.
The
personal data of the Users will be processed lawfully by the Data Controller
pursuant to Article 6 of the Regulation for the following processing purposes:
executing
the User’s request: the personal data of the Users are collected and
processed by the Data Controller with the only purpose to reply to their query.
The Data Controller will collect the following personal data in order to be
able to reply to the User’s request: name, surname, email address, and any
other information relating to the User possibly and voluntary given by the User
to the Data Controller. No other processing will be carried out by the Data Controller
in relation to the Users’ personal data. Without prejudice to what is
stipulated elsewhere in this privacy policy, under no circumstances the
Controller will make the personal data accessible to other Users and/or third
parties;
accounting-administrative
purposes, or in order to carry out organisational,
administrative, financial and accounting activities, as internal organisational
activities and activities aimed at fulfilling contractual and precontractual
obligations;
legal
obligations, or in order to fulfil obligations provided by the
law or the European laws and regulations.
The
provision of personal data for the processing purposes indicated above is
optional but necessary, since failure to provide such data will make it
impossible for the User to make a request to the Controller.
4. LEGAL
BASIS
Execution
of the User’s request (as described in paragraph 3, letter a) above): the
legal basis is Article 6, paragraph 1, letter b) of the Regulation, since the
processing is necessary for the performance of a contract to which the User is
party or in order to take steps at the request of the User prior to entering
into a contract.
Accounting-administrative
purposes (as described in paragraph 3, letter b) above): the
legal basis is Article 6, paragraph 1, letter b) of the Regulation, since the
processing is necessary for the performance of a contract to which the User is
party or in order to take steps at the request of the User prior to entering
into a contract.
Legal obligations (as
described in paragraph 3, letter c) above): the legal basis is Article 6,
paragraph 1, letter c) of the Regulation, since the processing is necessary for
compliance with a legal obligation to which the controller is subject.
5. PROCESSING
METHODS AND DATA RETENTION PERIOD
The
Data Controller will process the personal data of Users using manual and IT
tools, with logic strictly related to the purposes themselves and, in any case,
in order to guarantee the security and confidentiality of the data.
The
personal data of the Users will be retained for the time strictly necessary to
carry out the main purposes explained in paragraph 3 above or, in any case, as
necessary for the protection in civil law of the interests of both the Users
and the Data Controller.
6. TRANSMISSION
AND DISSEMINATION OF DATA
The
User’s personal data may be transferred outside the European Union and, in this
case, the Data Controller will ensure that the transfer is carried out in
accordance with the Applicable Law and, in particular, in accordance with
Articles 45 (Transfer on the basis of an adequacy decision) and 46 (Transfer
subject to appropriate safeguards) of the Regulation.
The
employees and/or collaborators of the Data Controller who are in charge of
carrying out Website maintenance may become aware of the personal data of the
Users. These subjects, who have been instructed by the Data Controller
accordingly to article 29 of the Regulation, will process the User's data
exclusively for the purposes indicated in this policy and in compliance with
the provisions of the Applicable Law.
The
personal data of the Users may also be disclosed to third parties who may
process personal data on behalf of the Data Controller as “Data Processors”, such as, for example, IT
and logistic service providers functional to the operation of the Website, outsourcing or cloud computing
service providers, professionals and consultants.
Users
have the right to obtain a list of any data processors appointed by the Data
Controller, making a request to the Data Controller in the manner indicated in
paragraph 7 below.
7. RIGHTS
OF THE DATA SUBJECTS
Users
may exercise their rights granted by the Applicable Law by contacting the Data
Controller as follows:
Online:
Contacting
customer service through the dedicated contact form;
By
Mail:
- Sending a registered letter with return receipt
to the registered offices of the Data Controller (Via Comelico, 3, 20135
Milano);
For
specific requests to be sent to our Data Protection Officer:
Users may also contact the Data Protection Officer (DPO) of the Data
Controller, the contact data of which is reported below: Italian company Shibumi
Srl in the designated person of Avv. Lapo Curini Galletti - e-mail: dpo@iumob.it.
Pursuant
to Applicable Law, the Data Controller informs that Users have the right to
obtain indication (i) of the origin of personal data; (ii) the purposes and
methods of the processing; (iii) the logic applied in the event of processing
carried out with the aid of electronic instruments; (iv) of the identification
details of the data controller and processors; (v) the subjects or categories
of subjects to whom the personal data may be communicated or who may come to
aware of them as processors or agents.
Furthermore,
Users have the right to obtain:
a) access, updating, rectification,
or, when interested, integration of
data;
b)
the cancellation, transformation into anonymous form or
the restriction of data processed in
breach of the law, including data that does not need to be stored in relation
to the purposes for which the data was collected or subsequently processed;
c)
certification to the effect that notification has been supplied of operations
as per letters a) and b), as also regards their content, to those to whom the
data was communicated or disseminated, except for the case where notification
proves impossible or requires the use of means clearly disproportionate to the
right being protected.
Moreover,
the Users have:
a)
the right to revoke consent at any
time, if the processing is based on their consent;
b)
(where applicable) the right to data
portability (the right to receive all personal data concerning them in a
structured format, commonly used and readable by automatic device);
c)
the right to oppose to:
i) in whole or part, for legitimate reasons, the
processing of personal data relating to him/her for legitimate reasons even
pertinent to the purpose of collection;
ii) in whole or part, the handling of personal data
for the purpose of sending advertising or sales materials or for the carrying
out of market research or for commercial communication purposes;
iii) if personal data is processed for direct
marketing purposes, at any time, to the processing of data for this purpose,
including profiling to the extent that it is related to such direct marketing.
d) if
it is deemed that the processing concerning his/her personal data violates the
Regulation, the right to lodge a
complaint with a Supervisory authority (in the Member State in which he/she
usually resides, in the one in which he/she works or in the one in which the
alleged violation has occurred). The Italian Supervisory Authority is the Data Protection Authority, with
registered offices in Piazza Venezia No. 11, 00187 – Rome (http://www.garanteprivacy.it/).
The
Data Controller is not responsible for updating all links viewed in this
Privacy Policy, therefore, whenever a link does not work and/or is not updated,
the Users acknowledge and accept that they must always refer to the document
and/or section of the websites referred to by this link.