Skip to content
Close
LANGUAGE – en
it
Book a call
en
it
Book a call

PRIVACY POLICY


Dear User,

This Privacy Policy has been created pursuant to the European Data Protection Regulation No. 679 of April 27, 2016 (hereinafter GDPR) and the legislative provisions of the Republic of South Africa contained in the Protection of Personal Information Act 4 of 2013 (hereinafter POPIA).

Unless linked to another policy or unless otherwise provided, this Privacy Policy applies when you visit or use the website https://power2cloud.com/

Therefore, in accordance with Article 13 of Reg. 679/2016, the following information is provided:


Art. 1 - Data controller

1.1 In accordance with the Regulation, your personal data will be processed by power2Cloud S.r.l., with registered office in Corso Buenos Aires, 77 - 20124 Milan, P.IVA 09669790967 reachable at the e-mail address privacy@power2cloud.com , hereinafter powe2Cloud.


Art. 2 - Data subject to processing

2.1 The Personal Data subject to processing belong to the following categories:

  • common and contact data provided by the Data Subject following the purchase of the services and/or products offered by power2Cloud or the completion of the appropriate forms on the site to request information, identifiable by way of example in the following data: first and last name, e-mail address, telephone number, place and date of birth, residence, postal code, billing address;
  • browsing data: browsing metadata collected, through first-party and third-party tools, when the Data Subject visits or uses the website https://power2cloud.com/;
  • data extracted from profiling cookies: behaviors and preferences manifested by the user during navigation aimed at creating specific profiles in which the aforementioned information is stored;
  • where there is, pending the execution of the activities you requested, the need to process additional data, not falling into the above category, you will be promptly notified by power2Cloud.



Art. 3 - Purposes, legal basis of the processing and nature of the provision of data

3.1 The aforementioned Personal Data will be processed by the Data Controller for the following purposes:

a. management of contractual relationships with Customers, the processing of which is made necessary by the execution of contracts to which the Data Subject is a party or the execution of pre-contractual measures taken at the request of the Data Subject, ex art. 6 lett. b) of Reg. 679/2016; by way of example only, activities such as: execution of services purchased by the Customer, exchange of information with the Customer, processing of requests for quotes, etc.... fall within the aforementioned purpose;

b. management of accounting and tax aspects, the processing of which is necessary for the Holder's compliance with the legal obligations in tax and fiscal matters placed on him, ex art. 6 lett. c) of Reg. 679/2016;

c. marketing purposes, the processing of which takes place exclusively on explicit consent provided by the Data Subject by flagging the appropriate box in the Forms on the site to request information, ex art. 6 lett a) of Reg. 679/2016; the marketing activity, to which the Data Subject consents, has as its object the sending of e-mails, WhatsApp messages, SMS containing offers and information on specific services provided by power2Cloud or promotional calls by telephone;

d. carry out activities of statistical analysis and profiling of its habits in order to propose personalized commercial offers, the processing of which takes place exclusively upon explicit consent provided by the Data Subject by clicking on the appropriate box within the banner on the website https://power2cloud.com/, ex art. 6 lett a) of Reg. 679/2016;

3.2 The provision of data processed for the purposes referred to in letters a) and b) of the preceding paragraph is mandatory, as it is necessary, respectively, for the execution of a contract or the fulfillment of legal purposes. On the contrary, the provision of data for marketing purposes, referred to in letters c) and d) of the preceding paragraph, is merely optional in nature, not affecting the performance of the services requested.


Art. 4 - Modalities of data processing

4.1 In relation to the above-mentioned purposes, the data are subject to computer and paper processing.The data will be included in the records and registers required by law and will be transmitted, where necessary, to the financial offices in compliance with the law.

All data processing operations are implemented in such a way as to ensure the integrity, confidentiality and availability of personal data.

4.2 With regard to the processing of data by computer and electronic means, data may be processed by means of all or some computer tools, the Privacy Policy of which can be viewed at the following links:

  • https://www.adobe.com/privacy/policy.html;
  • https://policies.google.com/privacy?hl=en-US;
  • https://www.facebook.com/privacy/policy/;
  • https://www.youtube.com/howyoutubeworks/our-commitments/protecting-user-data/;
  • https://twitter.com/en/privacy;
  • https://www.linkedin.com/legal/privacy-policy;
  • https://policy.pinterest.com/en;
  • https://clearbit.com/privacy-policy;
  • https://legal.hubspot.com/privacy-policy;
  • https://privacy.microsoft.com/en-us/privacystatement;
  • https://www.whatsapp.com/privacy;
  • https://automattic.com/privacy/;
  • https://www.cookiebot.com/it/privacy;
  • https://matomo.org/matomo-cloud-privacy-policy/;
  • https://spoki.it/privacy-policy/ .

4.3 The Data Controller, in accordance with Article 28 of the GDPR, may appoint an external data processor for the processing of data and in particular for the activities of: storage, organization, structuring, consultation, processing, selection, extraction, comparison, interconnection, communication, use, blocking, dissemination, deletion and destruction of personal data collected and recorded by the Data Controller.


Article 5 - Period of retention of personal data.

5.1 The retention period for the data covered by this Privacy Policy is:

  • 10 years from the conclusion of the contract, in reference to data processed for the purpose referred to in Article 3, paragraph 1 letter a);
  • 10 years from the conferment in reference to the data processed for the purpose referred to in Article 3, paragraph 1 letter b);
  • 3 years from the conferment in reference to the data conferred for the purpose of Article 3, paragraph 1 lett. c);
  • 3 years from the conferment in reference to the data conferred for the purpose of Article 3, paragraph 1 lett. d).



Art. 6 - Recipients and transfer of personal data

6.1 The data may be communicated to:

  • all subjects to whom the right of access to such data is recognized by virtue of regulatory provisions;
  • to our collaborators and employees;
  • subjects managing the computer system;
  • parties appointed by the Data Controller as external data processors for the processing of personal data;
  • to all those natural and/or legal, public and/or private persons when the communication is necessary or functional for the establishment and management of the relationship, in the manner and for the purposes explained above.

6.2 Generally, the chosen service providers operate through data centers located on the territory of the European Union.

Beyond the above, the Data Subject's data will be transferred to service providers whose data centers are located in the territory of the United States of America.

With regard to the transfer of data to Third Countries, the Data Controller informs that the processing will take place according to one of the modalities allowed by the law in force, such as the consent of the Data Subject, the adoption of Standard Clauses approved by the European Commission, the selection of subjects adhering to international programs for the free circulation of data or operating in countries considered safe by the European Commission. It is possible to have more information, upon request, from the Data Controller at the contacts indicated above.


Art. 7 - Rights of the Data Subject

7.1 We inform you that as a Data Subject, in addition to the right to lodge a complaint with a Supervisory Authority, you also have the rights listed below, in accordance with the provisions of Regulation No. 679/2016.

Article 15-Right of access

The Data Subject has the right to obtain from the Data Controller confirmation as to whether or not personal data concerning him or her is being processed, and if so, to obtain access to the personal data and information regarding the processing.

Article 16 - Right of rectification

The Data Subject has the right to obtain from the Data Controller the rectification of inaccurate personal data concerning him/her without undue delay. Taking into account the purposes̀ of the processing, the Data Subject has the right to obtain the integration of incomplete personal data, including by providing a supplementary declaration.

Article 17 - Right to erasure (right to be forgotten)

The Data Subject has the right to obtain from the Data Controller the erasure of personal data concerning him/her without undue delay, and the Data Controller is obliged to erase the personal data without undue delay.

Article 18 - Right to limitation of processing.

The Data Subject has the right to obtain from the Data Controller the limitation of processing when one of the following cases occurs:

(a) the Data Subject disputes the accuracy of the personal data, for the period necessary for the Data Controller to verify the accuracy of such personal data;

b) the processing is unlawful and the Data Subject objects to the deletion of the personal data and instead requests that its use be restricted;

c) although the Data Controller no longer needs the personal data for the purposes of processing, the personal data are necessary to the Data Subject for the establishment, exercise or defense of a right in court; d) the Data Subject has objected to the processing in accordance with Article 21(1), pending verification as to whether the Data Controller's legitimate reasons prevail over those of the Data Subject. Art. 20 - Right to data portability

The Data Subject has the right to receive in a structured, commonly used and machine-readable format the personal data concerning him/her provided to a Data Controller and has the right to transmit such data to another Data Controller without hindrance from the Data Controller to whom he/she provided them. When exercising his or her rights with regard to data portability under paragraph 1, the Data Subject has the right to obtain the direct transmission of personal data from one Data Controller to another, if technically feasible.

Article 21 - Right to object

The Data Subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her pursuant to Article 6(1)(e) or (f), including profiling on the basis of these provisions.

Article 22 - Right not to be subject to automated decision-making, including profiling

The Data Subject shall have the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

7.2 The rights referred to in the preceding paragraph may be enforced by means of a written request submitted by the Data Subject to the e-mail address privacy@power2cloud.com . It may take up to thirty days to receive a response. For the protection of the Interested Party, there may be a need to verify his/her identity before implementing the request.

LAST UPDATE DATE: 12/04/2024