INFORMATION ON THE PROCESSING OF PERSONAL DATA
Ai sensi dell’art. 13 del Regolamento UE 2016/679 del 27/04/2016
Egr. Mr / Dear Ms
Pursuant to Article 13 of EU Regulation 2016/679 of 27/04/2016, hereinafter referred to as the GDPR (General Regulation for the Protection of Personal Data), FUTURELY INC, with registered office in 405 Howard Street, San Francisco, California, 94105 United States, as owner of the processing of personal data, informs you of the following:
Owner and manager of the treatment
The data controller is FUTURELY INC, with registered office in 405 Howard Street, San Francisco, California, 94105 United States.
Purpose of the treatment
The personal data you provide will be processed exclusively for the following purposes:
1. access to the platform and use of the contents published on it
2. stipulation and execution of the contract and all related activities, such as, by way of example, provision of the services offered and requested, billing, credit protection, administrative, management, organizational and functional services for the execution of the contract;
3. fulfillment of the obligations established by law, regulations, applicable legislation and other provisions issued by authorities invested by law and by supervisory and control bodies.
The processing of personal data for the aforementioned purposes does not require your express consent (Article 6 letter b) and e) of the GDPR).
Mandatory or optional nature of providing data and consequences of a refusal to provide personal data
The personal data collected and processed by the Data Controller are:
- contact data (e.g. identification data, age, e-mail);
- payment data (e.g. billing data).
The data required for the purposes referred to in letters a), b) and c) above must be provided for the fulfillment of legal obligations and / or for the conclusion and execution of the contractual relationship and the provision of the requested services. Therefore, your refusal, even partial, to provide such data would make it impossible for the Owner to establish and manage the relationship itself and to provide the requested service.
Methods of data processing
The processing of personal data is carried out by means of the operations indicated in art. 4 n. 2) RGPD, for the aforementioned purposes, both on paper and computer, by means of electronic or automated tools, in compliance with current legislation in particular regarding confidentiality and security and in compliance with the principles of correctness, lawfulness and transparency and protection of the Customer's rights.
The processing is carried out directly by the owner's organization, by its managers and / or agents.
Communication and Dissemination
Your personal data may be communicated, within the limits strictly relevant to the obligations, tasks and purposes referred to above and in compliance with current legislation on the subject, to the following categories of subjects:
1. subjects to whom such communication must be made in order to fulfill or to require the fulfillment of specific obligations under laws, regulations and / or community legislation;
2. companies belonging to the owner's group or parent companies, subsidiaries or associates pursuant to art. 2359 of the Italian Civil Code, who act as data processors or for administrative and accounting purposes (purposes related to the performance of internal organizational, administrative, financial and accounting activities, in particular, functional to the fulfillment of contractual and precontractual obligations);
3. external natural and / or legal persons who provide services that are instrumental to the activities of the Data Controller for the purposes referred to in point 1 above (eg call centers, suppliers, consultants, companies, organizations, professional firms). These subjects will operate as data processors.
Personal data will not be disseminated in any way.
Retention period of personal data
Personal data will be kept for the entire duration expressed by the contract stipulated with the Data Controller, which concluded that the data will be kept for the fulfillment of the terms established by law for the conservation of administrative documents, after which they will be deleted.
Personal data is stored on servers located within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU. In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission.
Rights of the interested party
In your capacity as an interested party, pursuant to art. 15 GDPR You have the right to:
1. obtain from the data controller confirmation as to whether or not personal data concerning you are being processed and, in this case, to obtain access to personal data and the following information:
1. the purposes of the processing;
2. the categories of personal data in question;
3. the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if they are recipients of third countries or international organizations;
4. when possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
5. the existence of the right of the interested party to ask the data controller to correct or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
6. the right to lodge a complaint with a supervisory authority;
7. if the data are not collected from the interested party, all available information on their origin;
8. the existence of an automated decision-making process, including the profiling referred to in Article 22, paragraphs 1 and 4, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the 'interested.
2. If personal data are transferred to a third country or to an international organization, the interested party has the right to be informed of the existence of adequate guarantees pursuant to Article 46 relating to the transfer.
3. The data controller provides a copy of the personal data being processed. In case of further copies requested by the interested party, the data controller may charge a reasonable fee based on administrative costs. If the interested party submits the request by electronic means, and unless otherwise indicated by the interested party, the information is provided in a commonly used electronic format.
4. The right to obtain a copy referred to in paragraph 3 must not affect the rights and freedoms of others.
5. Where applicable, it also has the rights referred to in Articles. 16-21 RGPD (Right of rectification, right to be forgotten, right to limitation of processing, right to data portability, right of opposition), as well as the right of complaint to the Guarantor Authority.
For the exercise of the rights referred to in art. 15 of the RGPD or for questions or information regarding the processing of your data and the security measures adopted, you can in any case contact:
405 Howard Street,
California, 94105 United States.