[Last Update: January 21st, 2019]
Sweet Legal Tech Academy Società S.r.l.s. (hereinafter “Company”, “Sweet Legal Tech” or “SLT“) is accordingly committed to protecting personal data collected through the use of its website www.sweetlegaltech.com (“Website”), according to the EU General Data Protection Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing the Directive 95/46/EC (“GDPR”) and any national legislation in force on personal data protection (“National Data Protection Laws”).
2. Controller and contact details.
The Company processes Personal Data as a Controller as defined in the GDPR and in the National Data Protection Laws.
Contact details: Sweet Legal Tech S.r.l., Piazza del Duomo 20, 20122, Milan, Italy. [email protected]
3. Data subjects and scope of application
Company processing activities relate to:
(i) any individual visiting the Website (“Visitors”); and
(ii) any individual/entity with which Company establishes relationships, when registering for Company events and/or signing up for information, informational materials, newsletters and other communications (“Users”).
4. Types and source of processed Personal Data
Company processes Visitors’ and Users’ Personal Data, that consist of common Personal Data.
The Personal Data provided by Visitors and Users include:
a. Navigation data, such as IP addresses, domain names of the computers used by any Visitor connecting with the Website, the URI (Uniform Resource Identifier) addresses of requested resources, the time of request, the server query method, the answered file dimension, the server status code (good, error etc.), other parameters related to the Visitors’ operating system and informatics environment; these data, however, will only be used to extract anonymous statistical information on the Website and its functionalities and will be immediately cancelled at the end of the respective processing activity;
b. Personal Data provided voluntarily by Users, such as first name and surname (including first name and surname of the legal representative of the Company/entity for which Users are working), company and position within the company, tax and VAT code numbers, location/domicile (also for tax purposes), contact details (including email addresses, mobile numbers), bank accounts details and/or data referred to payments etc. Company will also ask for invoice details in order to proceed to its invoicing duties.
5. Purposes of processing the Personal Data. Legal basis. Period of data retention
The Controller processes Personal Data for the following purposes, as specified here in below, in which is furthermore highlighted (a) the legal basis which justifies the processing and (b) the period of data retention:
|Purpose||a) Legal Basis||b) Data Retention|
|1. Recruit and select applicants||Performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.|
|2. Send communications and reply to queries concerning the Company Activities||Consent||For the period of time necessary to reply and however to enforce Company’s rights|
|3. Allow the Controller to accomplish all formalities required by law, including those of administrative and tax/fiscal nature||Legal obligation||Until the expiry of the data retention period, as provided by the applicable law|
|4. Send newsletters of a general informational, promotional and advertising nature and/or other materials for marketing communication purposes, in relation to the Website’s functionalities.||Consent||Until the withdrawal of consent or until a denial has been communicated|
|4. Improve the Website by analyzing how Visitors and/or Users navigate and/or use the Website||Not applicable||Not applicable (aggregate or anonymous data)|
6. Methods of processing.
The Personal Data of Data Subjects are processed almost exclusively through automated procedures, by using computerized systems and softwares or, in a limited number of cases, through manual means (e.g. on paper), provided however that in any event such Personal Data are processed adopting methods which are strictly related to the purposes for which such data have been collected and anyway to ensure their security, in accordance with the GDPR and the National Data Protection Laws.
7. Recipients and transfers of Personal Data
8. Data Subjects’ rights
Under Articles 15 and following of the GDPR, you, as a data subject, are entitled to request from the Company, at any time, access to your Personal Data, the correction and erasure of your Personal Data, as well as to object to its processing. You are also entitled to request the restriction of the processing of your Personal Data in the cases set out in Article 18 of the Regulation, as well as to obtain the Personal Data you have provided to the Company in a structured, commonly used and machine-readable format, in the cases set out in Article 20 of the Regulation. Requests must be sent in writing to the Data Controller at the following address: [email protected]
In any case, you are always entitled to lodge a complaint with the competent supervisory authority (Garante per la Protezione dei Dati Personali), under Art. 77 of the Regulation, if you believe that the Data Controller’s processing of your Personal Data is in violation of the applicable law.