The Data Controller processes the Data of Users in a proper manner and shall take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated.

In some cases, for the pursuit of the purposes aforementioned and within the limits of what is strictly necessary, the Data may be accessible to certain types of persons in charge, involved with the operation of the site (legal, sales and administrative staff or system administrators) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Data Controller.

Furthermore, the Data may be accessible to all those subjects whose activities are connected or in support of Data Controller’s activities and to which the latter may apply – after their appointment as Data Processors – for the carrying out the aforementioned activities, within the limits of what is strictly necessary and in compliance with the purposes referred to in the previous paragraph. Personal Data are processed exclusively within European Union.

I dati sono trattati esclusivamente all’interno dell’Unione europea.

In general, the Data provided will be stored in the form that allows your identification for the time strictly necessary for the purpose for which it was collected and subsequently processed, in any case, within the limits of the law and as indicated in the information notice.

In particular:

where collected for purposes related to the execution of a contract between the Data Controller and the Data Subject, they will be processed and stored until the end of the contractual relationship.

where treated with the prior consent of the interested party, will be retained until such consent is revoked.

In any case, the personal data of the interested party may also be kept for a subsequent period where needs may arise in order to defend or assert a right and / or to fulfill any further legal obligations or orders of the Authorities.

Interested parties to whom the personal data refer can exercise the following rights:

Right of access: the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed and any other information related with this statement. Moreover, you can request a copy of your data, within reasonable limits;

Right to Rectification: the right to obtain the rectification of inaccurate personal data concerning you;

Right to erasure: the right to obtain the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay for one or more reasons described in article 17 of GDPR;

Right to restriction of processing: the right to obtain restriction of processing when one of the statements described in article 18 of GDPR occurs;

Right to object: the right to object to the processing of your personal data, at any time, where the basis for that processing is either legitimate interests of controller unless there are legitimate reasons for proceeding with the processing that prevails over your own, for example for the exercise or our defense in court;

Right to data portability: the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

Furthermore, under article 7 of GDPR, data subjects have the right to revoke their consent at any time, without penalizing the lawfulness of the treatment considered on the consent previously granted. Moreover, they have the right to lodge a complaint with a supervisory authority, set up to protect fundamental rights and freedoms in connection with the processing of personal data, in this particular case, represented by The Italian Data Protection Authority.

To exercise these rights, obtain the updated list of data processors, report problems or ask for clarification on the processing of personal data you can write to the following email address: privacy@finproject.com, or contact the data processor info@xlextralight.com

It is also possible to forward your requests by writing to the Data Controller, Finproject S.p.A., located in Via San Gabriele, 96 – 62010 Morrovalle (MC) – ITALIA, specifying the object of the request.

FACEBOOK

This application may require some Facebook permissions that allow you to perform actions with your Facebook account and collect information from it, including personal data.

For more information on the permissions below, please refer to the Facebook Permissions Reference and Facebook Privacy Policy. The required permissions are the following:

The basic information of the user registered on Facebook normally including the following data: id, name, image, gender and language of location and, in some cases, the "friends" of Facebook. If the user made additional data publicly available, this will be available.

These services allow the website to draw on your profile data on social networks and to interact with your post. These services are not activated automatically, but require explicit authorization from the user.

TWITTER

This service allows this application to connect with the user's account on the social network Twitter, provided by Twitter, Inc.

Personal data collected: various types of data as specified by the Privacy Policy of the service. Place of processing : USA - Privacy Policy

GOOGLE OAUTH (GOOGLE INC.)

Google oauth is a registration and authentication service provided by Google Inc. It is connected to the Google network.

Personal data collected: various types of data as specified by the Privacy Policy of the service. Place of processing : USA - Privacy Policy

LIVE CHAT PLATFORMS

These services allow you to interact with live chat platforms, managed by third parties, directly from the pages of this application. This allows the user to contact the support service of this application, or allow this application to contact the user while browsing its pages.

In the event that an interaction service with live chat platforms is installed, this service may collect usage data relating to the pages on which it is installed, even if users do not use it. In addition, live chat conversations may be recorded.

YOUTUBE (GOOGLE)

Youtube is a video content viewing service managed by Google Inc. that allows this application to integrate such content within its pages.

Personal data collected: cookies and usage data.Place of processing : USA - Privacy Policy

COOKIES ON THIS SITE

TECHNICAL COOKIES FOR WHICH CONSENT IS NOT REQUIRED

The Data Controller will install on your device and, in particular, in your browser or allow third parties to install some cookies that are necessary to acquire or have our partners acquire statistical information in an anonymous and aggregated form relating to your navigation on the pages of this site.

FACEBOOK ADS CONVERSION TRACKING (FACEBOOK)

Facebook ads conversion monitoring is a statistical service provided by Facebook, Inc. that links the data coming from the Facebook ad network with the actions carried out within this application.

Personal data collected: cookies and usage data. Place of processing : USA - Privacy Policy

GOOGLE ADWORDS CONVERSION TRACKING (GOOGLE)

Google adwords conversion monitoring is a statistical service provided by Google, Inc. that links the data coming from the Google adwords ad network with the actions carried out within this application.

Personal data collected: cookies and usage data. Place of processing : USA - Privacy Policy

GOOGLE+ (GOOGLE)

Google provides interaction services with the Google+ social network, provided by Google Inc.

Personal data collected: cookies and usage data. Place of processing : USA - Privacy Policy

PINTEREST (PINTEREST)

The "pin it" button and pinterest social widgets are interaction services with the Pinterest platform, provided by Pinterest inc.

Personal data collected: cookies and usage data. Place of processing : USA - Privacy Policy

ADWORDS REMARKETING (GOOGLE)

Adwords remarketing is a remarketing and behavioural targeting service provided by Google Inc. That connects the activity of this application with the adwords advertising network and the doubleclick cooki

Personal data collected: cookies and usage data.

Place of processing : USA - privacy policy - opt out

GOOGLE ANALYTICS (GOOGLE)

Google analytics is a web analytics service provided by Google Inc. ("Google"). Google uses the personal data collected for the purpose of tracking and examining the use of this application, compiling reports and sharing them with other services developed by Google. Google may use personal data to contextualize and personalize the ads of its advertising network.


Personal data collected: cookies and usage data. Place of processing : USA - privacy policy - opt out

The Data Controller reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom. If a User objects to any of the changes to the Policy, the User must cease using this Application and can request that the Data Controller remove the Personal Data. Unless stated otherwise, the then-current privacy policy applies to all Personal Data the Data Controller has about Users.

Personal Data (or Data):

Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.

Usage and browsing information :

Information collected automatically from this Application (or third party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.

User:

The individual using this Application, which must coincide with or be authorized by the Data Subject, to whom the Personal Data refers.

Data Subject:

The legal or natural person to whom the Personal Data refers.

Data Processor (or Data Supervisor):

The natural person, legal person, public administration or any other body, association or organization authorized by the Data Controller to process the Personal Data in compliance with this privacy policy.

Data Controller:

The natural person, legal person, public administration or any other body, association or organization with the right, also jointly with another Data Controller, to make decisions regarding the purposes, and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.

This Application:

The hardware or software tool by which the Personal Data of the User is collected.

Cookies:

Small piece of data stored in the User’s device.

EMAIL

Provides access to the user's primary email address.

LEGAL REFERENCES

Notice to European users: this privacy statement has been prepared in fulfilment of the obligations of the General Data Protection Regulation EU 2016/679 on the protection of personal data.