The following notice is provided in compliance with Article 13 of Regulation 2016/679 (GDPR), pursuant to Article 13 of Legislative Decree No. 196/2003 (Personal Data Protection Code) and relates to all personal data processed according to the methods indicated below.
Data Controller
The Data Controller of the Personal Data collected is: RB Costruzioni Srls
Operational headquarters: Via di Calenzano, 17 – 50019 – Sesto Fiorentino (FI)
Email address of the Data Controller: info@noleggiobarcamotore.com
Types of Data Collected
Detailed information on each type of data collected is provided in the dedicated sections of this privacy policy. Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of the site. Unless otherwise specified, all requested Data is mandatory. If the User refuses to provide it, it may be impossible to provide the service. In cases where some data is optional, Users are free to refrain from communicating such Data, without any consequences on the availability of the Service or its functionality. Users who have doubts about which Data is mandatory are encouraged to contact the Data Controller. The use of Cookies, or other tracking tools, by the site or third-party service providers, unless otherwise specified, is aimed at providing the Service requested by the User. The User assumes responsibility for the Personal Data of third parties obtained, published, or shared through the site and guarantees to have the right to communicate or disseminate them, holding the Data Controller harmless from any liability towards third parties.
METHODS AND PLACE OF PROCESSING OF COLLECTED DATA
Purpose of Data Processing
User data is collected to allow the Data Controller to provide their Services, as well as for the following purposes: Statistics, Newsletter, Personalized Advertising, Accounting, Content and feature performance tests, Interaction with social networks and external platforms, Displaying content from external platforms, and interaction with data collection platforms and other third parties. For detailed information on the purposes of processing and the Personal Data specifically relevant to each purpose, the User can refer to the relevant sections of this document.
Processing Methods
The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data. Processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Data Controller, other external subjects (administrative, commercial, marketing, legal staff, system administrators) or external entities (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data, and if necessary, be appointed as Data Processors by the Data Controller. The updated list of Data Processors can always be requested from the Data Controller.
Legal Basis for Processing
The Data Controller processes Personal Data relating to the User if one of the following conditions is met:
- the user has given consent for one or more specific purposes;
- processing is necessary for the performance of a contract with the user and/or for the implementation of pre-contractual measures;
- processing is necessary for compliance with a legal obligation to which the Data Controller is subject;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
- processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party.
It is always possible to request the Data Controller to clarify the specific legal basis for each processing and, in particular, to specify whether the processing is based on the law, required by a contract, or necessary for the conclusion of a contract.
Place
Data is processed at the Data Controller’s operational offices and in any other place where the parties involved in the processing are located. For more information, contact the Data Controller. The User’s Personal Data may be transferred to a country other than the one in which the User is located. For more information on the location of the processing, the User can refer to the section on details of Personal Data processing. The User has the right to obtain information regarding the legal basis of the transfer of Data outside the European Union or to an international organization of public international law or established by two or more countries, such as the UN, as well as regarding the security measures adopted by the Data Controller to protect the Data. If such transfers occur, the User can refer to the respective sections of this document or request information from the Data Controller by contacting them at the details provided at the beginning.
Retention Period
Data is processed and stored for the time required to fulfill the purposes for which it was collected:
- Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the completion of such contract.
- Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until the satisfaction of such interest. The User can obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.
When processing is based on the User’s consent, the Data Controller may retain Personal Data longer until such consent is revoked. Additionally, the Data Controller may be required to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority. Upon expiration of the retention period, Personal Data will be deleted. Therefore, after such term expires, the rights of access, deletion, rectification, and data portability may no longer be exercised.
Details on the Processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
- Mailing List or Newsletter
With registration to the mailing list or newsletter, the User’s email address is automatically added to a contact list to which email messages containing information, including commercial and promotional content, may be sent. The User’s email address may also be added to this list as a result of registration on the site or after requesting a quote.
Personal Data collected: email, first name, and last name. - Contact Form
By filling out the contact form with their Data, the User consents to their use for responding to information requests, quotes, or any other nature specified in the form’s heading.
Personal Data collected: first name and last name, email (mandatory data), phone, and various types of Data. - Registration for Access to Restricted Area
By filling out the registration form with their Data, the User consents to their use for creating a unique account for the site’s various functions (responding to information requests, quotes, or e-commerce).
Personal Data collected: first name and last name, email (mandatory data), phone, and various types of Data. - Interaction with Social Networks and External Platforms
This type of service allows interactions with social networks or other external platforms directly from this site. Interactions and information acquired are always subject to the privacy settings of the User related to each social network. If a social network interaction service is installed, it is possible that, even if Users do not use the service, it may still collect traffic data related to the pages where it is installed.- Facebook Social Widgets (Facebook Inc.)
Facebook social widgets are interaction services with the Facebook social network, provided by Facebook, Inc.
Personal Data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy. - YouTube Social Widgets (Google Inc.)
YouTube social widgets are interaction services with the YouTube platform, provided by Google Inc.
Personal Data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy.
- Facebook Social Widgets (Facebook Inc.)
- Remarketing and Behavioral Targeting
This type of service allows communication, optimization, and delivery of advertisements based on past use of this site by the User. This activity is carried out through tracking Usage Data and the use of Cookies, information that is transferred to partners related to the remarketing and behavioral targeting activity.- Remarketing with Google Analytics for Display Advertising (Google Inc.)
Google Analytics for Display Advertising is a remarketing and behavioral targeting service provided by Google Inc. that links the tracking activity carried out by Google Analytics and its Cookies.
Personal Data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy.
- Remarketing with Google Analytics for Display Advertising (Google Inc.)
- Statistics
The services contained in this section allow the Data Controller to monitor and analyze traffic data and help track User behavior.- Google Analytics (Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses the Personal Data collected to track and examine the use of the site, compile reports, and share them with other services developed by Google. Google may use Personal Data to contextualize and personalize ads on its advertising network.
Personal Data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy – Opt-Out.
- Google Analytics (Google Inc.)
Further Information on Personal Data
Privacy Policy
By filling out the contact form with their Data, the User consents to their use for responding to information requests, quotes, or any other nature specified in the form’s heading.
User Rights
Pursuant to Articles 15 – 21 of Regulation (EU) 2016/679, each data subject is granted a series of rights.
- Right of Access: the data subject, under Article 15, has the right to obtain confirmation that their personal data is being processed and, if so, to obtain a copy. They also have the right to access their personal data and additional information such as the purpose of processing, the categories of recipients, the retention period of the data, and the rights exercisable.
- Right to Rectification: the data subject, under Article 16, has the right to obtain the rectification of inaccurate personal data concerning them or to complete it.
- Right to Erasure: the data subject has the right to obtain the erasure of personal data concerning them, without undue delay, where one of the reasons set out in Article 17 applies.
- Right to Restriction of Processing: the data subject has the right, in the cases provided for in Article 18 of Regulation 2016/679, to obtain the restriction of processing.
- Right to Data Portability: the data subject has the right to receive their personal data in a structured, commonly used, and machine-readable format, and has the right to transmit such data to another controller without hindrance, as provided for in Article 20 of Regulation 2016/679.
- Right to Object to Processing: the data subject has the right to object to the processing of their personal data according to Article 21 of Regulation 2016/679.
The data subject also has the right to lodge a complaint with the competent supervisory authority, the Privacy Guarantor. Requests mentioned above should be addressed in writing to the Data Controller. The Data Controller will provide a timely response to requests for the exercise of the data subjects’ rights within the time limits established by current regulations.