Website privacy policy

PRIVACY NOTICE
pursuant to Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016

PRIVACY POLICY

This document describes the methods of managing the websites www.matchplat.com and www.matchplat.it (hereinafter “the site”) with regard to the processing of personal data of users who consult them. It is a general document providing information on the criteria of proper personal data processing carried out on or through the site. Specific notices relating to the individual services used by the user, drafted pursuant to Article 13 of EU Regulation 679/2016 on the protection of personal data and its free circulation (hereinafter “the Regulation”), are also available on the website in the relevant sections and can be obtained from the Data Controller’s offices.

This Privacy Notice is provided pursuant to Article 13 of the Regulation to those who interact with the site’s web services and does not apply to processing carried out on other websites that the user may consult through links present on the site itself. Users are invited to carefully read this notice before submitting any personal information.

For the transmission of personal data, the website uses SSL/HTTPS encryption protocols (Secure Socket Layer – Hyper Text Transfer Protocol certificate), also to prevent the risks of identity theft.

Data Controller

Following consultation of this site, data relating to identified or identifiable persons may be processed (the “data subject” pursuant to the Regulation, hereinafter “user”). The Data Controller of personal data is Matchplat S.r.l. – Subject to management and coordination by Mobo Holding S.r.l. (hereinafter “Controller”). As of today, all information concerning the Controller, together with the updated list of data processors and system administrators appointed, can be obtained at Via Gerolamo Zanchi, 22, Bergamo.

Email: privacy@www.matchplat.com

Purposes, Lawfulness of Processing, Types of Data, and Criteria for Determining Data Retention Periods

  • Browsing Data

Browsing the site involves the acquisition of some personal data, the transmission of which is implicit in the use of Internet communication protocols (“browsing data”). This information is not collected to be associated with identified users, but, by its very nature, could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server where the site is hosted or which manages the provision of requested services, the size of the file obtained in response, the numerical code indicating the status of the response from the server (success, error, etc.), and other parameters relating to the user’s operating system and IT environment.

The purposes for which users’ personal data will be processed include:

  • use of the site;
  • any checks on the proper functioning of the services offered.

Browsing data are retained for the period necessary to achieve the purposes for which they are collected and, in any case, no longer than seven days, except for the time needed to comply with requests from judicial authorities for defense and/or state security purposes and/or for the prevention, detection or prosecution of crimes, or to comply with requests from the Data Protection Authority.

The lawfulness of processing is based on the Controller’s legitimate interest (Article 6.1 letter f) of the Regulation) in ensuring the correct functioning of the site.

The provision of personal data is optional. If the data subject does not wish to provide browsing data, they must refrain from accessing and browsing the site.

  • Contact/Information Request Section

The personal data provided by the user who accesses the “Contact/Information Request” section by sending a message will be used solely for the purpose of performing the requested service. The optional, explicit and voluntary sending of emails to the addresses indicated on the site necessarily entails the subsequent acquisition of the sender’s email address, required to reply to requests, as well as any other personal data included in the message.

The lawfulness of processing is based on the need to perform a contract to which the user is party or to take pre-contractual measures requested by the user (Article 6.1 letter b) of the Regulation), or on the legitimate interest of the Controller (Article 6.1 letter f) of the Regulation), consisting of responding to incoming requests.

The user’s personal data are retained for the time necessary to reply and, in any case, no longer than the time required to handle possible disputes or claims.

The provision of data is optional. Failure to provide data makes it impossible for the Controller to respond to requests.

  • Newsletter/Mailing-list

Subject to the user’s explicit consent, their personal data (first name, surname, email address, etc.) are processed for sending promotional and/or advertising material, conducting market research, commercial communications and direct sales activities relating to the Controller’s products and services. The lawfulness of processing is based on the user’s free and explicit consent (Article 6.1 letter a) of the Regulation).

The user’s data are retained for the time necessary to provide the service, i.e., until consent is withdrawn, and in any case for no longer than two years, or for the time required to manage disputes or claims.

The provision of personal data is optional. Failure to provide data makes it impossible for the Controller to provide the newsletter service.

  • Reserved Area

Users’ personal data are processed for registration and access to the reserved area (Investor Area – Client platform access). The lawfulness of processing is based on the performance of a contract to which the user is party (Article 6.1 letter b) of the Regulation).

The data are retained for the time necessary to provide the service, i.e., until the cancellation of the reserved area account, or for the time required to handle disputes or claims.

The provision of data is optional. Failure to provide them prevents registration and access to the reserved area.

  • Job Applications

Personal data provided by users in their CVs submitted through the dedicated section of the site may be used for recruitment and selection purposes in view of possible collaboration with the Controller. The lawfulness of processing derives from the performance of a contract to which the user is party or pre-contractual measures taken at their request, as well as compliance with legal obligations (national laws, EU regulations) applicable to the Controller (Article 6.1 letters b), c) of the Regulation).

The data are retained for the time necessary for recruitment/selection activities, or for the time required to manage disputes or claims.

The provision of personal data is optional. Failure to provide them makes it impossible for the Controller to carry out recruitment and selection.

  • Online Chat

The personal data provided by users through the online chat are processed to provide information on the Controller’s services.

The lawfulness of processing is based either on the need to perform a contract to which the user is party or pre-contractual measures requested by them (Article 6.1 letter b) of the Regulation), or on the legitimate interest of the Controller (Article 6.1 letter f) of the Regulation) consisting of responding to requests.

The data are retained for the time necessary to provide a response and, in any case, no longer than the time required to handle possible disputes or claims.

The provision of data is optional. Users who do not wish to provide their data must refrain from using the online chat.

Methods of Processing

Processing of personal data takes place at the Controller’s premises, or if necessary, at the premises of any data processors appointed under Article 28 of the Regulation, or at the premises of the parties indicated in the “Communication and Disclosure of Personal Data” section. Processing is partially automated as it is carried out using electronic tools. Specific security measures are observed to prevent loss, unlawful or incorrect use, or unauthorized access. Processing is carried out only to the extent strictly necessary for the functions requested, excluding processing when the purposes can be achieved using anonymous data or methods that allow the user to be identified only when necessary.

Communication and Disclosure of Personal Data

Personal data may, if necessary, be communicated (meaning disclosed to one or more specific parties):

– to parties entitled to access data by virtue of national or EU legislation;

– to natural and/or legal persons, public and/or private, where communication is necessary or functional to the Controller’s activities for the purposes indicated above;

– to employees/collaborators of the Controller within their duties and/or contractual obligations;

– to parties acting as processors or sub-processors under Article 28 of the Regulation entrusted with institutional tasks and/or the technical management of the site (e.g., hosting, database management).

Personal data are not disseminated, meaning they are not disclosed in any way to an indefinite number of parties. Personal data are not transferred outside the European Economic Area (EEA), without prejudice to their free circulation within the EEA.

Social Network Plugins

The site incorporates plugins and/or buttons for social networks, to allow easy content sharing on the user’s preferred platforms. These plugins are programmed so that no cookies are set upon page access, safeguarding user privacy. Cookies may be set, if required by social networks, only when the user voluntarily uses the plugin. If the user is already logged in to a social network with their credentials, they have already consented to the use of cookies. The collection and use of information obtained through plugins are governed by the respective privacy policies of the social networks.

Amendments to this Notice

The Controller reserves the right to amend this Privacy Notice at any time, providing notice to users on this page. Users are therefore invited to consult this page frequently to remain updated.

Data Protection Officer (DPO)
The Data Protection Officer appointed by the Controller is:

DPO  P.IVA  Via/Piazza  CAP  Comune  Nominativo del DPO 
LTA SRL  14243311009  VIA DELLA CONCILIAZIONE,10  00193  Roma  Luigi Recupero 

The DPO can be reached at the Controller’s premises in Via Gerolamo Zanchi, 22, Bergamo. For written requests/communications sent digitally, the DPO can be contacted at the following email: privacy@www.matchplat.com

Data Subject Rights

At any time, the user may exercise the following rights:

  • the right to receive their personal data in a structured, commonly used and machine-readable format, and to transmit those data to another controller without hindrance;
  • the right to access their personal data;
  • the right to rectification of their personal data, provided it does not conflict with applicable data retention laws;
  • the right to erasure of their personal data, provided it does not conflict with applicable data retention laws;
  • the right to restriction of processing;
  • the right to object, on grounds relating to their particular situation, at any time to the processing of personal data;
  • the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal;
  • the right to object at any time to processing for direct marketing purposes, including profiling related to such direct marketing;
  • the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects or significantly affects them.

The above rights may be exercised by submitting a request to the Controller, without formalities, by hand delivery, traditional mail, registered letter, fax, or email to privacy@www.matchplat.com

To facilitate the exercise of these rights, the Italian Data Protection Authority provides a specific form available at www.garanteprivacy.it

Right to Lodge a Complaint

The user has the right to lodge a complaint with a supervisory authority (the Italian Data Protection Authority: www.garanteprivacy.it).

Cookies

The specific notice describing the use of cookies by this site is available in the document “Cookie Policy”.

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.