Statement of Privacy Practices

Italian version

This Statement of Privacy Practices took effect in May of 2018.

Updated 31.05.2019

Affidaty S.p.A. recognises the importance of personal-data protection, and undertakes to process personal data in an ethical manner, and in accordance with applicable law, in any country where Affidaty S.p.A. has operations.

This Statement of Privacy Practices sets forth the general privacy practices in effect at Affidaty S.p.A., and applicable to the information we collect, use, and disclose on consumers and other individuals such as business partners, suppliers, and other organisations with which Affidaty S.p.A. has, or anticipates having a commercial relationship.

This Statement of Privacy Practices is supplemented by the Statement of Online Privacy Practices, which provides additional information regarding online procedures, including hiring procedures. Affidaty S.p.A. may provide additional, or more specific information regarding the collection or use of personal information on websites, or with respect to a specific product or service.

How and Why We Collect and Use Personal Information

Affidaty S.p.A. collects an individual’s personal information for a variety of reasons, including:

1. Access and Use of Websites and Other Online Services

When you access one of our websites or use an online service, Affidaty S.p.A. records the information needed to allow the user to log onto and transact on a website and to guarantee, in respect of Affidaty S.p.A., compliance with various legal and security requirements regarding site operations, such as password, IP address, and browser settings. Additionally, we collect information on activities at the log-in stage to be able to personalise the user’s experience on the website, such as by storing preferences and settings, and to collect statistical information which allows us to improve and further develop our websites, products, and services.

2. How Do We Respond to Your Requests for Information, Orders, or Support?

When the user contacts us (whether online or offline) to request information, to order a product or service, for technical support, or to take part in a forum, or to use other social-computing tools, we collect the information required to respond to your request, to grant access to the product or service, to provide the requested support, and to be able to get in touch with you. For example, we collect names and contact information, details on the request and any existing agreements, as well as order fulfilment, delivery, and billing. We may also include information obtained from customer-satisfaction surveys. Affidaty S.p.A. retains all of this information for accounting purposes, to safeguard its own rights, and to perform under any pending agreement with a customer.

When the user provides a name and contact information upon registering, for purposes of a specific request, that registration may identify the user when they access our websites. Most orders for services and products require the user to register for a Synkrony Alias. A registered Synkrony Alias may also allow for both customisation and control of your privacy settings.

3. User’s Utilisation of Affidaty S.p.A. Services Blockchain

Affidaty S.p.A. collects information on use of Affidaty S.p.A. Blockchain services by the user in order to enable various product functions, enhance user experience, personalise interactions with the latter, advise customers regarding the general use of services, offer technical support, and improve and develop Affidaty S.p.A. products and services. For details on the technology used by Affidaty S.p.A., the personal information we collect, as well as how to control or disable tracking or remove cookies, please review Affidaty S.p.A.’s Statement of Online Privacy Practices.

4. How Do We Contact the Employees of Our Customers, Prospective Customers, Partners, and Suppliers?

As part of our interactions with customers or potential customers, partners and suppliers, we are provided with business contact information (including business name, details of the business contact, position or title of their employees, contractors, consultants, and authorised users) for purposes of contract management, compliance, the supply of goods and services, customer and technical support, invoicing, and managing the service or relationship.

5. Visitor Information

We log all individuals who visit our offices and other locations (full name, commercial contact information, and identification) and we use surveillance video for security reasons, to protect persons and property, as well as for reasons of statutory and regulatory compliance.

6. Marketing

Most information that we collect on a user comes from direct interaction. When a person registers for an event, Affidaty S.p.A. may collect information (whether on- or offline) relating to the event itself. Over the course of the event, Affidaty S.p.A. may collect information on session participation and survey results. Affidaty S.p.A. combines personal information gathered to develop aggregate analysis, with business intelligence used to generate business, and for marketing-related purposes. The user may choose to receive information via email, over the phone, or by mail regarding our products and services, or to register for subscriptions. Whilst you navigate our websites or use our services, we can offer personalised information. You may, at any moment, opt out of personalised correspondence by sending an email to privacy@affidaty.eu. For more information, please review Affidaty S.p.A.’s Statement of Online Privacy Practices.

If we affirmatively state that we have used personal information within the scope of a request, order, transaction, or agreement (or whilst preparing such activities), or to provide the requested services (such as a website), we do so because it is necessary to perform under an agreement pending between Affidaty S.p.A. and the user.

If we affirmatively state that we are using the personal information for marketing purposes, for purposes of product or service development, for security or safety, or for regulatory compliance beyond the scope of the agreement or request, we do so to safeguard our legitimate interests, or those of any third party, or with the user’s consent. The collection and use of personal information in accordance with EU Privacy Regulations may impact User Rights. For more information on this topic, please refer to Section 12. User Rights.

7. Disclosure of Personal Information

As an international business offering a wide array of products and services, with business processes, management structures, and technical systems operating on a global level, Affidaty S.p.A. has implemented a set of company-wide policies, along with standards and procedures, to ensure a standardised approach to data protection. As an international company, we may need to share user information with our affiliates across the world, and to transfer them to other countries where we have business operations. We always do so in full compliance with the provisions of this Statement of Privacy Practices.

Access to personal data amongst Affidaty S.p.A. affiliates is on a limited basis, as business needs require, and solely for those purposes for which access was granted. In some cases, Affidaty S.p.A. uses vendors in other countries to collect, utilise, analyse, and process personal information on behalf of Affidaty S.p.A..

Where and when possible, Affidaty S.p.A. also shares personal data with its chosen partners in order to offer the user or the company for which the user works certain products or services, or to field a user request, with the user’s consent. In vetting our vendors and business partners, we take into account their data-management procedures. Should Affidaty S.p.A. decide to sell, purchase, found, or reorganise a country in another country, such transactions may lead to the disclosure of personal information to actual or prospective purchasers; it is likewise possible that vendors receive such information. Affidaty S.p.A.’s practice is to request adequate personal-data protection as part of any such transaction. In some cases, personal information may be divulged to government entities pursuant to a court proceeding, court order, or legal proceeding. Affidaty S.p.A. may use or share personal information to protect the rights and property of Affidaty S.p.A., its business partners, suppliers, customers, or third party companies if Affidaty S.p.A. believes such rights or ownership is being infringed upon.

8. International Transfers

Affidaty S.p.A.’s operations are international in scope. This means there is a notable volume of personal information being transferred amongst the various affiliates, as well as third-party companies located in countries where Affidaty S.p.A. has operations. Some countries have applied limits on transfers of personal information. Affidaty S.p.A. has instituted a number of measures in response, including:

  • As needed, Affidaty S.p.A. incorporates the standard contract provisions approved by the European Union, or other boilerplate commonly used in other jurisdictions, into its agreements. These include transfers to vendors or to third parties.
  • Affidaty S.p.A. only transfers personal data outside the European Economic Area when the non-EU country offers an adequate level of data protection.

9. Data Accuracy and Security

Affidaty S.p.A. is committed to protecting personal information, and to ensuring the accuracy of the same. Affidaty S.p.A. has implemented technical, accounting, and physical security measures to protect personal information from unauthorised access, usage, and disclosure. For example, Affidaty S.p.A. encrypts certain personal information, such as credit-card data transmitted over the internet. Affidaty S.p.A. requires its vendors to protect this information from unauthorised access, usage, and disclosures.

10. Storage Period

Affidaty S.p.A. shall only retain personal information for as long as necessary to carry out the purposes for which such information was processed, including to ensure our processing meets the security standards set by regulation (e.g. audits, accounting, and statutory retention periods), dispute resolution, and to settle, institute, or defend legal rights in countries where we have business operations.

Since the facts may vary widely depending on the context and the services, the information provided in the Statement of Online Privacy Practices or supplied through a specific notice may contain more detailed information regarding applicable retention periods.

11. How to Contact Us

If you have any questions or concerns regarding the Statement of Privacy Practices, you may contact Affidaty S.p.A. using this form . The message will be forwarded to an appropriate member of Affidaty S.p.A.’s Data Privacy Team, such as the Data Protection Officer, or the DPO’s staff.

For purposes of the GDPR (the European Union’s General Data Protection Regulation), the data controller is Affidaty S.p.A., by and through its designated legal representative, with registered office at Viale Giovanni Milton no. 53, 50129 Florence (FI), Italy, unless otherwise stated. Should Affidaty S.p.A. or any subsidiary thereof (with a registered office outside the EEA (European Economic Area) be requested to appoint a legal representative within the EEA, the representative in all such cases shall be Affidaty S.p.A..

The Data Protection Officer (DPO) is Daniela di Gravio, on behalf of the company Corporate Advisors Srl, who can be contacted at the following addresses: Tel: 068414562 – Email: danieladigravio@gmail.com – Pec: danieladigravio@pec.it.

12. User Rights

You may request your personal information be accessible, updated, or corrected. Additionally, the user has the right to object to any direct marketing. You may submit a request using this form .

The user may enjoy additional rights under local law with respect to personal-data processing. For example, if the personal information being processed is subject to the EU General Data Protection Regulation (the “GDPR”), and the personal-information processing is predicated on a legitimate interest, the user has the right to object to processing on a case-by-case basis. Pursuant to the GDPR, the user may also have the right to request the elimination or limitation of processing, and the right to data portability.

13. How to Lodge a Complaint

Should the user believe the processing of their personal information to violate any data-protection laws, the user may lodge a complaint:

14. Changes to our Statement of Privacy Practices

Occasionally, Affidaty S.p.A. may update this Statement of Privacy Practices as well as other specific privacy notices or policies. When that happens, Affidaty S.p.A. enters a new date at the top of this Statement of Privacy Practices.