Personal Data Protection Policy
This Policy - based on art. 13 of EU Regulation 2016/679 ("GDPR") - describes the methods for managing the Personal Data ("Personal Data") of the interested parties ("Users"), which can be processed by EWIVA S.r.l. through the Website www.ewiva.com ("Website"). The validity of the present Policy is limited to the Website; therefore, the information submitted has no value for different websites even if they are accessible from links provided within the Website itself.
1. Data Controller
EWIVA S.r.l., with headquarter in Via Privata Grosio 10/4 Milan VAT number 16223171006 - PEC firstname.lastname@example.org (hereinafter "Ewiva" or the "Controller"), as data Controller, will process your Personal Data provided in full compliance with the applicable legislation on the protection of personal data.
2. Types of Personal Data
The computer systems and application procedures used to operate the Website acquire the following types of data during their normal operation and in an automated form:
- browsing data: data collected during the Website visits and whose transmission is implicit in the use of Internet communication protocols. For instance: IP address of the device connected to the Website, browser used, name of the internet service provider (ISP), date and time of visit, visitor’s webpage origin (referral) and exit , etc.;
- browsing data (cookies): data collected through the Google Analytics 4-based web analytics service. For detailed information on the cookies used on the Website, please refer to the following link https://ewiva.com/en/cookie-policy-en/ ;
- navigation data collected via social plugins: the so-called social plugins (Facebook, YouTube, Instagram, Linkedin) are inserted on the Website, in order to obtain - through the cookies installed on the device used - anonymous statistical data on visitors’ profile and on the most visited contents. In this case, from the installation of specific extensions (modules, plugins, widgets), or from the incorporation of content hosted on external platforms, it could be possible to transmit third-party cookies to and from all websites of which Ewiva is not the data controller. We inform you that the information collected by "third parties" is not accessible to the Controller and that its management is governed by the respective owners' privacy policies, to which reference should be made;
- contact data – e., identification data such as first name, surname, e-mail address, and city of residence, collected, respectively, in the "Solutions" area, from which it is possible to access the "Partner" area, "Contacts" area and "Work with us" area.
3. Purpose of the processing
The data collected are used exclusively in the performance of the activities of the Controller for the following purposes:
- to allow the Website navigation;
- to provide the User with the information and services requested, also by responding to any communications sent to email@example.com or via the form present in the "Solutions" - "Partners" area or in the “Contact us” area;
- to obtain anonymous statistical information on the use of the Website or related services, to check its proper functioning, to carry out monitoring activities in support of safety and to identify improvement actions;
- to send newsletters and other commercial communications, where the User has given his or her consent and entered the data in the specific Website’s section, in full compliance with any safeguard provided for under applicable legislation;
- to fulfil legal obligations, to comply with orders from Public Authorities, to detect any possible responsibilities in case of hypothetical computer crimes against the Website or its Users.
4. Legal basis of the data processing
The legal bases of the processing can be identified in the following:
- execution of pre-contractual measures adopted at the User’s request;
- obligations prescribed by law or compliance with orders from the Judicial Authority;
- User’s consent to receive newsletters and/or other commercial communications, as better specified in the appropriate section;
- legitimate interest of Ewiva in:
- the processing of data useful for the prevention, repression of any fraud and any illegal activity;
- processing for statistical purposes.
5. Processing methods
The Personal Data collected are processed in full compliance with the principles of lawfulness, correctness and transparency, as set out in Article 5 of the GPDR, also with the aid of IT and telematic tools designed to store and manage the data, and, in any case, in such a manner as to guarantee the security and protect the maximum confidentiality of the data subject.
6. Optional supply of data
Except as specified for particular on-demand services or processing, the User is free to provide his or her Personal Data or, in any case, to indicate them by sending e-mails to the addresses indicated in the different access channels of the Website and/or by filling in the dedicated "forms". Failure to provide such data may, however, result in the impossibility of fulfilling the User's requests.
7. Personal Data recipients
In order to pursue the purposes set out in paragraph 3 of this Policy, Ewiva may need to communicate the collected information (i) to its employees and collaborators, specifically appointed as Authorized Subjects (“Authorized Subjects”) and (ii) to third-party companies or other subjects who carry out some outsourced activities on behalf of Ewiva, as well as to their employees and collaborators. These subjects will process the Personal Data, for instance, in the context of customer communication management and/or marketing activities.
8. Retention period of Personal Data
In relation to the different purposes for which they were collected, the data will be kept for the time provided by the relevant legislation or for the time strictly required to pursue the purposes for which they were collected . More specifically:
- browsing data will be kept for a maximum of 3 months;
- data collected through the "Partner", "Contact Us" areas will be kept for the time necessary to verify and/or manage the request received;
- data collected through the "Newsletter" area will be stored on the basis of what is indicated in the specific section;
9. Rights of interested parties and right of appeal
The User has the right to obtain from the Controller, in the cases provided for, access to his or her Personal Data, the amendment or removal of the same and/or the limitation of the processing concerning them (articles 15 et seq. GDPR). The request can be sent to the e-mail address: contact firstname.lastname@example.org .
If the User considers that the processing has not been carried out in compliance with the GDPR, he or she has the right to appeal to the Judicial Authority or to file a complaint to the Italian Data Protection Authority, by: (a) registered letter with return receipt addressed to the Italian Data Protection Authority, Piazza Venezia, 11, 00187 Rome; (b) e-mail to: Protocol@gpdp.it or Protocol@pec.gpdp.it ; or (c) fax to: 06 / 69677.3785.
10. Changes to the Policy
This Policy may change over time. It is therefore advisable to check that the version referred to is the most up-to-date version possible by accessing the Privacy section of the Website.