Privacy Policy

Information on the processing of personal data

of users who consult this site pursuant to Article 13 of Regulation (EU) 2016/679

Pursuant to Regulation (EU) 2016/679 (hereinafter "Regulation"), this page describes the methods of processing personal data of users interested in the site www.topmanagers.it and business services in strict compliance with the general principles set out in Articles 5 and 6 of the GDPR, namely according to fairness, accuracy, completeness, and relevance to the stated purposes.

1) Data Controller

The Data Controller of the personal data of users who use this site is the company Reputation Manager S.p.A. Benefit Company (hereinafter Company) with registered office in Milan, Via C. Mangili 2, 20121, Milan. The Data Controller can be contacted at the following email address [email protected]

 

2) Purposes of processing

The purposes for which the data of the interested parties may be processed are related to the commercial information activity expressly requested by users interested in the services offered by the Company through the contact form published on this site.

Data may be collected for subscription to newsletters sent by the controller for informational, promotional, and commercial purposes.

The collected data may be necessary to fulfill any legal, accounting, and tax obligations. They could be used to assert or defend rights in court, in case of abuses in the use of the Site and/or our Services or for disputes of a contractual or non-contractual nature.

Some personal data from browsing experiences may be used to reprocess browsing statistics and improve the experience of using the site.

 

3) Legal basis

Your personal data are processed in accordance with the provisions of the Privacy Code art 24 and Article 6 of the GDPR.

A) Personal data are processed without your express consent (art. 24 lett. a), b), c) Privacy Code and art. 6 lett. b), e) GDPR), for the following Service Purposes:

to conclude contracts with the Data Controller regarding the services offered by it. The processing is also understood to be exercised for all pre-contractual, contractual, and tax obligations arising from ongoing or future commercial relationships
to comply with legal, regulatory, community, or authority orders
the processing is necessary for the pursuit of the legitimate interest of the data controller or third parties, provided that the interests or fundamental rights and freedoms of the data subject do not prevail

B) Only with your specific and distinct consent (arts. 23 and 130 Privacy Code and art. 6 1.f GDPR), for the following Marketing Purposes:

to send you via email, mail, and/or SMS and/or phone contacts, newsletters, commercial communications, and/or advertising material on products or services offered by the Controller and to assess the degree of satisfaction regarding the quality of services;
to send you via email, mail, and/or SMS and/or phone contacts commercial and/or promotional communications from third parties (e.g., partners, other companies in the Group).

4) Personal data subject to processing

The Controller may collect information suitable for directly or indirectly identifying the interested parties through the collection of information related to the name, an identification number, an online identifier, or one or more characteristic elements of the identity of the data subject. Other Personal Data freely provided in information request forms may also be processed. Any sensitive data, as per art. 9.1 Reg. 2016/679/EU, should not be processed unless explicit consent is given by the data subject.

Data provided voluntarily:

The personal data currently processed are only those entered during registration, namely: Surname, Name, Email, Phone Number, VAT Number. The request for additional data will be communicated to the user who will be asked to give their consent.

Browsing data (see point 9)

 

5) Recipients of the data

The data provided by the data subject through the contact form will not be transferred to third parties for commercial purposes or for other purposes. They will instead be transmitted to those responsible within the commercial and administrative scope of the Company to fulfill the actions indicated in paragraph 2 (purposes).

The data will be shared with subjects who typically act as data processors under art. 28 of the Regulation, namely: i) individuals, companies, or professional firms that provide assistance and consultancy to the company in accounting, administrative, legal, tax, financial matters, and debt collection related to the provision of Services; ii) subjects with whom it is necessary to interact for the provision of Services (e.g., hosting providers) iii) or subjects delegated to carry out technical maintenance activities (including maintenance of network devices and electronic communication networks); (collectively "Recipients"); the list of data processors who process data can be requested from the Controller.

Data may also be shared with subjects, entities, or authorities, independent data controllers, to whom it is mandatory to communicate your Personal Data by virtue of legal provisions or authority orders;

Additional recipients of the data are individuals authorized by the company to process Personal Data under art. 29 of the Regulation necessary to carry out activities strictly related to the provision of Services, who have committed to confidentiality or have an adequate legal obligation of confidentiality.

Only in the case of sending emails for marketing purposes, for which the data subject has previously given consent, third-party companies may be used by the data controller. This information will be attached to the same email indicating the company that will be used and in case it is located outside the EU territory.

 

6) Methods of processing

Your data may be processed electronically. The data of which Reputation Manager S.p.A. Benefit Company is the controller are only those necessary for the first phase of registration indicated in § 2. For the processing of data related to the services of the website, the Controller uses servers located within the European territory. The data of which Reputation Manager S.p.A. Benefit Company is the controller are only those necessary for the first phase of registration indicated in § 2 and 4. We inform you that the data will be collected, processed, and stored in full compliance with the provisions regarding security measures, as well as in compliance with the measures deemed appropriate under the new EU Regulation 2016/679. The data will also be processed in full compliance with the self-regulatory norms regarding the processing of personal data contained in the applicable ethical codes.

 

7) Duration of processing

The data will be processed for the time strictly necessary to achieve the purposes for which they were collected. Furthermore, they will remain available to the controller, the processor, and the appointees for any legal retention obligations (art. 22, paragraph 5, of the Code), only for the necessary duration or until the different date of request for deletion by the user. The maximum duration is, however, that provided by law for contractual liability, namely 10 years.

 

8) Rights of the data subject

As a data subject, you have the rights referred to in art. 7 Privacy Code and art. 15 GDPR, namely the rights to:

  • obtain confirmation of the existence or non-existence of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
  • obtain the indication:
  • of the origin of the personal data;
  • of the purposes and methods of processing;
  • of the logic applied in the case of processing carried out with the aid of electronic tools;
  • of the identifying details of the controller, the processors, and the representative eventually designated pursuant to art. 5, paragraph 2 Privacy Code and art. 3, paragraph 1, GDPR;
  • of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as designated representatives in the territory of the State, of processors or appointees;
    • obtain:
    • the updating, rectification, or, when interested, the integration of the data;
    • the deletion, transformation into anonymous form, or blocking of data processed in violation of the law, including those for which retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
    • the certification that the operations referred to in letters a) and b) have been brought to the attention, including regarding their content, of those to whom the data have been communicated or disseminated, except in cases where such fulfillment proves impossible or involves a manifestly disproportionate effort compared to the protected right;
    • oppose, in whole or in part:
    • for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of collection;
    • to the processing of personal data concerning you for the purpose of sending advertising material or direct sales or for conducting market research or commercial communication, using automated calling systems without the intervention of an operator via email and/or traditional marketing methods via phone and/or paper mail. It is noted that the right of opposition of the data subject, as stated in the previous point b), for direct marketing purposes through automated methods extends to traditional methods and that the data subject retains the possibility to exercise the right of opposition even partially. Therefore, the data subject can decide to receive only communications through traditional methods or only automated communications or none of the two types of communication. Where applicable, they also have the rights referred to in arts. 16-21 GDPR (Right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object), as well as the right to lodge a complaint with the Supervisory Authority
    • In particular, each user has the right to receive from the Data Controller a copy of the personal data concerning them. All these rights can be exercised by writing an email to: [email protected]

 

9) Browsing data

The IT systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

These are information that is not collected to be associated with identified data subjects but that by their very nature could, through processing and associations with data held by third parties, allow the identification of users.

This category of data includes: the IP addresses or domain names of the computers used by users connecting to the site; the addresses in URI (Uniform Resource Identifier) notation of the requested resources; the time of the request; the method used to submit the request to the server; the size of the file obtained in response; the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user's operating system and IT environment.

The data thus collected could be used to ascertain responsibility in the event of any cyber crimes against the site.

Regarding IP addresses, it is specified that the Controller uses third-party analysis services (Google Analytics) that use the IP addresses of the website users to provide data in reports and install cookies, including profiling cookies (for which reference is made to the specific information available on the site).

 

10) Contact information

Reputation Manager S.p.A. Benefit Company (hereinafter Company) with registered office in Milan, Via C. Mangili 2, 20121, Milan is the Controller of your personal data to whom you can address. In general, if you wish to contact us or receive more information about data processing, including an updated list of subjects to whom the data may be communicated and who are responsible for data processing, please write to the email address: [email protected]

11) Changes

Reputation Manager S.p.A. Benefit Company may modify the criteria and procedures for data processing at any time, or change and modify the methods of access to this Site or its content. In such cases, it will promptly update the Privacy Policy, which is to be understood as known to users at the time of publication on the Site.

The policy was published on 25/5/2018

Last update 5/10/2021

The controller reserves the right and obligation to make further changes in relation to subsequent legal provisions or based on business needs.